Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
File: 2db57b82-f8e4-4b85-a46a-befecb4774c0.roa (raw, json)
Hash identifier: 9mcw2RC8L37l13C6JiPQ8tf/G5HsHzeucAbbJqOvasY=
Subject key identifier: 78:63:F8:5A:A3:C2:DD:4E:35:45:BA:15:9C:58:A1:53:A4:F0:FE:1E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7B91B756A630A1F2B2F7B68849F134BB4BDAA616
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.32.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:91:b7:56:a6:30:a1:f2:b2:f7:b6:88:49:f1:34:bb:4b:da:a6:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=b623e16fc2e630892060f0f07ada1574cca2e4fb8744d7591b1f19c61a1626e4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a5:bc:34:31:4d:b2:98:2d:dc:e7:06:06:d8:
c8:ac:bb:32:f4:54:94:0c:cc:12:06:94:2f:cb:58:
2d:34:89:e1:a8:69:18:b2:d4:3e:e0:7b:57:c1:1a:
d4:05:87:fe:da:57:f7:0b:78:e0:ed:f4:cd:38:33:
f2:2a:6f:8c:70:27:33:bf:43:19:fa:35:98:c3:b9:
65:04:53:33:33:07:f6:12:99:04:be:72:69:af:bb:
55:d7:52:dd:0f:34:c4:93:b0:ae:43:d6:c8:ae:68:
8b:92:1d:25:be:d0:9e:b5:fb:52:12:c8:34:c2:94:
cf:af:8c:d9:bf:ed:cd:b1:68:5a:b2:e9:a5:66:03:
be:62:1d:41:64:61:84:9e:70:12:7b:7a:9f:49:87:
f7:bf:ad:20:81:ae:c4:c0:a3:d4:e3:19:89:0c:db:
02:ef:d6:40:a0:36:12:c2:a9:df:16:bf:6d:e2:12:
e3:6f:dc:78:8f:a9:29:27:b9:2e:1d:b7:32:e3:3c:
a4:66:83:3e:ba:8e:0b:51:e0:c8:0f:f2:9e:7e:2d:
6b:9f:89:bd:4b:db:f1:4f:44:79:0e:70:b1:1c:6c:
8c:3f:ff:d8:c6:18:0b:35:4c:9b:92:76:14:0e:4e:
1a:00:b6:b4:2a:45:be:ba:b9:ed:a9:19:0b:2d:83:
3a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:63:F8:5A:A3:C2:DD:4E:35:45:BA:15:9C:58:A1:53:A4:F0:FE:1E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.32.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d0:6a:1f:fe:4a:01:26:13:de:d3:b4:9e:fb:7f:a4:62:26:97:
8e:1d:cb:52:21:cd:8a:86:3c:ab:38:5f:44:eb:43:3b:7c:ec:
f5:bf:a9:21:3e:cd:60:70:dc:86:f9:4a:fb:88:44:5e:dd:8f:
42:3a:71:79:c9:bb:a9:01:34:fd:91:b4:e2:b4:86:bc:cf:2a:
66:24:b4:bf:c7:90:58:d8:e7:c1:86:3d:60:2d:ba:05:83:8c:
23:6d:79:c8:48:71:c2:a4:52:d9:4d:be:16:10:bc:9f:eb:41:
ec:af:9b:07:0a:67:8c:a8:a7:a0:c5:56:ba:cd:28:db:74:56:
fe:cd:7c:80:ec:a3:91:59:5f:36:2d:2b:07:8b:48:ea:8a:c8:
e8:81:72:6a:2a:1e:32:7b:5f:cd:f8:b1:e8:b9:e7:c7:0a:43:
50:40:76:da:bf:38:8f:91:fc:df:0c:6e:be:25:f7:ea:c9:dc:
21:09:8d:cb:fe:b8:87:67:7f:29:53:ad:ec:50:fe:f2:e2:6a:
b0:ec:e2:f2:da:8d:2b:50:8d:cc:4a:21:18:6b:ec:d3:73:f6:
df:4b:8b:39:67:c9:8f:f8:10:23:54:27:8b:c7:69:54:33:a0:
1e:e2:db:20:90:82:3d:88:6a:9c:75:d0:a0:19:a8:41:af:74:
4d:16:58:6f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUe5G3VqYwofKy97aISfE0u0vaphYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2MjNlMTZmYzJlNjMwODkyMDYwZjBmMDdhZGExNTc0Y2NhMmU0ZmI4NzQ0
ZDc1OTFiMWYxOWM2MWExNjI2ZTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMylvDQxTbKYLdznBgbYyKy7MvRUlAzMEgaUL8tYLTSJ4ahpGLLUPuB7V8Ea
1AWH/tpX9wt44O30zTgz8ipvjHAnM79DGfo1mMO5ZQRTMzMH9hKZBL5yaa+7VddS
3Q80xJOwrkPWyK5oi5IdJb7QnrX7UhLINMKUz6+M2b/tzbFoWrLppWYDvmIdQWRh
hJ5wEnt6n0mH97+tIIGuxMCj1OMZiQzbAu/WQKA2EsKp3xa/beIS42/ceI+pKSe5
Lh23MuM8pGaDPrqOC1HgyA/ynn4ta5+JvUvb8U9EeQ5wsRxsjD//2MYYCzVMm5J2
FA5OGgC2tCpFvrq57akZCy2DOukCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR4Y/ha
o8LdTjVFuhWcWKFTpPD+HjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmRiNTdiODItZjhlNC00Yjg1LWE0NmEtYmVmZWNiNDc3NGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMgMA0G
CSqGSIb3DQEBCwUAA4IBAQDQah/+SgEmE97TtJ77f6RiJpeOHctSIc2KhjyrOF9E
60M7fOz1v6khPs1gcNyG+Ur7iERe3Y9COnF5ybupATT9kbTitIa8zypmJLS/x5BY
2OfBhj1gLboFg4wjbXnISHHCpFLZTb4WELyf60Hsr5sHCmeMqKegxVa6zSjbdFb+
zXyA7KORWV82LSsHi0jqisjogXJqKh4ye1/N+LHouefHCkNQQHbavziPkfzfDG6+
JffqydwhCY3L/riHZ38pU63sUP7y4mqw7OLy2o0rUI3MSiEYa+zTc/bfS4s5Z8mP
+BAjVCeLx2lUM6Ae4tsgkII9iGqcddCgGahBr3RNFlhv
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org