Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
File: ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa (raw, json)
Hash identifier: iCfAGGdMJZVcCdiotYiRB/KOPGDEQouSMH1cdbkpK74=
Subject key identifier: 74:58:3B:75:61:B9:E0:27:3F:DF:CB:3F:5C:86:ED:28:49:32:3E:4B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 021B39D0A6A6B0D94DAE70D4CB630AF62032BFDA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.200.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:1b:39:d0:a6:a6:b0:d9:4d:ae:70:d4:cb:63:0a:f6:20:32:bf:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=17f5ced813e5121b2bbee10dcbd913546c9ab214dd1cfb6eb3c44966c8cd6674, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:55:ab:87:2e:a5:59:18:93:0e:e9:ba:53:d0:
4e:ba:a9:86:c3:c5:9e:e5:17:5c:f1:37:cb:0c:e1:
50:d4:dd:44:02:f1:fa:f4:dc:ff:c7:15:0e:a7:8a:
38:3e:3e:ba:1d:68:ee:00:47:4a:5d:55:ef:3a:13:
5c:5c:b9:de:66:5b:31:c5:c2:9f:96:9b:c0:6a:b1:
29:6d:12:11:59:c4:0d:66:33:02:e4:fe:77:bb:74:
81:77:34:6f:0b:99:fe:b0:62:25:66:3a:a5:52:ad:
27:2b:d4:76:78:d3:53:1e:e4:94:1c:24:2d:62:bc:
52:f4:1a:29:a9:73:c6:8e:ed:b2:97:be:6c:22:11:
02:79:6b:22:c3:c4:c6:75:3f:a6:dd:5d:af:8a:e0:
f3:5f:07:76:96:d9:86:dc:e2:9a:c0:f8:c3:a5:26:
f8:fc:84:9e:5c:25:20:9d:ea:a1:c9:fd:05:bf:5a:
0f:e0:c6:ec:01:66:70:0f:08:d1:49:13:62:11:39:
a2:42:8e:d8:2c:a4:e7:ed:b3:fd:fe:d5:08:c3:49:
5a:1a:28:02:c6:d1:a4:3c:3b:96:a5:24:e2:74:8f:
b2:8d:62:d8:e5:40:6d:3f:90:05:45:b4:4c:4c:fb:
05:46:77:5d:d1:83:d1:74:cc:af:52:70:24:7b:00:
aa:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:58:3B:75:61:B9:E0:27:3F:DF:CB:3F:5C:86:ED:28:49:32:3E:4B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.200.0.0/15
Signature Algorithm: sha256WithRSAEncryption
84:05:ab:b7:76:86:bc:f7:59:9f:d3:7e:40:d9:5f:90:43:1d:
c8:02:51:66:b7:2c:99:22:e2:46:7c:33:f7:ef:32:84:e2:e1:
25:36:63:b4:58:84:ba:a0:b0:49:b1:60:40:a7:25:08:5f:36:
75:c7:f8:23:93:db:8d:c0:d3:22:80:84:59:eb:a3:30:f0:fc:
be:b3:82:d3:25:83:28:3d:05:19:49:30:ec:6f:2c:ed:36:2a:
70:f3:45:b6:a3:43:5b:93:78:f2:d0:6d:1e:77:e1:7d:bd:fd:
c0:90:78:36:fd:9f:4b:02:81:6a:c5:ad:48:4c:cb:67:25:34:
8a:6a:44:85:01:22:0c:09:eb:9b:4f:6f:ce:f8:a0:01:a6:ed:
7f:1a:94:b0:95:20:ac:d9:47:c6:ea:fb:e0:bf:85:a5:a7:9f:
41:74:f2:6c:25:01:6d:42:a8:46:1a:aa:59:5a:69:b8:1e:55:
7f:a3:af:a1:3c:53:1a:f0:d3:53:c3:7f:aa:f1:7b:40:9b:1c:
32:bc:3c:e2:fd:ac:ab:7e:e0:b7:fa:e3:de:5d:ff:fc:58:82:
1e:f6:e6:e5:69:0d:e1:f7:0c:cd:30:38:c9:6e:5b:c7:8f:58:
c4:38:75:94:68:dc:98:da:5d:8e:bc:b3:54:2e:b2:25:e0:eb:
4b:33:f4:bb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAhs50KamsNlNrnDUy2MK9iAyv9owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3ZjVjZWQ4MTNlNTEyMWIyYmJlZTEwZGNiZDkxMzU0NmM5YWIyMTRkZDFj
ZmI2ZWIzYzQ0OTY2YzhjZDY2NzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANZVq4cupVkYkw7pulPQTrqphsPFnuUXXPE3ywzhUNTdRALx+vTc/8cVDqeK
OD4+uh1o7gBHSl1V7zoTXFy53mZbMcXCn5abwGqxKW0SEVnEDWYzAuT+d7t0gXc0
bwuZ/rBiJWY6pVKtJyvUdnjTUx7klBwkLWK8UvQaKalzxo7tspe+bCIRAnlrIsPE
xnU/pt1dr4rg818HdpbZhtzimsD4w6Um+PyEnlwlIJ3qocn9Bb9aD+DG7AFmcA8I
0UkTYhE5okKO2Cyk5+2z/f7VCMNJWhooAsbRpDw7lqUk4nSPso1i2OVAbT+QBUW0
TEz7BUZ3XdGD0XTMr1JwJHsAqqECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR0WDt1
YbngJz/fyz9chu0oSTI+SzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNmYTNjMTMtY2JhOS00NTI5LTg0Y2YtN2I2YmY4ZTVjZDRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G
CSqGSIb3DQEBCwUAA4IBAQCEBau3doa891mf035A2V+QQx3IAlFmtyyZIuJGfDP3
7zKE4uElNmO0WIS6oLBJsWBApyUIXzZ1x/gjk9uNwNMigIRZ66Mw8Py+s4LTJYMo
PQUZSTDsbyztNipw80W2o0Nbk3jy0G0ed+F9vf3AkHg2/Z9LAoFqxa1ITMtnJTSK
akSFASIMCeubT2/O+KABpu1/GpSwlSCs2UfG6vvgv4Wlp59BdPJsJQFtQqhGGqpZ
Wmm4HlV/o6+hPFMa8NNTw3+q8XtAmxwyvDzi/ayrfuC3+uPeXf/8WIIe9ublaQ3h
9wzNMDjJblvHj1jEOHWUaNyY2l2OvLNULrIl4OtLM/S7
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:43 2024 by rpki-client on console-fra.rpki-client.org