Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
File: 0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa (raw, json)
Hash identifier: qAAxqrMlv+TnxI37CJ9qAxkvLSkseTTDxvRD3V6cQ3c=
Subject key identifier: 39:98:83:D9:5C:06:3B:13:DC:56:AC:FC:6E:AD:32:9E:6F:EE:56:74
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2992F4A52C6815D184D043B6922263EA22294A1D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.100.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:92:f4:a5:2c:68:15:d1:84:d0:43:b6:92:22:63:ea:22:29:4a:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=179be7de69dcb0918122a098781cf77c54f9e6a53c81e852556e84aaf8596a67, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:59:05:03:1b:ce:f7:25:76:b9:97:48:b0:72:
98:2f:b3:c8:bb:dc:b6:39:e9:ca:36:a7:98:ae:c9:
0c:4f:01:69:11:4d:72:d7:d8:df:41:8f:19:9b:ee:
f2:6e:4f:8f:d1:0b:fe:5f:54:c3:83:8c:22:bb:c4:
50:88:d9:48:85:d1:ed:15:78:ac:30:c7:0c:be:de:
e0:f2:73:89:18:76:a9:fe:92:df:34:80:99:73:00:
9a:84:11:df:b4:cb:18:07:43:9c:9d:d6:62:cc:5f:
b0:5b:e4:df:0b:d8:e8:e4:0a:69:ff:98:c0:b9:de:
90:fd:b9:8d:d1:f9:2f:ff:f3:d0:20:d0:ea:93:4e:
c6:41:73:22:8e:17:39:93:5c:0e:b7:48:62:00:03:
38:af:77:ab:9e:71:b2:38:72:1f:a0:67:fa:0e:af:
79:88:c1:8e:30:43:83:16:ce:08:53:78:78:6b:e3:
47:a4:08:cd:8b:1b:d3:d4:91:8e:83:4a:17:75:30:
d6:16:4e:a6:34:3e:f1:88:20:37:c7:4c:03:e4:30:
67:38:52:2d:ec:71:30:6c:63:d3:16:1b:53:93:5b:
b3:d3:53:50:6b:ad:b7:99:0f:f1:eb:0d:21:b6:45:
36:91:96:d1:39:24:98:33:9a:92:0b:53:3c:d2:c0:
5c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:98:83:D9:5C:06:3B:13:DC:56:AC:FC:6E:AD:32:9E:6F:EE:56:74
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.100.0.0/15
Signature Algorithm: sha256WithRSAEncryption
99:24:ba:ff:80:92:33:84:ce:82:02:0c:12:70:4c:7b:97:48:
e9:ba:95:6d:dc:69:1c:23:8f:23:f6:d1:fc:79:cf:2a:c1:aa:
c3:65:de:0a:aa:08:62:25:cb:b2:19:3c:48:55:04:02:0b:98:
11:59:6f:fa:1b:2f:4e:c4:c4:82:da:1f:e7:c3:5b:28:4a:1b:
18:23:90:5d:da:14:69:b9:44:3f:86:a2:88:78:34:1e:f4:7c:
82:61:4b:08:7c:20:be:29:b3:94:a9:e5:44:30:fe:f1:c2:5f:
46:eb:33:b2:e8:4b:2b:c4:86:4b:aa:02:9f:b9:cc:15:d1:1d:
ba:9d:ab:6a:02:71:17:ed:9f:e1:5e:60:a1:17:79:e3:ba:12:
f7:22:17:d2:c0:da:51:51:9e:09:da:25:a0:ad:0d:6f:2d:39:
6a:18:85:59:e0:66:21:99:7c:48:64:e8:1c:24:cc:ff:d7:42:
a4:a5:10:b3:df:80:c9:e9:45:fa:ce:f0:48:06:23:56:0c:b4:
d7:06:97:4a:e2:7c:7c:e0:e1:65:7d:b2:dd:4a:37:55:00:c1:
2f:37:a2:09:08:49:9a:01:71:25:a5:1f:b8:0f:28:03:b7:ac:
3c:29:9c:4e:b2:92:7a:b3:0c:b4:09:fd:d6:b1:9a:82:ec:a4:
43:89:6d:d0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKZL0pSxoFdGE0EO2kiJj6iIpSh0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3OWJlN2RlNjlkY2IwOTE4MTIyYTA5ODc4MWNmNzdjNTRmOWU2YTUzYzgx
ZTg1MjU1NmU4NGFhZjg1OTZhNjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBZBQMbzvcldrmXSLBymC+zyLvctjnpyjanmK7JDE8BaRFNctfY30GPGZvu
8m5Pj9EL/l9Uw4OMIrvEUIjZSIXR7RV4rDDHDL7e4PJziRh2qf6S3zSAmXMAmoQR
37TLGAdDnJ3WYsxfsFvk3wvY6OQKaf+YwLnekP25jdH5L//z0CDQ6pNOxkFzIo4X
OZNcDrdIYgADOK93q55xsjhyH6Bn+g6veYjBjjBDgxbOCFN4eGvjR6QIzYsb09SR
joNKF3Uw1hZOpjQ+8YggN8dMA+QwZzhSLexxMGxj0xYbU5Nbs9NTUGutt5kP8esN
IbZFNpGW0TkkmDOakgtTPNLAXCECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ5mIPZ
XAY7E9xWrPxurTKeb+5WdDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGJmYTI1ZGQtMzE5Zi00ZjJkLWI3ODYtOGFiMTlkNThlODExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G
CSqGSIb3DQEBCwUAA4IBAQCZJLr/gJIzhM6CAgwScEx7l0jpupVt3GkcI48j9tH8
ec8qwarDZd4KqghiJcuyGTxIVQQCC5gRWW/6Gy9OxMSC2h/nw1soShsYI5Bd2hRp
uUQ/hqKIeDQe9HyCYUsIfCC+KbOUqeVEMP7xwl9G6zOy6EsrxIZLqgKfucwV0R26
natqAnEX7Z/hXmChF3njuhL3IhfSwNpRUZ4J2iWgrQ1vLTlqGIVZ4GYhmXxIZOgc
JMz/10KkpRCz34DJ6UX6zvBIBiNWDLTXBpdK4nx84OFlfbLdSjdVAMEvN6IJCEma
AXElpR+4DygDt6w8KZxOspJ6swy0Cf3WsZqC7KRDiW3Q
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:31 2023 by rpki-client on console-fra.rpki-client.org