Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d4b4aa1a-385e-428a-9444-c44b9dd07114.roa
File: d4b4aa1a-385e-428a-9444-c44b9dd07114.roa (raw, json)
Hash identifier: qYt8NnIb4y4veKO4B4KCf7L4yvlckRDmfw2cfFjvANg=
Subject key identifier: 0D:D0:C1:97:95:A5:75:AE:B9:C5:F7:C5:47:A7:C6:4B:88:C3:F0:0A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3180DFDD16A46F49BCD81F20513E6A3983DF538A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d4b4aa1a-385e-428a-9444-c44b9dd07114.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.44.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:80:df:dd:16:a4:6f:49:bc:d8:1f:20:51:3e:6a:39:83:df:53:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=ca44536928733e43b0a1fe3a633d1b2b6b906cf4e0398094880fa46b975f3b69, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f8:05:43:da:a8:a5:9d:bd:a9:9d:26:02:fe:
6c:7e:2e:8a:0a:6d:99:02:9f:47:03:b0:9d:cc:68:
ef:da:81:1d:b3:47:59:be:c8:09:18:ee:65:e7:d4:
24:f5:f8:3a:d8:7d:2e:1e:0d:1c:26:2d:01:5e:6e:
b2:66:97:94:45:3e:0d:9b:ad:78:7d:5e:c3:48:7a:
4b:bc:8f:d0:35:36:db:02:15:61:33:81:22:9f:12:
7a:34:42:52:d3:0e:1f:b1:b0:a9:13:85:5e:e4:8f:
ab:bc:1c:18:9c:d4:23:b1:75:7f:f6:ca:6c:fe:d0:
30:52:96:0b:60:06:f5:74:4f:ac:6b:f4:f5:e7:3f:
28:d5:71:31:6f:dc:d4:28:88:6c:30:d1:d4:91:f5:
80:c4:9b:29:43:fd:e0:35:89:6b:57:fd:81:94:9e:
56:69:64:a8:3a:e3:09:14:3a:d0:11:d6:46:5b:e4:
85:82:2b:62:a9:ee:d8:3e:52:c4:5c:61:a4:c7:61:
c9:11:28:71:fe:21:49:23:fa:55:76:5c:9c:3f:79:
83:9a:f5:f4:9e:0c:a1:d8:94:dd:e7:e9:3f:ff:59:
5d:6a:32:df:24:f7:b3:b0:06:25:f1:d3:c8:33:07:
47:41:02:31:97:37:a7:56:38:db:e5:d1:1f:47:4d:
74:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D0:C1:97:95:A5:75:AE:B9:C5:F7:C5:47:A7:C6:4B:88:C3:F0:0A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d4b4aa1a-385e-428a-9444-c44b9dd07114.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/14
Signature Algorithm: sha256WithRSAEncryption
02:ce:1c:94:64:f4:0f:40:ca:a6:29:d8:7b:e6:14:68:df:30:
ee:9e:e3:56:74:c1:e9:80:1e:65:44:74:e8:1d:d5:4e:d3:fe:
be:63:e4:d1:14:31:c8:a4:b0:ff:10:6e:9f:86:45:3d:4b:8f:
23:19:60:97:85:e2:69:31:40:73:4d:54:a1:74:26:29:3d:e2:
bc:1a:8b:47:35:ec:8e:e1:a9:1b:c1:e9:5a:b6:10:94:07:c1:
d3:b0:6e:22:10:ab:c5:bb:24:5b:aa:e4:55:e7:b0:e9:08:80:
b3:9e:a9:d6:8e:76:75:50:22:ea:a3:f2:91:49:bf:b8:db:ee:
fc:68:8a:c3:e1:fd:81:82:16:cd:94:07:45:96:b2:2c:17:4a:
94:8c:7e:13:b3:2f:98:4b:18:51:a4:0a:6f:d5:e1:6f:87:9a:
43:53:fc:9b:9f:7b:72:cd:7e:9e:56:0b:f9:96:bc:e8:f7:a8:
c5:2d:c6:00:a7:e0:1e:98:c3:b7:77:98:c2:3e:b8:6b:ec:3c:
58:b1:32:2e:ab:e7:fc:70:15:ea:11:c4:74:4f:49:a4:ba:f8:
48:8b:f7:1d:43:5a:37:b6:2b:dc:72:ce:12:b3:94:bd:2c:61:
7c:a1:27:ea:24:67:70:0f:1d:05:eb:44:83:8b:eb:f9:3e:62:
32:c2:e7:97
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMYDf3Rakb0m82B8gUT5qOYPfU4owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGNhNDQ1MzY5Mjg3MzNlNDNiMGExZmUzYTYzM2QxYjJiNmI5MDZjZjRlMDM5
ODA5NDg4MGZhNDZiOTc1ZjNiNjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMf4BUPaqKWdvamdJgL+bH4uigptmQKfRwOwncxo79qBHbNHWb7ICRjuZefU
JPX4Oth9Lh4NHCYtAV5usmaXlEU+DZuteH1ew0h6S7yP0DU22wIVYTOBIp8SejRC
UtMOH7GwqROFXuSPq7wcGJzUI7F1f/bKbP7QMFKWC2AG9XRPrGv09ec/KNVxMW/c
1CiIbDDR1JH1gMSbKUP94DWJa1f9gZSeVmlkqDrjCRQ60BHWRlvkhYIrYqnu2D5S
xFxhpMdhyREocf4hSSP6VXZcnD95g5r19J4ModiU3efpP/9ZXWoy3yT3s7AGJfHT
yDMHR0ECMZc3p1Y42+XRH0dNdE0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQN0MGX
laV1rrnF98VHp8ZLiMPwCjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDRiNGFhMWEtMzg1ZS00MjhhLTk0NDQtYzQ0YjlkZDA3MTE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMsMA0G
CSqGSIb3DQEBCwUAA4IBAQACzhyUZPQPQMqmKdh75hRo3zDunuNWdMHpgB5lRHTo
HdVO0/6+Y+TRFDHIpLD/EG6fhkU9S48jGWCXheJpMUBzTVShdCYpPeK8GotHNeyO
4akbwelathCUB8HTsG4iEKvFuyRbquRV57DpCICznqnWjnZ1UCLqo/KRSb+42+78
aIrD4f2BghbNlAdFlrIsF0qUjH4Tsy+YSxhRpApv1eFvh5pDU/ybn3tyzX6eVgv5
lrzo96jFLcYAp+AemMO3d5jCPrhr7DxYsTIuq+f8cBXqEcR0T0mkuvhIi/cdQ1o3
tivccs4Ss5S9LGF8oSfqJGdwDx0F60SDi+v5PmIywueX
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:43 2024 by rpki-client on console-fra.rpki-client.org