Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
File: 8d2d588e-ac05-4633-acba-4d5705f7071e.roa (raw, json)
Hash identifier: xbC88f/Y44pWACzhgwzM83J8xSGdymtYfbDVhh/RJfc=
Subject key identifier: 24:D7:C9:C0:86:21:10:97:2A:98:58:15:A6:59:F3:B6:B1:49:A0:EF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3381A977A2D184147D5A13E0176F74FDD02880A0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.180.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:81:a9:77:a2:d1:84:14:7d:5a:13:e0:17:6f:74:fd:d0:28:80:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=10b10b415571209180c40cb2fe2ed00a27655d0366245fe555db1f8944fa0ae1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:74:f9:cd:a4:78:62:8c:a8:20:08:3c:03:6e:
e1:7c:9a:f1:9b:bb:3d:a4:c8:a1:7c:97:b4:79:9b:
66:df:fa:de:aa:9d:dc:3e:dc:9e:cc:53:c3:4d:08:
53:48:2f:eb:43:db:73:54:80:9a:14:58:04:db:41:
8d:f4:e2:65:f0:31:1d:70:56:29:62:6f:c0:1a:0b:
86:95:2d:ae:a7:81:43:57:50:6c:57:97:f5:f0:68:
1c:3b:ac:81:c6:3c:a2:6e:91:1d:9f:1b:3e:50:1e:
84:92:ed:67:5d:1a:2a:34:60:69:f4:e4:6d:af:3e:
1a:b6:b2:18:c9:4b:65:e5:71:b5:3b:5f:13:54:e8:
c8:12:8e:9c:9d:03:82:47:58:91:c9:dd:89:e0:6b:
f7:93:f0:22:28:ab:cd:ff:3f:3e:b2:e6:5b:e3:5c:
19:b6:7f:23:17:87:9d:cc:26:ec:5d:a2:6c:4c:40:
6a:df:e1:87:10:f8:8b:40:d8:2e:a1:4e:66:a2:4a:
03:9a:f3:7a:c8:60:91:97:d5:92:6d:46:13:33:8c:
72:73:87:6f:d0:95:70:e0:17:50:fa:c3:a2:30:c0:
01:04:e4:3a:e8:3d:ce:9b:1f:42:43:69:ba:05:d0:
77:7f:77:c3:bf:1c:22:ae:72:26:e8:07:b8:3b:2e:
4e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:D7:C9:C0:86:21:10:97:2A:98:58:15:A6:59:F3:B6:B1:49:A0:EF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
90:4d:a4:d3:7d:28:70:ad:f7:f9:47:d0:4e:a1:5e:5a:5d:b7:
44:4e:f1:83:6e:84:49:d5:bf:34:bf:63:03:e4:8d:71:63:84:
ed:f2:c2:2a:0b:47:51:d2:6c:15:65:2a:ce:55:9b:63:48:1b:
3b:f8:ed:d4:22:0a:ff:80:71:8e:9e:05:07:f0:73:cb:45:50:
1d:07:de:f7:0d:0d:1a:1e:5d:86:ca:a4:53:86:57:b1:7b:c0:
ca:7f:73:17:f7:06:50:ed:35:37:a7:62:3c:9c:b6:8d:0b:92:
50:1e:3b:d3:ee:78:c5:bd:60:62:7c:ef:dd:a6:f8:6c:1f:b2:
fe:6d:72:13:ca:78:21:7e:33:24:ca:fa:9e:9c:5c:90:38:9b:
50:49:76:81:f3:71:ae:03:95:83:bb:4d:24:ab:d6:d6:f8:57:
69:73:32:3b:62:ff:6a:67:01:ab:7c:dc:9d:20:b6:3b:0c:51:
f4:2c:d6:27:46:9e:f8:cd:6c:57:56:23:5c:7a:2c:10:42:4e:
f9:07:94:66:4d:48:24:6b:ae:34:6f:a0:ef:ac:d6:16:fa:7c:
30:a8:05:c1:7b:dc:9e:17:14:f3:06:c1:13:ee:03:ba:05:fb:
99:51:85:0c:8d:8d:1a:77:f5:ab:a6:96:21:0c:f2:4e:10:ce:
69:b5:5f:17
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUM4Gpd6LRhBR9WhPgF290/dAogKAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwYjEwYjQxNTU3MTIwOTE4MGM0MGNiMmZlMmVkMDBhMjc2NTVkMDM2NjI0
NWZlNTU1ZGIxZjg5NDRmYTBhZTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJJ0+c2keGKMqCAIPANu4Xya8Zu7PaTIoXyXtHmbZt/63qqd3D7cnsxTw00I
U0gv60Pbc1SAmhRYBNtBjfTiZfAxHXBWKWJvwBoLhpUtrqeBQ1dQbFeX9fBoHDus
gcY8om6RHZ8bPlAehJLtZ10aKjRgafTkba8+GrayGMlLZeVxtTtfE1ToyBKOnJ0D
gkdYkcndieBr95PwIiirzf8/PrLmW+NcGbZ/IxeHncwm7F2ibExAat/hhxD4i0DY
LqFOZqJKA5rzeshgkZfVkm1GEzOMcnOHb9CVcOAXUPrDojDAAQTkOug9zpsfQkNp
ugXQd393w78cIq5yJugHuDsuTusCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQk18nA
hiEQlyqYWBWmWfO2sUmg7zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGQyZDU4OGUtYWMwNS00NjMzLWFjYmEtNGQ1NzA1ZjcwNzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G
CSqGSIb3DQEBCwUAA4IBAQCQTaTTfShwrff5R9BOoV5aXbdETvGDboRJ1b80v2MD
5I1xY4Tt8sIqC0dR0mwVZSrOVZtjSBs7+O3UIgr/gHGOngUH8HPLRVAdB973DQ0a
Hl2GyqRThlexe8DKf3MX9wZQ7TU3p2I8nLaNC5JQHjvT7njFvWBifO/dpvhsH7L+
bXITynghfjMkyvqenFyQOJtQSXaB83GuA5WDu00kq9bW+FdpczI7Yv9qZwGrfNyd
ILY7DFH0LNYnRp74zWxXViNceiwQQk75B5RmTUgka640b6DvrNYW+nwwqAXBe9ye
FxTzBsET7gO6BfuZUYUMjY0ad/WrppYhDPJOEM5ptV8X
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org