Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6175d79-8819-47e6-b539-4bfb28fe7389.roa
File: e6175d79-8819-47e6-b539-4bfb28fe7389.roa (raw, json)
Hash identifier: vUVULjUI5jRn4j9X3lgw/BRexnYhg8NKpPTBDLf6aGY=
Subject key identifier: 55:88:64:0E:AE:B2:0A:F0:2A:C1:0B:94:51:E7:4A:E9:BC:8E:7D:A5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5B306B8EDD95765934BEC6658C589BE02C1CD173
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6175d79-8819-47e6-b539-4bfb28fe7389.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.220.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:30:6b:8e:dd:95:76:59:34:be:c6:65:8c:58:9b:e0:2c:1c:d1:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=507683a8d67922227ae7433bd6b78990bdedf52253da0f091b0b5578f69b2f44, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1a:e6:cd:7b:24:d6:c5:bc:a3:be:83:b1:54:
08:3c:d0:21:b9:e7:9a:07:8b:1e:39:54:17:43:da:
83:5a:90:8a:74:3b:26:a1:39:2b:06:ee:63:37:cf:
a7:9c:3d:61:03:ef:bd:2f:97:9f:85:3d:55:ae:44:
13:e2:64:63:10:24:5f:89:99:00:1e:c7:3f:da:6b:
b7:c1:06:8f:61:02:1d:0c:e7:24:8c:39:88:38:d1:
54:3c:28:cf:6c:a3:d4:15:60:e9:ae:cc:3a:01:54:
77:56:2c:f8:da:f1:f4:de:ce:15:21:f5:b0:77:9c:
61:d2:7e:64:63:82:db:37:a8:1e:a0:70:08:6f:df:
9c:e9:0e:ff:e9:7b:5b:9f:7d:75:9c:ad:ac:89:fe:
b7:66:bb:f2:07:f3:45:a9:91:30:49:82:7e:ff:59:
49:49:be:3b:72:2a:90:90:7e:0c:ce:f4:8c:9d:15:
25:75:08:68:e1:0c:af:b2:ad:2c:3f:66:c6:bc:7c:
98:df:df:e7:7a:1d:d3:68:f1:52:1a:e6:3c:99:67:
18:11:da:f6:e2:b0:bd:93:e0:cc:67:93:da:d3:74:
9b:64:59:cd:4b:8a:94:4a:60:3b:df:d3:98:45:52:
8d:1e:d0:25:99:63:53:8d:cd:eb:35:44:be:0f:7e:
e3:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:88:64:0E:AE:B2:0A:F0:2A:C1:0B:94:51:E7:4A:E9:BC:8E:7D:A5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6175d79-8819-47e6-b539-4bfb28fe7389.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.220.0.0/15
Signature Algorithm: sha256WithRSAEncryption
45:4d:c2:78:66:05:3b:4a:59:e6:70:af:75:d8:34:3d:c0:6b:
4d:18:42:a6:30:64:74:03:d9:41:f9:76:8e:d3:f3:11:ac:c9:
d0:2e:4d:f8:b0:8a:39:08:0c:a2:f3:99:52:76:9d:0a:32:c5:
51:ff:b5:43:82:36:92:97:eb:a3:99:e9:a2:12:2e:1a:ba:0a:
6e:d0:3f:39:36:d8:92:d2:7e:62:c5:46:2d:47:1d:74:a2:2a:
10:fd:96:da:af:6d:d3:fd:3b:a1:52:f6:d4:ad:d9:c3:48:22:
a5:0a:ce:63:52:7f:a7:54:1a:62:df:ec:49:b6:db:b5:65:c7:
78:82:93:ad:6f:87:e7:7a:73:19:3d:15:b2:82:00:22:a2:19:
11:ae:a9:2f:a7:39:36:df:23:5b:3e:30:af:9b:0f:ed:eb:ba:
c8:37:ff:e3:47:4e:bc:d5:85:9e:4d:ea:e6:a8:9f:8f:93:2f:
c0:eb:fa:b8:ab:97:c9:6d:9f:83:f9:8e:7d:29:d4:c2:30:04:
18:1c:6d:00:87:b2:44:a1:60:e5:e4:b6:0c:2b:9d:78:02:cf:
63:70:c9:e5:63:39:1b:ca:4e:c0:cf:c2:c6:54:9a:a0:e7:fe:
1f:6e:7a:1f:2b:3e:0c:a9:12:aa:c1:14:4b:de:40:69:5b:18:
ae:c1:5e:e4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWzBrjt2Vdlk0vsZljFib4Cwc0XMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwNzY4M2E4ZDY3OTIyMjI3YWU3NDMzYmQ2Yjc4OTkwYmRlZGY1MjI1M2Rh
MGYwOTFiMGI1NTc4ZjY5YjJmNDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0a5s17JNbFvKO+g7FUCDzQIbnnmgeLHjlUF0Pag1qQinQ7JqE5KwbuYzfP
p5w9YQPvvS+Xn4U9Va5EE+JkYxAkX4mZAB7HP9prt8EGj2ECHQznJIw5iDjRVDwo
z2yj1BVg6a7MOgFUd1Ys+Nrx9N7OFSH1sHecYdJ+ZGOC2zeoHqBwCG/fnOkO/+l7
W599dZytrIn+t2a78gfzRamRMEmCfv9ZSUm+O3IqkJB+DM70jJ0VJXUIaOEMr7Kt
LD9mxrx8mN/f53od02jxUhrmPJlnGBHa9uKwvZPgzGeT2tN0m2RZzUuKlEpgO9/T
mEVSjR7QJZljU43N6zVEvg9+4zsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRViGQO
rrIK8CrBC5RR50rpvI59pTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTYxNzVkNzktODgxOS00N2U2LWI1MzktNGJmYjI4ZmU3Mzg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPcMA0G
CSqGSIb3DQEBCwUAA4IBAQBFTcJ4ZgU7SlnmcK912DQ9wGtNGEKmMGR0A9lB+XaO
0/MRrMnQLk34sIo5CAyi85lSdp0KMsVR/7VDgjaSl+ujmemiEi4augpu0D85NtiS
0n5ixUYtRx10oioQ/Zbar23T/TuhUvbUrdnDSCKlCs5jUn+nVBpi3+xJttu1Zcd4
gpOtb4fnenMZPRWyggAiohkRrqkvpzk23yNbPjCvmw/t67rIN//jR0681YWeTerm
qJ+Pky/A6/q4q5fJbZ+D+Y59KdTCMAQYHG0Ah7JEoWDl5LYMK514As9jcMnlYzkb
yk7Az8LGVJqg5/4fbnofKz4MqRKqwRRL3kBpWxiuwV7k
-----END CERTIFICATE-----
Generated at Sat May 4 22:06:51 2024 by rpki-client on console-ams.rpki-client.org