Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce1d12f0-5347-41d5-b7bb-778dda0c1d4c.roa
File: ce1d12f0-5347-41d5-b7bb-778dda0c1d4c.roa (raw, json)
Hash identifier: 4CZpRrR2+Jm4I9lAa7fvUJeUPW7vQJ5xZO2FHTPEV6I=
Subject key identifier: 0B:6A:37:77:74:27:06:3A:A0:10:EF:8F:D1:AA:FC:2C:DD:4A:57:EB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 50881718A64D2942C9CE119F2AC24DF90901306E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce1d12f0-5347-41d5-b7bb-778dda0c1d4c.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.60.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:88:17:18:a6:4d:29:42:c9:ce:11:9f:2a:c2:4d:f9:09:01:30:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=9d4015abcb69508680d8cf116a109c3fa8f2c77c9be621b2aba9c3cecaba4d14, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:77:8d:52:ee:a4:46:90:6e:85:75:18:29:b3:
5d:26:3f:34:d8:6a:24:c8:bd:51:63:22:13:47:52:
33:0a:8a:19:42:dd:bd:eb:7b:b6:e7:6c:86:44:fa:
23:67:0a:ad:ae:17:38:41:63:60:33:5c:ac:a4:14:
63:ab:3c:b6:85:85:a9:c4:fa:5b:d0:89:fa:f6:11:
a0:f4:c9:13:f5:de:67:7c:8e:7a:61:2f:77:10:11:
d9:a2:80:d9:4d:42:e3:3e:5e:88:10:52:28:62:60:
d8:62:9c:8d:f2:4d:6c:1d:5b:8f:86:11:83:2f:dd:
95:bf:4f:d2:08:ba:29:3d:f0:31:62:74:33:dc:a8:
05:58:60:26:be:20:17:2f:54:70:2f:8e:0c:bc:7d:
d8:82:61:9c:5d:31:f9:9e:f7:72:2c:cb:00:50:19:
36:e7:cb:ef:64:a0:ed:cd:48:a9:a2:4f:2e:ba:8b:
81:1f:10:24:e7:d4:a5:4f:6d:10:49:19:de:01:6c:
8c:f2:94:d8:6a:61:85:08:b7:f5:26:da:4e:6c:7d:
31:44:26:8f:73:15:6d:58:83:5c:c2:0e:60:11:8e:
ee:be:54:5c:ae:ca:29:21:a6:7f:d4:82:1f:00:49:
40:34:fa:d4:93:99:c5:6e:12:c5:bf:50:06:fa:76:
83:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:6A:37:77:74:27:06:3A:A0:10:EF:8F:D1:AA:FC:2C:DD:4A:57:EB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce1d12f0-5347-41d5-b7bb-778dda0c1d4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.60.0.0/16
Signature Algorithm: sha256WithRSAEncryption
38:ff:80:fb:58:d0:dd:19:15:49:93:6a:a8:87:0c:c6:0c:a7:
f7:46:4c:82:aa:6c:bd:67:c7:4a:31:8f:83:98:18:d4:12:0e:
9c:2a:1a:2a:00:a3:6e:45:62:0f:aa:5e:77:d5:4e:ab:9d:e0:
6c:b2:5b:7f:3d:4e:fe:cf:74:37:18:3f:17:b3:11:67:b3:08:
87:5b:49:70:50:f7:70:ce:ef:4e:e6:45:51:05:6f:a3:27:16:
06:9d:28:4b:b7:2d:97:74:81:a9:67:9f:48:db:d3:36:5b:c0:
b3:9e:7a:9b:5a:49:5a:5c:42:df:6f:22:29:9a:0d:49:57:c9:
7a:3a:05:41:33:31:63:75:e0:41:d3:b2:80:ac:11:1d:91:a6:
b1:21:ce:9c:cb:8b:49:2d:ac:c3:37:d6:c5:1b:6f:09:08:a0:
94:70:30:5d:75:5c:5d:d0:2c:7d:41:68:36:90:7b:54:86:51:
fa:0e:e7:70:0a:21:35:4e:5b:79:7b:35:d3:a7:f9:6b:ba:96:
0c:20:d4:a8:cf:37:27:7e:25:35:94:00:cd:df:90:8b:8d:ec:
ad:ec:8f:c5:52:55:3d:94:33:20:7c:ab:01:ab:45:f1:22:20:
74:8c:08:db:9e:07:02:3b:1b:b9:c4:2f:ca:6d:f1:8f:25:8b:
ff:65:04:5a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUIgXGKZNKULJzhGfKsJN+QkBMG4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkNDAxNWFiY2I2OTUwODY4MGQ4Y2YxMTZhMTA5YzNmYThmMmM3N2M5YmU2
MjFiMmFiYTljM2NlY2FiYTRkMTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALl3jVLupEaQboV1GCmzXSY/NNhqJMi9UWMiE0dSMwqKGULdvet7tudshkT6
I2cKra4XOEFjYDNcrKQUY6s8toWFqcT6W9CJ+vYRoPTJE/XeZ3yOemEvdxAR2aKA
2U1C4z5eiBBSKGJg2GKcjfJNbB1bj4YRgy/dlb9P0gi6KT3wMWJ0M9yoBVhgJr4g
Fy9UcC+ODLx92IJhnF0x+Z73cizLAFAZNufL72Sg7c1IqaJPLrqLgR8QJOfUpU9t
EEkZ3gFsjPKU2GphhQi39SbaTmx9MUQmj3MVbViDXMIOYBGO7r5UXK7KKSGmf9SC
HwBJQDT61JOZxW4Sxb9QBvp2g6ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQLajd3
dCcGOqAQ74/Rqvws3UpX6zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2UxZDEyZjAtNTM0Ny00MWQ1LWI3YmItNzc4ZGRhMGMxZDRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADM8MA0G
CSqGSIb3DQEBCwUAA4IBAQA4/4D7WNDdGRVJk2qohwzGDKf3RkyCqmy9Z8dKMY+D
mBjUEg6cKhoqAKNuRWIPql531U6rneBsslt/PU7+z3Q3GD8XsxFnswiHW0lwUPdw
zu9O5kVRBW+jJxYGnShLty2XdIGpZ59I29M2W8CznnqbWklaXELfbyIpmg1JV8l6
OgVBMzFjdeBB07KArBEdkaaxIc6cy4tJLazDN9bFG28JCKCUcDBddVxd0Cx9QWg2
kHtUhlH6DudwCiE1Tlt5ezXTp/lrupYMINSozzcnfiU1lADN35CLjeyt7I/FUlU9
lDMgfKsBq0XxIiB0jAjbngcCOxu5xC/KbfGPJYv/ZQRa
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:22 2024 by rpki-client on console-fra.rpki-client.org