Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0f648163-e886-4951-999f-6a050d9c305f.roa
File: 0f648163-e886-4951-999f-6a050d9c305f.roa (raw, json)
Hash identifier: FtPWEUfFwEXgqQWWWVlXveu1+uZZsNvW3cYXWTSWHn0=
Subject key identifier: B8:4D:EF:86:23:C9:D1:74:FC:46:51:D6:31:34:93:80:7A:6C:67:44
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 71F7591A801E7404676D714608AE1F55F8F97083
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0f648163-e886-4951-999f-6a050d9c305f.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:f7:59:1a:80:1e:74:04:67:6d:71:46:08:ae:1f:55:f8:f9:70:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=237fcfb5765453e0192c9710bdc1a7a102c34bb9629d50b475eef4f57c1cb531, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8c:d0:30:14:da:1e:7d:02:4f:10:22:5d:a3:
82:71:53:7e:1b:3c:c9:cb:21:fd:e1:9e:90:ba:6c:
39:5b:28:61:15:ac:0b:42:1c:12:59:b5:7c:0d:c9:
d8:e4:c8:7a:36:83:a9:cf:68:d9:34:c9:68:87:99:
17:1e:dd:79:8f:0e:1e:b7:26:e0:cb:1c:e0:5c:60:
bc:f2:33:11:6a:d4:c8:b2:a4:00:36:76:28:d6:2f:
f7:6f:10:71:40:b0:5b:64:32:61:fa:57:d2:43:89:
2d:02:91:df:44:09:25:f6:9f:86:af:44:d8:3d:ce:
99:56:8b:8e:8c:90:74:5e:bd:71:7d:dd:d1:56:66:
cb:0f:ed:f4:76:74:52:b4:2a:7e:b7:e3:b0:03:81:
f7:f5:8c:b3:54:8b:93:4a:6a:eb:95:aa:08:81:5b:
10:19:1f:f4:63:67:32:d3:4d:42:19:f3:50:32:d2:
81:f9:2a:2b:6a:ef:18:19:65:60:38:05:6c:98:5e:
c1:73:d4:9e:be:74:a7:9c:06:da:79:e0:6d:53:c9:
5f:e4:a9:ed:01:f7:85:92:ec:4f:98:36:ee:75:fa:
25:79:da:2d:e4:ea:a8:76:ac:93:12:a6:92:ef:24:
47:5c:1f:0c:e4:80:fe:d3:3b:45:b0:d0:ff:ed:9b:
34:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:4D:EF:86:23:C9:D1:74:FC:46:51:D6:31:34:93:80:7A:6C:67:44
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0f648163-e886-4951-999f-6a050d9c305f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2b:68:aa:30:c8:81:f7:0e:c6:49:72:57:3d:29:0c:35:13:e0:
3f:56:fc:02:8e:b1:c5:3f:af:35:68:88:ad:ab:65:26:5a:03:
7f:22:69:2d:5f:23:78:b6:be:d3:41:f2:a4:a1:ce:55:56:a9:
c1:a2:52:9a:7b:ab:a8:9d:d8:67:a9:1a:eb:27:19:49:13:67:
49:20:e0:20:14:88:27:c0:f5:91:8e:58:33:b6:37:ce:0f:70:
20:1d:a7:1d:17:78:cb:a6:69:fc:e3:0d:cf:68:df:c8:58:e6:
34:0b:b5:3d:07:5f:6f:4c:0d:cd:a6:70:94:70:31:b8:2d:42:
e0:3e:8e:4f:82:ac:1f:69:12:dd:3a:30:e2:71:83:a3:2c:4b:
d9:93:25:44:c5:22:a4:99:a8:58:8e:60:c4:d0:2b:c6:a2:f4:
0b:c4:01:78:2a:9a:81:78:28:31:0f:77:88:a8:25:39:bd:05:
9b:ab:50:23:79:0b:59:80:91:2a:29:bd:f6:9e:b8:74:32:22:
84:5e:13:8a:69:57:42:a1:17:87:a8:21:d8:66:71:37:57:f5:
33:dd:4f:4c:af:4c:c8:8a:02:0f:0b:1b:df:aa:cb:dc:d2:10:
4b:a9:8a:b0:5f:ca:56:c9:19:3a:52:91:c1:b1:07:14:10:e5:
a3:1e:7b:ff
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcfdZGoAedARnbXFGCK4fVfj5cIMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzN2ZjZmI1NzY1NDUzZTAxOTJjOTcxMGJkYzFhN2ExMDJjMzRiYjk2Mjlk
NTBiNDc1ZWVmNGY1N2MxY2I1MzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKuM0DAU2h59Ak8QIl2jgnFTfhs8ycsh/eGekLpsOVsoYRWsC0IcElm1fA3J
2OTIejaDqc9o2TTJaIeZFx7deY8OHrcm4Msc4FxgvPIzEWrUyLKkADZ2KNYv928Q
cUCwW2QyYfpX0kOJLQKR30QJJfafhq9E2D3OmVaLjoyQdF69cX3d0VZmyw/t9HZ0
UrQqfrfjsAOB9/WMs1SLk0pq65WqCIFbEBkf9GNnMtNNQhnzUDLSgfkqK2rvGBll
YDgFbJhewXPUnr50p5wG2nngbVPJX+Sp7QH3hZLsT5g27nX6JXnaLeTqqHaskxKm
ku8kR1wfDOSA/tM7RbDQ/+2bNDcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS4Te+G
I8nRdPxGUdYxNJOAemxnRDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGY2NDgxNjMtZTg4Ni00OTUxLTk5OWYtNmEwNTBkOWMzMDVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMAMA0G
CSqGSIb3DQEBCwUAA4IBAQAraKowyIH3DsZJclc9KQw1E+A/VvwCjrHFP681aIit
q2UmWgN/ImktXyN4tr7TQfKkoc5VVqnBolKae6uondhnqRrrJxlJE2dJIOAgFIgn
wPWRjlgztjfOD3AgHacdF3jLpmn84w3PaN/IWOY0C7U9B19vTA3NpnCUcDG4LULg
Po5PgqwfaRLdOjDicYOjLEvZkyVExSKkmahYjmDE0CvGovQLxAF4KpqBeCgxD3eI
qCU5vQWbq1AjeQtZgJEqKb32nrh0MiKEXhOKaVdCoReHqCHYZnE3V/Uz3U9Mr0zI
igIPCxvfqsvc0hBLqYqwX8pWyRk6UpHBsQcUEOWjHnv/
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:31 2023 by rpki-client on console-fra.rpki-client.org