Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0ad4a04d-fea6-4341-bc93-2743f2493a1e.roa
File: 0ad4a04d-fea6-4341-bc93-2743f2493a1e.roa (raw, json)
Hash identifier: CmbtpbzAb95Klzr7wLAxXvnnan3xU+PWKHk3MTkJKlg=
Subject key identifier: A2:BF:1D:68:62:40:BB:BA:96:B4:BC:E0:8E:B4:22:7C:C7:30:43:EF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 15A72D6C49D0FC639E2DF71ED5BAC593DF7AE169
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0ad4a04d-fea6-4341-bc93-2743f2493a1e.roa
Signing time: Mon 17 Jun 2024 00:00:00 +0000
ROA not before: Mon 17 Jun 2024 00:00:00 +0000
ROA not after: Mon 22 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.92.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:a7:2d:6c:49:d0:fc:63:9e:2d:f7:1e:d5:ba:c5:93:df:7a:e1:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:00:00 2024 GMT
Not After : Jul 22 23:59:59 2024 GMT
Subject: serialNumber=2c473b5f122c2a6025dc03aa68a93ce8e7dea928273efa81feba853ee7bf4288, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:67:30:d6:f8:e1:f2:c6:ee:bd:6a:57:de:a6:
9e:56:88:e6:44:69:d7:a8:8d:34:a7:93:16:e4:9e:
4c:67:6a:fd:02:f3:21:7d:a6:e4:5d:66:1f:9b:3c:
a6:84:0f:99:2e:be:bd:c8:cd:69:0f:30:d2:7f:f5:
1c:a4:e0:db:bc:39:64:4f:20:f8:9b:c9:60:a0:e4:
2e:17:69:a6:45:2e:56:5d:90:95:39:7c:8e:df:77:
8c:d4:48:b3:19:e9:eb:bb:c1:03:67:59:8e:d0:f7:
b4:91:79:05:09:12:ba:3b:9f:67:be:05:aa:b0:1a:
f0:39:9f:5c:58:1e:0a:0b:43:a7:a3:b5:e1:78:6a:
41:28:fd:85:5b:0c:93:c6:2e:7b:2a:14:04:fd:09:
7e:43:c1:9f:e2:a7:5c:9e:4a:c0:81:12:a5:4f:21:
8d:22:87:25:d1:72:38:8f:42:9e:f2:65:f0:1f:fd:
be:c9:80:3c:c5:71:fc:f5:bc:57:6e:55:ff:63:94:
0a:2d:41:50:f8:18:0e:19:2a:f4:00:aa:ce:31:15:
c6:a0:84:f2:e8:aa:40:8b:e0:43:22:07:d4:6c:7b:
15:61:84:09:80:8f:ed:aa:6c:9f:07:95:d7:c3:51:
2d:74:f5:46:d6:50:80:40:a2:d0:82:a1:4a:8e:87:
1b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:BF:1D:68:62:40:BB:BA:96:B4:BC:E0:8E:B4:22:7C:C7:30:43:EF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0ad4a04d-fea6-4341-bc93-2743f2493a1e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/14
Signature Algorithm: sha256WithRSAEncryption
d3:52:a0:90:f3:ac:c0:ee:31:0c:a0:f6:df:e0:57:28:d5:71:
f2:35:ff:7e:ce:7a:3c:3b:7f:e0:a1:25:b1:2e:76:cb:d8:56:
bc:3a:44:de:59:0e:80:82:19:fa:fb:b6:29:d8:d3:77:70:79:
aa:e6:6f:dd:ea:30:be:f7:bb:5d:26:bf:00:ba:3e:51:af:68:
d2:35:28:4f:2f:7f:fc:57:72:6d:67:6d:98:e7:c4:5f:30:be:
90:ea:89:c4:2a:d7:2c:d8:8c:18:a6:cc:46:c8:db:44:5f:f4:
73:04:6a:a6:60:2b:fb:c0:00:0a:ab:a3:2c:10:f8:b5:91:e6:
bc:02:b8:cf:a0:c4:bf:9f:d5:98:1f:cf:4a:8d:b2:75:b1:11:
bf:84:13:dc:06:20:04:d2:db:92:fe:ff:04:64:02:b8:a2:81:
c4:84:3b:5e:d1:83:92:78:13:d5:90:b6:12:39:5f:52:ee:c9:
da:c0:eb:43:66:fb:9a:f7:a6:b9:6e:4a:06:d4:72:88:8a:73:
4c:20:ec:48:2d:96:7b:d9:73:f9:79:44:3b:d2:9a:52:02:ae:
f8:b6:e6:f4:e6:d9:56:36:1d:db:a1:7d:20:36:dc:1f:c0:a6:
04:73:c6:c7:b2:7e:c9:14:b3:74:18:f7:d9:de:ff:d4:96:70:
b6:49:8d:4c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFactbEnQ/GOeLfce1brFk9964WkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTcwMDAwMDBaFw0yNDA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjNDczYjVmMTIyYzJhNjAyNWRjMDNhYTY4YTkzY2U4ZTdkZWE5MjgyNzNl
ZmE4MWZlYmE4NTNlZTdiZjQyODgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANRnMNb44fLG7r1qV96mnlaI5kRp16iNNKeTFuSeTGdq/QLzIX2m5F1mH5s8
poQPmS6+vcjNaQ8w0n/1HKTg27w5ZE8g+JvJYKDkLhdppkUuVl2QlTl8jt93jNRI
sxnp67vBA2dZjtD3tJF5BQkSujufZ74FqrAa8DmfXFgeCgtDp6O14XhqQSj9hVsM
k8YueyoUBP0JfkPBn+KnXJ5KwIESpU8hjSKHJdFyOI9CnvJl8B/9vsmAPMVx/PW8
V25V/2OUCi1BUPgYDhkq9ACqzjEVxqCE8uiqQIvgQyIH1Gx7FWGECYCP7apsnweV
18NRLXT1RtZQgECi0IKhSo6HGzECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSivx1o
YkC7upa0vOCOtCJ8xzBD7zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGFkNGEwNGQtZmVhNi00MzQxLWJjOTMtMjc0M2YyNDkzYTFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNcMA0G
CSqGSIb3DQEBCwUAA4IBAQDTUqCQ86zA7jEMoPbf4Fco1XHyNf9+zno8O3/goSWx
LnbL2Fa8OkTeWQ6Aghn6+7Yp2NN3cHmq5m/d6jC+97tdJr8Auj5Rr2jSNShPL3/8
V3JtZ22Y58RfML6Q6onEKtcs2IwYpsxGyNtEX/RzBGqmYCv7wAAKq6MsEPi1kea8
ArjPoMS/n9WYH89KjbJ1sRG/hBPcBiAE0tuS/v8EZAK4ooHEhDte0YOSeBPVkLYS
OV9S7snawOtDZvua96a5bkoG1HKIinNMIOxILZZ72XP5eUQ70ppSAq74tub05tlW
Nh3boX0gNtwfwKYEc8bHsn7JFLN0GPfZ3v/UlnC2SY1M
-----END CERTIFICATE-----
Generated at Wed Jun 26 02:44:39 2024 by rpki-client on console-fra.rpki-client.org