Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f8fa83-54f1-44cc-a915-6249a6f6a284.roa
File: b1f8fa83-54f1-44cc-a915-6249a6f6a284.roa (raw, json)
Hash identifier: lPdYWs6OtcfpKcQy27RxgrrGiwEJaSt57mMBBlTM/Mc=
Subject key identifier: AF:B1:F4:11:D9:2D:87:32:D9:02:99:27:04:F8:93:45:A1:4E:00:63
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 119FD7DF1E34514D8C704E4E1406342E14F6015D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f8fa83-54f1-44cc-a915-6249a6f6a284.roa
Signing time: Fri 14 Jun 2024 00:00:00 +0000
ROA not before: Fri 14 Jun 2024 00:00:00 +0000
ROA not after: Fri 19 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.3.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:9f:d7:df:1e:34:51:4d:8c:70:4e:4e:14:06:34:2e:14:f6:01:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 14 00:00:00 2024 GMT
Not After : Jul 19 23:59:59 2024 GMT
Subject: serialNumber=a7a9809c745f61c9994472ca65ebcc53d57db6f6d1cd1c1ac5472587b20f8696, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:72:01:76:80:59:a2:96:62:aa:28:d5:04:ea:
d4:61:ba:cc:28:dc:ce:1a:6f:a1:da:b3:65:23:b8:
a2:69:52:89:4c:b0:1f:00:af:83:93:94:aa:89:ba:
ad:a9:7e:6f:51:09:5f:db:b5:5c:1a:b4:f4:2e:3e:
14:86:00:3b:ca:b6:2e:af:13:80:04:79:de:01:d4:
e3:80:04:ae:65:e2:92:99:7b:8f:12:6e:03:28:a0:
31:fb:25:79:7c:c9:c9:c0:ff:ab:5e:4b:a0:1b:76:
fa:f5:ac:32:b7:68:45:48:5e:b2:d3:9c:4b:4c:24:
c3:ff:fc:bc:ce:37:34:5c:76:77:dc:61:bd:99:5a:
32:79:43:49:7d:c3:1b:07:0c:15:27:13:3b:98:1b:
b9:47:7a:c9:30:d9:30:62:ba:41:0b:ee:f2:22:cc:
36:8f:9b:85:35:ae:fa:97:fb:88:7d:ec:ef:07:18:
16:09:28:c6:19:f7:72:d6:c6:fd:6d:fc:85:6c:d1:
ce:64:2c:d1:8a:99:27:5c:6b:bf:be:be:5b:08:68:
62:16:f1:90:96:6f:99:16:3a:b0:b9:3c:66:85:d8:
d2:8c:64:95:a1:e6:1c:69:34:d3:a4:5f:5f:b9:88:
6e:b6:ba:2d:50:e8:20:de:7c:96:c4:72:e3:e3:6b:
2c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:B1:F4:11:D9:2D:87:32:D9:02:99:27:04:F8:93:45:A1:4E:00:63
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f8fa83-54f1-44cc-a915-6249a6f6a284.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.3.0.0/16
Signature Algorithm: sha256WithRSAEncryption
54:c6:27:15:c1:94:77:31:80:7c:00:0a:ea:1a:72:a6:2a:01:
ed:37:df:8b:87:49:ff:b6:cc:58:53:2b:be:a6:e7:d7:63:fd:
17:c7:eb:9a:df:da:fd:04:7e:6f:4f:67:65:90:c7:56:f5:ec:
e1:98:9a:18:2f:e0:82:86:d6:0d:68:1b:f7:8a:08:cf:63:e3:
be:15:ac:e9:48:0e:1f:eb:af:77:48:41:ce:1e:eb:b4:39:f6:
49:31:3a:97:d1:02:05:ec:f3:4d:6d:8e:71:88:26:20:28:6f:
02:d8:42:14:22:39:e3:e7:a4:a6:f8:40:cb:7e:ee:cf:4a:eb:
2b:d9:a1:5b:88:d1:fe:28:bc:b1:2b:10:38:6c:7f:3a:b1:5c:
27:73:f1:19:d0:b4:56:04:3d:ff:f4:d6:d1:f6:c3:81:6e:f1:
e7:53:a6:c8:80:e0:36:12:f1:9f:96:83:e4:8a:2e:28:e8:8f:
b9:d9:96:a2:8b:dd:56:6f:8c:e2:6f:55:35:e3:49:d4:14:59:
23:e8:63:38:4d:51:4c:1c:7e:ae:d2:91:42:71:1c:92:ae:ce:
f7:fd:8d:ab:6f:ed:ef:38:da:17:93:39:d8:52:c6:0f:56:c4:
6b:be:08:2d:fa:d0:8b:9a:e2:10:83:e9:a7:ba:84:47:9e:7a:
7f:50:33:a2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEZ/X3x40UU2McE5OFAY0LhT2AV0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTQwMDAwMDBaFw0yNDA3MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3YTk4MDljNzQ1ZjYxYzk5OTQ0NzJjYTY1ZWJjYzUzZDU3ZGI2ZjZkMWNk
MWMxYWM1NDcyNTg3YjIwZjg2OTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANtyAXaAWaKWYqoo1QTq1GG6zCjczhpvodqzZSO4omlSiUywHwCvg5OUqom6
ral+b1EJX9u1XBq09C4+FIYAO8q2Lq8TgAR53gHU44AErmXikpl7jxJuAyigMfsl
eXzJycD/q15LoBt2+vWsMrdoRUhestOcS0wkw//8vM43NFx2d9xhvZlaMnlDSX3D
GwcMFScTO5gbuUd6yTDZMGK6QQvu8iLMNo+bhTWu+pf7iH3s7wcYFgkoxhn3ctbG
/W38hWzRzmQs0YqZJ1xrv76+WwhoYhbxkJZvmRY6sLk8ZoXY0oxklaHmHGk006Rf
X7mIbra6LVDoIN58lsRy4+NrLBsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSvsfQR
2S2HMtkCmScE+JNFoU4AYzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjFmOGZhODMtNTRmMS00NGNjLWE5MTUtNjI0OWE2ZjZhMjg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMDMA0G
CSqGSIb3DQEBCwUAA4IBAQBUxicVwZR3MYB8AArqGnKmKgHtN9+Lh0n/tsxYUyu+
pufXY/0Xx+ua39r9BH5vT2dlkMdW9ezhmJoYL+CChtYNaBv3igjPY+O+FazpSA4f
6693SEHOHuu0OfZJMTqX0QIF7PNNbY5xiCYgKG8C2EIUIjnj56Sm+EDLfu7PSusr
2aFbiNH+KLyxKxA4bH86sVwnc/EZ0LRWBD3/9NbR9sOBbvHnU6bIgOA2EvGfloPk
ii4o6I+52Zaii91Wb4zib1U140nUFFkj6GM4TVFMHH6u0pFCcRySrs73/Y2rb+3v
ONoXkznYUsYPVsRrvggt+tCLmuIQg+mnuoRHnnp/UDOi
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org