Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
File: fc50f617-7597-4f4e-b8f6-87763b28caf0.roa (raw, json)
Hash identifier: RmdxntwWOSJ5gPxotZUBgv+nvsiJ26/njX/V3OdLkvI=
Subject key identifier: 61:3C:39:5A:4B:3B:5B:07:47:0F:99:8A:47:3A:7A:E9:33:90:A5:29
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 22D4CBD877C3888708D613737606307730277931
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.121.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:d4:cb:d8:77:c3:88:87:08:d6:13:73:76:06:30:77:30:27:79:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=833496182fae07a47b5010b09d0cf13efd1272833725cffd86ec567afe7888c4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5b:1e:d8:ca:0c:7d:fb:9f:83:81:2a:2c:a6:
37:4d:4e:44:eb:f5:f4:de:65:91:c9:5e:82:38:4d:
40:28:18:c4:02:a2:56:32:ae:8a:a9:27:27:9b:e4:
ca:05:ef:af:96:dc:d8:39:4f:ea:40:b3:3a:24:f8:
12:4f:87:6f:3d:30:ef:ea:ab:66:6c:9f:cf:b8:36:
89:5a:82:0b:e0:38:20:8d:7e:62:1e:ff:1f:3e:d2:
b4:92:6c:0d:ad:54:16:56:f1:f5:a4:3d:bc:c7:1c:
7a:43:76:4a:af:44:d1:ad:27:26:f2:7f:65:eb:16:
18:b1:f4:8c:95:da:dc:9b:94:d5:19:90:d3:cf:18:
9a:d0:54:93:68:03:eb:ed:05:e8:c5:03:ce:99:5d:
c3:55:51:bd:9d:b1:95:b4:3a:51:fc:96:46:44:12:
1f:85:a6:8f:ab:73:4d:74:0f:07:5b:de:4e:5d:53:
92:96:ff:39:41:89:ec:91:be:ef:8f:74:c3:e9:72:
76:3a:b0:2a:65:62:81:62:9a:a3:58:b6:66:66:20:
44:d4:82:d6:a6:2d:50:43:3c:a0:9c:68:73:6f:67:
98:2a:e4:0a:6b:e4:6b:bc:78:0c:08:fa:10:99:29:
8d:90:38:8a:51:4a:7c:e0:da:69:80:19:58:01:59:
67:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:3C:39:5A:4B:3B:5B:07:47:0F:99:8A:47:3A:7A:E9:33:90:A5:29
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.121.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bf:74:7a:ca:91:1b:5d:01:3e:75:d6:34:18:cd:be:39:b9:6f:
28:78:a7:c3:fe:39:d7:f3:8d:c1:d8:01:2f:dd:ad:86:6a:1e:
d9:f0:22:dc:74:0f:29:6f:c6:48:43:fc:78:c8:5e:7e:1a:db:
ab:5d:4f:8c:3b:d7:f7:2c:38:1c:c4:6e:d4:57:43:13:36:9e:
5e:8e:f2:d7:89:d3:2a:b8:ec:ee:49:6a:81:c9:a0:8b:14:7a:
50:08:bb:9c:1b:1d:20:f9:c8:3b:2b:54:bb:69:d8:ec:9d:bc:
19:b7:e2:52:77:c4:1f:e3:2c:73:34:c7:b8:6c:f3:40:62:bd:
6a:0e:c2:d2:3f:41:34:43:f0:c7:46:d7:91:85:9a:67:69:c2:
e7:3c:27:8f:84:55:7d:9f:d8:75:35:ae:e8:81:bc:25:80:56:
2f:91:63:87:7b:31:ab:8d:67:cd:09:a5:e3:3c:76:6b:87:07:
05:97:46:05:ee:1d:67:d0:4d:4f:ba:cc:7b:2d:6f:dc:d6:f9:
83:29:40:f6:29:5a:b5:5a:5e:2e:e6:48:4c:b8:69:a8:9f:fc:
49:7a:5b:6a:29:1b:04:eb:b3:23:bb:a6:36:09:07:7d:d3:4c:
a2:95:b3:0c:47:e9:c8:3a:5c:7c:a6:d4:10:2c:0c:eb:1b:ec:
18:4e:a3:3b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUItTL2HfDiIcI1hNzdgYwdzAneTEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzMzQ5NjE4MmZhZTA3YTQ3YjUwMTBiMDlkMGNmMTNlZmQxMjcyODMzNzI1
Y2ZmZDg2ZWM1NjdhZmU3ODg4YzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJZbHtjKDH37n4OBKiymN01OROv19N5lkclegjhNQCgYxAKiVjKuiqknJ5vk
ygXvr5bc2DlP6kCzOiT4Ek+Hbz0w7+qrZmyfz7g2iVqCC+A4II1+Yh7/Hz7StJJs
Da1UFlbx9aQ9vMccekN2Sq9E0a0nJvJ/ZesWGLH0jJXa3JuU1RmQ088YmtBUk2gD
6+0F6MUDzpldw1VRvZ2xlbQ6UfyWRkQSH4Wmj6tzTXQPB1veTl1Tkpb/OUGJ7JG+
7490w+lydjqwKmVigWKao1i2ZmYgRNSC1qYtUEM8oJxoc29nmCrkCmvka7x4DAj6
EJkpjZA4ilFKfODaaYAZWAFZZ58CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRhPDla
SztbB0cPmYpHOnrpM5ClKTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmM1MGY2MTctNzU5Ny00ZjRlLWI4ZjYtODc3NjNiMjhjYWYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN5MA0G
CSqGSIb3DQEBCwUAA4IBAQC/dHrKkRtdAT511jQYzb45uW8oeKfD/jnX843B2AEv
3a2Gah7Z8CLcdA8pb8ZIQ/x4yF5+GturXU+MO9f3LDgcxG7UV0MTNp5ejvLXidMq
uOzuSWqByaCLFHpQCLucGx0g+cg7K1S7adjsnbwZt+JSd8Qf4yxzNMe4bPNAYr1q
DsLSP0E0Q/DHRteRhZpnacLnPCePhFV9n9h1Na7ogbwlgFYvkWOHezGrjWfNCaXj
PHZrhwcFl0YF7h1n0E1Pusx7LW/c1vmDKUD2KVq1Wl4u5khMuGmon/xJeltqKRsE
67Mju6Y2CQd900yilbMMR+nIOlx8ptQQLAzrG+wYTqM7
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:33 2023 by rpki-client on console-fra.rpki-client.org