Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c090963d-9d8d-49a3-960b-b36e1309eb76.roa
File: c090963d-9d8d-49a3-960b-b36e1309eb76.roa (raw, json)
Hash identifier: eDNnnKU9xi4YusyYqW9ebguInjJYVo3ajywm/57JWZI=
Subject key identifier: F1:3A:BE:56:14:85:D6:96:7C:F1:AB:46:AB:4D:4F:AD:DD:0F:4B:A9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5FC614FB52C4707D9D2039A7094EE1CC0CD0D045
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c090963d-9d8d-49a3-960b-b36e1309eb76.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.32.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:c6:14:fb:52:c4:70:7d:9d:20:39:a7:09:4e:e1:cc:0c:d0:d0:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=03e93c03b989c7b3d2eb339cd214aebb65b33853d8970bb84b021c31fd71b5fd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:dd:22:d3:25:69:7a:70:db:ae:fa:23:2b:ee:
c7:83:90:c0:f3:f9:90:23:ec:7b:5b:bb:18:7e:8d:
62:51:72:79:00:19:65:82:ee:37:85:ed:d2:74:83:
99:22:5b:e9:3f:a0:9c:8e:25:b1:03:3c:10:ff:d4:
a9:d4:89:16:95:06:04:0d:07:d1:ce:2d:02:18:dd:
48:81:dd:c3:e8:b8:e5:d0:85:e8:d1:73:66:b3:8c:
96:85:f4:f6:22:f5:0b:aa:dd:f4:8c:f0:46:bf:32:
87:16:c1:6b:b4:9e:73:84:66:38:d8:e8:a1:07:a6:
9d:54:e0:9f:95:6b:51:c4:b5:68:c4:48:09:84:93:
2c:21:41:50:1e:c5:85:65:2a:6b:76:42:8c:2a:5a:
03:5d:de:1c:46:81:72:7e:4b:a8:a3:fe:75:6c:e0:
7a:7c:05:35:29:8b:9a:ab:57:89:24:05:52:b7:82:
4d:80:4a:9b:4f:b9:16:a3:85:eb:69:04:f0:e1:9b:
d6:95:fa:0e:b5:45:76:bf:2a:5d:30:ec:01:2b:50:
66:64:09:1a:e5:5a:02:0b:b8:6d:21:c3:c5:1c:5a:
09:fb:d8:43:03:c5:7d:df:4c:ed:3a:95:b1:05:d8:
c9:70:5a:e4:dd:f0:16:18:98:94:8b:88:40:06:cb:
16:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:3A:BE:56:14:85:D6:96:7C:F1:AB:46:AB:4D:4F:AD:DD:0F:4B:A9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c090963d-9d8d-49a3-960b-b36e1309eb76.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.32.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2b:6c:19:64:91:68:55:b9:5a:eb:b4:57:5d:bc:59:3a:79:11:
9e:fd:53:f9:ef:59:bd:07:b3:c9:86:c0:40:0c:32:1d:a4:9c:
7e:98:82:ba:fa:87:a6:d5:17:a7:71:73:1e:c3:40:0d:ed:46:
2b:e2:15:7e:87:96:dc:df:b6:ab:8e:67:18:38:4b:43:79:82:
9f:95:41:18:74:c0:bf:d2:41:05:cd:1c:b5:ad:77:ec:de:a9:
04:c3:3b:07:bc:0e:9e:4a:05:37:ec:ee:1c:1b:7f:63:d6:2d:
3f:c8:48:ec:56:8b:58:ba:00:95:bc:01:1e:07:00:4d:07:4b:
9f:30:b1:05:a7:fe:10:33:d6:fd:40:fa:d5:e0:8a:fe:d1:ca:
52:ff:82:f7:9a:fa:2e:41:80:c7:1c:de:ea:44:23:16:39:70:
f8:95:da:0a:d3:d7:5c:5c:8d:0a:f6:1f:4d:a8:79:8c:c4:17:
3c:2d:4c:ac:b3:38:de:6a:f9:4b:1b:ca:35:8f:99:e8:1e:3b:
60:24:a1:f0:db:be:9b:72:3f:35:b1:0d:76:f7:47:df:02:90:
9f:36:58:c6:41:ec:17:37:47:38:64:1b:a0:aa:01:9c:03:c5:
c8:93:ba:9d:c8:a9:de:3d:e2:d4:ce:f9:63:38:a0:78:34:2b:
92:77:41:50
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUX8YU+1LEcH2dIDmnCU7hzAzQ0EUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzZTkzYzAzYjk4OWM3YjNkMmViMzM5Y2QyMTRhZWJiNjViMzM4NTNkODk3
MGJiODRiMDIxYzMxZmQ3MWI1ZmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAObdItMlaXpw2676Iyvux4OQwPP5kCPse1u7GH6NYlFyeQAZZYLuN4Xt0nSD
mSJb6T+gnI4lsQM8EP/UqdSJFpUGBA0H0c4tAhjdSIHdw+i45dCF6NFzZrOMloX0
9iL1C6rd9IzwRr8yhxbBa7Sec4RmONjooQemnVTgn5VrUcS1aMRICYSTLCFBUB7F
hWUqa3ZCjCpaA13eHEaBcn5LqKP+dWzgenwFNSmLmqtXiSQFUreCTYBKm0+5FqOF
62kE8OGb1pX6DrVFdr8qXTDsAStQZmQJGuVaAgu4bSHDxRxaCfvYQwPFfd9M7TqV
sQXYyXBa5N3wFhiYlIuIQAbLFvMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTxOr5W
FIXWlnzxq0arTU+t3Q9LqTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzA5MDk2M2QtOWQ4ZC00OWEzLTk2MGItYjM2ZTEzMDllYjc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMgMA0G
CSqGSIb3DQEBCwUAA4IBAQArbBlkkWhVuVrrtFddvFk6eRGe/VP571m9B7PJhsBA
DDIdpJx+mIK6+oem1RencXMew0AN7UYr4hV+h5bc37arjmcYOEtDeYKflUEYdMC/
0kEFzRy1rXfs3qkEwzsHvA6eSgU37O4cG39j1i0/yEjsVotYugCVvAEeBwBNB0uf
MLEFp/4QM9b9QPrV4Ir+0cpS/4L3mvouQYDHHN7qRCMWOXD4ldoK09dcXI0K9h9N
qHmMxBc8LUysszjeavlLG8o1j5noHjtgJKHw276bcj81sQ1290ffApCfNljGQewX
N0c4ZBugqgGcA8XIk7qdyKnePeLUzvljOKB4NCuSd0FQ
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org