Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa
File: fc353215-935f-47d2-9298-767ccc0eae1a.roa (raw, json)
Hash identifier: H9ZP4iqYEt4Z0eQ/f15LtluXhYHatWY65FoyJ5Xg0GY=
Subject key identifier: 01:E3:7C:7C:63:F4:60:C3:43:98:87:81:04:8E:E2:77:13:72:69:2B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1594ED3CADFD47A6C99DB04DFB56E393F8ACBC9E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 85.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:94:ed:3c:ad:fd:47:a6:c9:9d:b0:4d:fb:56:e3:93:f8:ac:bc:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=7379d1f514262cbb7525d1ed6840ff747cff08af9850c254d95ca0efa2909fbe, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fc:35:e0:0a:b7:53:7f:09:0f:a2:99:ac:3c:
5a:ba:bd:61:9b:38:e5:69:20:8f:0d:cd:b0:37:ce:
d6:66:75:eb:00:d6:0e:d7:a8:2a:a7:11:50:91:c3:
b1:e8:94:6c:4a:50:ba:83:11:06:46:fb:42:be:9e:
6f:af:d1:da:cf:9b:9d:d6:9f:e9:26:33:8e:1a:79:
51:88:c4:37:f6:7a:c0:52:d4:a9:ae:48:5c:5f:0e:
e9:0c:7d:30:3c:ed:65:69:33:5d:34:20:10:9d:8a:
30:eb:34:79:f6:01:1b:dc:4d:3b:9b:65:a2:dc:86:
76:5a:00:ac:8f:e7:f7:df:1a:5f:f6:b6:34:06:66:
f4:5d:6e:a7:d5:b5:db:88:97:7b:0d:c5:40:ff:38:
a0:9a:ae:19:79:45:45:a8:c0:7f:bd:12:4a:ff:47:
66:c9:f2:b1:9b:93:5f:4d:45:9a:40:8d:bb:85:87:
4d:ec:21:46:6d:5b:7c:63:09:10:56:cf:ad:25:6a:
e1:6c:1f:76:db:b1:52:21:68:7e:88:a1:21:af:5f:
99:2b:01:da:7e:61:12:eb:3f:bb:17:b0:0b:9c:c8:
7a:71:b5:4c:2c:21:f6:0b:bc:b1:c3:9f:32:cf:dc:
a7:77:24:23:58:e2:5e:60:c4:64:aa:fe:92:3c:88:
28:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:E3:7C:7C:63:F4:60:C3:43:98:87:81:04:8E:E2:77:13:72:69:2B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cc:77:b0:c7:a1:3a:7f:0e:78:d3:ec:e5:37:fc:11:4b:d4:a7:
9b:a7:3a:81:bd:ec:ed:1e:81:0b:1c:23:6c:2a:8c:a2:6f:05:
44:4b:50:d3:c9:ff:37:1b:ea:e9:4b:41:2e:7b:2c:70:64:96:
1b:fc:ab:40:37:2f:26:5c:87:3c:27:c7:14:e3:6c:35:11:9c:
eb:bb:f9:e6:76:82:7b:e9:cf:c2:19:26:88:83:c8:ce:85:c0:
16:cc:88:39:75:89:f0:ab:7c:34:17:82:88:b3:cd:d8:a1:af:
95:16:69:4f:c3:08:4f:1b:72:c2:9f:5b:a1:4f:44:7f:10:23:
3f:42:8a:27:68:ed:4d:3a:60:7c:9c:c6:c9:24:cd:9e:b4:92:
62:c3:fc:0f:62:00:66:55:9b:c7:23:e5:95:46:16:6e:65:87:
a1:ea:ff:98:a7:d3:62:c5:46:da:5c:b9:68:15:b6:dd:c1:cd:
ca:86:72:9e:80:8e:ac:65:a7:02:c7:ac:0f:45:53:82:fd:49:
ee:22:b1:c3:de:35:0b:8d:e4:61:75:8c:0b:c3:e6:d4:80:69:
10:86:00:d9:06:4a:07:38:6e:6e:c6:48:0d:66:df:4b:b9:8a:
ff:76:3d:a6:51:3f:2e:d6:3c:1b:10:9e:44:2c:e6:05:94:45:
b6:3f:ad:25
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFZTtPK39R6bJnbBN+1bjk/isvJ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDczNzlkMWY1MTQyNjJjYmI3NTI1ZDFlZDY4NDBmZjc0N2NmZjA4YWY5ODUw
YzI1NGQ5NWNhMGVmYTI5MDlmYmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALb8NeAKt1N/CQ+imaw8Wrq9YZs45Wkgjw3NsDfO1mZ16wDWDteoKqcRUJHD
seiUbEpQuoMRBkb7Qr6eb6/R2s+bndaf6SYzjhp5UYjEN/Z6wFLUqa5IXF8O6Qx9
MDztZWkzXTQgEJ2KMOs0efYBG9xNO5tlotyGdloArI/n998aX/a2NAZm9F1up9W1
24iXew3FQP84oJquGXlFRajAf70SSv9HZsnysZuTX01FmkCNu4WHTewhRm1bfGMJ
EFbPrSVq4WwfdtuxUiFofoihIa9fmSsB2n5hEus/uxewC5zIenG1TCwh9gu8scOf
Ms/cp3ckI1jiXmDEZKr+kjyIKFsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQB43x8
Y/Rgw0OYh4EEjuJ3E3JpKzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmMzNTMyMTUtOTM1Zi00N2QyLTkyOTgtNzY3Y2NjMGVhZTFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFWXMA0G
CSqGSIb3DQEBCwUAA4IBAQDMd7DHoTp/DnjT7OU3/BFL1KebpzqBveztHoELHCNs
KoyibwVES1DTyf83G+rpS0EueyxwZJYb/KtANy8mXIc8J8cU42w1EZzru/nmdoJ7
6c/CGSaIg8jOhcAWzIg5dYnwq3w0F4KIs83Yoa+VFmlPwwhPG3LCn1uhT0R/ECM/
QoonaO1NOmB8nMbJJM2etJJiw/wPYgBmVZvHI+WVRhZuZYeh6v+Yp9NixUbaXLlo
Fbbdwc3KhnKegI6sZacCx6wPRVOC/UnuIrHD3jULjeRhdYwLw+bUgGkQhgDZBkoH
OG5uxkgNZt9LuYr/dj2mUT8u1jwbEJ5ELOYFlEW2P60l
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:33 2023 by rpki-client on console-fra.rpki-client.org