Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/156cb8b7-b25d-44ed-8f7a-44e741154b2e.roa
File: 156cb8b7-b25d-44ed-8f7a-44e741154b2e.roa (raw, json)
Hash identifier: MeJMYA6tKGQ/PThQBNrY5KYI0XIQwPLeMdH4KNF7nfo=
Subject key identifier: 24:52:A5:F8:C6:55:1E:4C:3D:32:4F:7A:28:03:95:8A:AE:6E:2E:33
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1F0F853DE73D405B85C9BA7C9D93315DBB07C4A9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/156cb8b7-b25d-44ed-8f7a-44e741154b2e.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.44.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:0f:85:3d:e7:3d:40:5b:85:c9:ba:7c:9d:93:31:5d:bb:07:c4:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=aa218da6d2f261f089c83793b8e062735147f975eecb01180230367fb7cafe48, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:54:f3:d3:a6:74:e6:37:33:31:50:50:8d:fe:
47:b3:74:40:b7:4e:8e:e7:82:64:65:f3:a1:22:7c:
63:23:0c:c5:fb:0c:14:3d:29:fe:64:bb:47:41:cc:
4c:6b:13:c4:40:87:c1:38:ec:0f:d1:e7:8d:c0:34:
8e:9e:6e:bd:b3:4b:d8:aa:0d:b8:3e:41:91:93:c8:
d3:03:c5:42:e3:a6:74:f4:18:5d:9a:5c:5b:e6:0e:
d9:1c:1e:0f:54:ef:e6:79:ea:75:a0:95:a0:cc:42:
b8:b0:78:44:58:35:d6:fd:62:45:f8:e8:49:94:c7:
5f:d0:a5:2e:ca:f9:97:e4:8c:ee:78:c0:7b:41:0d:
a1:c2:fa:b9:eb:73:c9:cb:e8:ff:4c:93:24:f1:ee:
cf:65:3f:94:f4:2e:51:4d:6b:e7:11:36:60:bd:c1:
57:de:96:f5:72:00:95:65:3c:42:be:bf:d1:7c:fd:
31:58:53:a2:de:75:74:5c:8a:49:30:1d:4e:87:a2:
1a:36:1d:da:62:b6:95:c0:61:17:e8:98:33:42:3d:
e7:73:b5:41:9c:85:11:59:cf:02:d1:02:e7:1f:41:
b9:37:31:c2:ae:fb:1c:8c:26:d8:3b:b7:aa:a0:db:
d7:06:47:72:8d:8c:b0:61:80:bd:eb:e2:6e:13:08:
17:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:52:A5:F8:C6:55:1E:4C:3D:32:4F:7A:28:03:95:8A:AE:6E:2E:33
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/156cb8b7-b25d-44ed-8f7a-44e741154b2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/14
Signature Algorithm: sha256WithRSAEncryption
b9:1f:c9:74:c7:ca:20:d2:dc:95:da:0f:ad:bd:da:70:29:ca:
c7:0d:11:cd:92:e8:77:8b:cd:8e:9e:1c:5f:ce:94:a4:ad:52:
3f:a7:76:a7:75:6f:7a:78:18:64:f9:c2:84:0c:73:de:b3:75:
69:5e:5b:64:a1:21:de:89:80:d2:70:67:6f:b9:30:04:c1:ca:
e0:52:40:8a:da:61:e4:90:ff:2e:07:37:46:16:b5:d3:03:19:
a9:b5:50:54:d8:63:46:b1:39:57:18:5f:b7:8f:0e:78:00:5e:
7d:d8:f9:b0:49:91:9e:83:83:cb:83:87:6f:3e:56:85:4d:d1:
cb:38:c5:cd:b0:18:32:9e:5f:7d:c8:80:e8:fd:3d:21:22:5a:
bf:be:16:2b:4a:05:a2:5a:7e:9b:f3:26:83:1f:de:95:65:bd:
10:9f:ef:6c:ad:9f:4b:9a:5f:6a:c1:f2:4c:9b:40:ae:6e:32:
f2:76:d2:c4:06:b2:59:5c:ee:76:d5:b7:a4:0a:f5:c6:0e:52:
47:02:8f:9b:14:35:85:57:fd:af:c2:60:9f:3b:96:64:8b:ec:
4b:74:fe:11:9c:f3:57:0d:98:74:f9:42:bb:92:a1:a6:bf:86:
d9:ec:af:93:bf:8c:5d:58:09:d1:3e:93:3f:b5:f8:36:99:d1:
a2:6b:c7:96
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHw+FPec9QFuFybp8nZMxXbsHxKkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhMjE4ZGE2ZDJmMjYxZjA4OWM4Mzc5M2I4ZTA2MjczNTE0N2Y5NzVlZWNi
MDExODAyMzAzNjdmYjdjYWZlNDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlU89OmdOY3MzFQUI3+R7N0QLdOjueCZGXzoSJ8YyMMxfsMFD0p/mS7R0HM
TGsTxECHwTjsD9HnjcA0jp5uvbNL2KoNuD5BkZPI0wPFQuOmdPQYXZpcW+YO2Rwe
D1Tv5nnqdaCVoMxCuLB4RFg11v1iRfjoSZTHX9ClLsr5l+SM7njAe0ENocL6uetz
ycvo/0yTJPHuz2U/lPQuUU1r5xE2YL3BV96W9XIAlWU8Qr6/0Xz9MVhTot51dFyK
STAdToeiGjYd2mK2lcBhF+iYM0I953O1QZyFEVnPAtEC5x9BuTcxwq77HIwm2Du3
qqDb1wZHco2MsGGAvevibhMIF6cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQkUqX4
xlUeTD0yT3ooA5WKrm4uMzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTU2Y2I4YjctYjI1ZC00NGVkLThmN2EtNDRlNzQxMTU0YjJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMsMA0G
CSqGSIb3DQEBCwUAA4IBAQC5H8l0x8og0tyV2g+tvdpwKcrHDRHNkuh3i82Onhxf
zpSkrVI/p3andW96eBhk+cKEDHPes3VpXltkoSHeiYDScGdvuTAEwcrgUkCK2mHk
kP8uBzdGFrXTAxmptVBU2GNGsTlXGF+3jw54AF592PmwSZGeg4PLg4dvPlaFTdHL
OMXNsBgynl99yIDo/T0hIlq/vhYrSgWiWn6b8yaDH96VZb0Qn+9srZ9Lml9qwfJM
m0CubjLydtLEBrJZXO521bekCvXGDlJHAo+bFDWFV/2vwmCfO5Zki+xLdP4RnPNX
DZh0+UK7kqGmv4bZ7K+Tv4xdWAnRPpM/tfg2mdGia8eW
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org