Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
File: 09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa (raw, json)
Hash identifier: r0XHojPIz32I7UYKK4R4LyKDerwcYwRDy1YP4xZu118=
Subject key identifier: C4:E1:19:F6:0A:08:F6:02:1B:63:5E:7B:06:9C:8F:06:77:D1:C2:AD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4C28D1E333ABCC6F39B460353CEEBFB448DB9F9E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.122.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:28:d1:e3:33:ab:cc:6f:39:b4:60:35:3c:ee:bf:b4:48:db:9f:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=2f9263c3baae7163545ed052b244674798f9be24ff36781c67593a2606c2c400, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2f:40:50:32:e8:01:7e:3f:62:4b:d3:8b:19:
49:93:5f:7d:ad:5c:9f:8b:40:3b:76:90:cc:60:1f:
65:50:f1:24:94:cc:f2:64:c5:68:63:e7:2e:9f:38:
29:38:ef:46:ba:13:85:ac:d2:05:91:a9:51:1e:80:
94:f0:65:ae:3f:c1:43:bb:50:bb:5a:a0:8d:a5:b5:
3c:cf:97:c8:b8:e9:55:d2:00:b8:a3:0c:76:2a:f7:
33:b3:c6:5f:8f:b7:9a:fd:c6:26:e6:dd:d7:7f:20:
f5:3e:a0:10:e3:8c:ce:32:09:83:66:a9:79:25:a0:
01:d7:76:4a:00:bb:e0:14:5a:6e:33:b3:f4:29:65:
f0:73:34:4b:be:c5:30:90:43:d4:9f:6f:57:ee:e9:
bf:53:82:f7:c3:16:f9:e3:ae:46:bd:54:23:9b:72:
85:a6:0d:28:64:d4:5c:33:3c:30:87:9e:69:2f:3d:
f1:ab:1c:60:8c:62:0a:1c:98:c4:cb:ec:c7:62:51:
7a:ac:cc:57:78:4f:97:65:2a:23:db:27:91:be:9a:
fa:7a:7b:81:67:84:31:5e:a7:7c:c2:d0:53:c1:94:
4d:17:59:55:41:70:0c:df:37:2b:cb:50:ca:99:0f:
8b:e0:43:c3:e4:e5:b4:1e:7f:9a:62:7e:33:0e:2a:
d4:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E1:19:F6:0A:08:F6:02:1B:63:5E:7B:06:9C:8F:06:77:D1:C2:AD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.122.0.0/15
Signature Algorithm: sha256WithRSAEncryption
cf:a7:26:52:d8:b9:16:aa:23:24:0e:5b:c2:4e:8b:d5:3e:06:
0b:3c:16:f3:46:ff:22:9a:3f:5e:2c:43:bb:4e:17:d6:e2:10:
66:5f:5e:d3:7b:0b:56:19:ed:0d:f3:97:03:ee:51:14:d0:da:
6c:fb:a2:b8:26:2b:a1:45:73:60:96:39:1b:df:ea:93:ee:a0:
12:e4:f6:b8:81:2d:6b:53:8c:53:22:11:b0:2c:62:59:f9:14:
9c:34:f3:86:ad:44:ce:11:f3:c2:10:0c:56:e5:22:30:89:0f:
76:38:3d:e5:19:0f:21:5b:14:45:01:6a:00:f6:bf:9c:39:7f:
e0:86:30:ed:c3:d1:67:8b:f6:aa:f2:1f:6b:1a:c7:4c:e8:da:
5e:b5:c4:e5:50:ef:da:8a:59:fd:38:2c:4b:25:cd:86:5a:d4:
98:2f:67:56:77:cb:99:43:d0:8c:a7:3b:c8:aa:d4:8c:27:01:
bc:18:c7:a4:65:fb:62:1d:dc:87:b3:f4:c2:95:4f:36:ae:7e:
13:43:43:1d:f1:3b:99:22:90:4b:11:ab:47:d7:65:35:15:4c:
60:1b:43:b4:fb:65:6b:6c:f4:d9:65:69:58:27:75:a2:b0:e9:
40:a6:fe:ab:e5:b2:90:9c:44:82:a1:8e:ac:a9:53:f3:d8:53:
51:33:16:b4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTCjR4zOrzG85tGA1PO6/tEjbn54wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmOTI2M2MzYmFhZTcxNjM1NDVlZDA1MmIyNDQ2NzQ3OThmOWJlMjRmZjM2
NzgxYzY3NTkzYTI2MDZjMmM0MDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANQvQFAy6AF+P2JL04sZSZNffa1cn4tAO3aQzGAfZVDxJJTM8mTFaGPnLp84
KTjvRroThazSBZGpUR6AlPBlrj/BQ7tQu1qgjaW1PM+XyLjpVdIAuKMMdir3M7PG
X4+3mv3GJubd138g9T6gEOOMzjIJg2apeSWgAdd2SgC74BRabjOz9Cll8HM0S77F
MJBD1J9vV+7pv1OC98MW+eOuRr1UI5tyhaYNKGTUXDM8MIeeaS898ascYIxiChyY
xMvsx2JReqzMV3hPl2UqI9snkb6a+np7gWeEMV6nfMLQU8GUTRdZVUFwDN83K8tQ
ypkPi+BDw+TltB5/mmJ+Mw4q1IECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTE4Rn2
Cgj2AhtjXnsGnI8Gd9HCrTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDllYzk3Y2EtMDQ0ZS00Nzg1LWJkZDQtZmNmOWU4ZDUxNGNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN6MA0G
CSqGSIb3DQEBCwUAA4IBAQDPpyZS2LkWqiMkDlvCTovVPgYLPBbzRv8imj9eLEO7
ThfW4hBmX17TewtWGe0N85cD7lEU0Nps+6K4JiuhRXNgljkb3+qT7qAS5Pa4gS1r
U4xTIhGwLGJZ+RScNPOGrUTOEfPCEAxW5SIwiQ92OD3lGQ8hWxRFAWoA9r+cOX/g
hjDtw9Fni/aq8h9rGsdM6NpetcTlUO/ailn9OCxLJc2GWtSYL2dWd8uZQ9CMpzvI
qtSMJwG8GMekZftiHdyHs/TClU82rn4TQ0Md8TuZIpBLEatH12U1FUxgG0O0+2Vr
bPTZZWlYJ3WisOlApv6r5bKQnESCoY6sqVPz2FNRMxa0
-----END CERTIFICATE-----
Generated at Fri Sep 8 16:38:26 2023 by rpki-client on console-fra.rpki-client.org