Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf9de9c-f37f-4256-bcd9-c7bf26e83e9a.roa
File: ecf9de9c-f37f-4256-bcd9-c7bf26e83e9a.roa (raw, json)
Hash identifier: gNoeD4sujmR+uc9GBXsUB9SM0QTQe1GT4BeQUSsQulY=
Subject key identifier: F9:D5:73:45:E2:FF:B1:4A:C2:65:31:51:F4:23:8C:21:8E:9F:81:49
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0B87F492A39103A724A197F37937D8B50C5C682E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf9de9c-f37f-4256-bcd9-c7bf26e83e9a.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.117.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:87:f4:92:a3:91:03:a7:24:a1:97:f3:79:37:d8:b5:0c:5c:68:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=f54aceab1564b866b55912a315a229e6b42a1d9f8184c93d59c2ef3068e5d8e5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8b:cf:d4:8d:80:62:d8:30:8f:1a:d4:65:2d:
43:e3:b8:aa:0b:4b:78:ce:5b:a4:ba:d1:10:14:a4:
66:d1:f5:86:41:84:06:53:f1:89:65:47:76:d7:c4:
16:21:ee:1c:6b:bc:f4:a0:4b:12:fa:b4:e0:96:f2:
22:8d:63:6b:4a:b3:97:43:9e:41:9c:83:5b:e5:b2:
14:33:a2:cb:57:49:18:d4:dc:33:8f:4a:d6:3c:fa:
5c:b7:43:fa:e1:96:70:5c:76:26:27:76:cb:00:58:
f6:54:46:07:46:4a:22:ff:39:c0:49:b8:63:a7:67:
b7:a5:f3:d1:98:83:bf:01:63:e8:f9:10:2c:92:f7:
b9:59:6b:ed:ea:b4:65:2b:18:d1:af:6c:83:61:43:
28:2d:40:9c:e5:d1:d8:18:de:3b:63:b4:77:99:a6:
1f:f0:67:8a:c9:ea:fc:74:7e:9c:65:eb:fe:e4:bb:
bd:9f:de:74:b9:dc:f5:1a:e2:64:f8:ca:7d:4e:8c:
d4:d3:bc:9b:b5:f7:8c:d2:cb:12:88:bf:46:80:13:
58:ba:71:08:9a:2e:a8:21:59:17:02:fb:c4:a6:2e:
25:93:c3:4b:c0:e7:0a:e0:38:e1:b7:3a:fc:53:64:
05:ec:8b:cd:5f:35:fa:30:10:fb:f6:d0:44:93:6b:
ba:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:D5:73:45:E2:FF:B1:4A:C2:65:31:51:F4:23:8C:21:8E:9F:81:49
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf9de9c-f37f-4256-bcd9-c7bf26e83e9a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.117.0.0/16
Signature Algorithm: sha256WithRSAEncryption
11:90:e5:92:34:fd:e1:60:af:37:ea:8e:f4:46:0d:2e:23:a3:
f3:f4:f8:e6:6a:c9:28:49:8b:cc:67:51:28:af:33:ff:c0:4b:
c4:b3:52:11:57:5a:6c:d5:26:7d:4c:2b:cb:b0:b2:4d:2f:dd:
32:b8:42:b7:13:03:45:a4:4a:52:89:1a:fe:1f:24:02:1c:0f:
fd:a9:85:df:7c:99:40:58:ab:66:4e:d9:19:aa:26:6d:ee:10:
ac:6c:9a:6d:9f:31:0c:4f:36:9f:de:6a:37:eb:37:fb:17:82:
e3:1d:d5:1e:07:5b:12:a6:da:90:4a:8d:e0:17:29:c8:04:fb:
fc:85:0d:3d:85:01:33:37:ae:06:9e:f4:ca:e9:60:a3:a6:30:
ef:20:a5:53:17:3b:e0:6a:fb:51:02:a5:d1:4c:e8:20:99:26:
4a:40:fa:89:80:03:0f:c7:a0:6b:cb:e5:3b:dd:c7:f7:7e:91:
2d:8f:6e:5f:2c:7f:29:c9:59:57:ae:d3:48:9a:15:44:b8:fc:
81:c7:53:04:b5:b9:bc:d0:db:c3:d0:cc:3e:2c:d2:fb:e5:b6:
57:31:1d:01:88:0c:6a:cb:89:41:5d:0e:8a:36:c2:6a:63:40:
a9:19:8e:ec:a6:aa:33:74:8a:33:43:c7:d6:ca:3c:34:a2:e6:
23:bb:8b:f8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUC4f0kqORA6ckoZfzeTfYtQxcaC4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1NGFjZWFiMTU2NGI4NjZiNTU5MTJhMzE1YTIyOWU2YjQyYTFkOWY4MTg0
YzkzZDU5YzJlZjMwNjhlNWQ4ZTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIuLz9SNgGLYMI8a1GUtQ+O4qgtLeM5bpLrREBSkZtH1hkGEBlPxiWVHdtfE
FiHuHGu89KBLEvq04JbyIo1ja0qzl0OeQZyDW+WyFDOiy1dJGNTcM49K1jz6XLdD
+uGWcFx2Jid2ywBY9lRGB0ZKIv85wEm4Y6dnt6Xz0ZiDvwFj6PkQLJL3uVlr7eq0
ZSsY0a9sg2FDKC1AnOXR2BjeO2O0d5mmH/Bnisnq/HR+nGXr/uS7vZ/edLnc9Rri
ZPjKfU6M1NO8m7X3jNLLEoi/RoATWLpxCJouqCFZFwL7xKYuJZPDS8DnCuA44bc6
/FNkBeyLzV81+jAQ+/bQRJNrugECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT51XNF
4v+xSsJlMVH0I4whjp+BSTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNmOWRlOWMtZjM3Zi00MjU2LWJjZDktYzdiZjI2ZTgzZTlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN1MA0G
CSqGSIb3DQEBCwUAA4IBAQARkOWSNP3hYK836o70Rg0uI6Pz9PjmaskoSYvMZ1Eo
rzP/wEvEs1IRV1ps1SZ9TCvLsLJNL90yuEK3EwNFpEpSiRr+HyQCHA/9qYXffJlA
WKtmTtkZqiZt7hCsbJptnzEMTzaf3mo36zf7F4LjHdUeB1sSptqQSo3gFynIBPv8
hQ09hQEzN64GnvTK6WCjpjDvIKVTFzvgavtRAqXRTOggmSZKQPqJgAMPx6Bry+U7
3cf3fpEtj25fLH8pyVlXrtNImhVEuPyBx1MEtbm80NvD0Mw+LNL75bZXMR0BiAxq
y4lBXQ6KNsJqY0CpGY7spqozdIozQ8fWyjw0ouYju4v4
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:40 2024 by rpki-client on console-ams.rpki-client.org