Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/20422b97-bbd3-43a5-bd9e-56380296a638.roa
File: 20422b97-bbd3-43a5-bd9e-56380296a638.roa (raw, json)
Hash identifier: M+IzLsKKc6d4MMj+SJKWTvp0rewHG/GC0nV5wb/uzgc=
Subject key identifier: BD:27:0D:EF:23:10:45:86:8D:CE:DF:42:83:3E:20:CC:28:44:A9:4A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1456DC8D3124C0FAC48914A49F034532008633C8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/20422b97-bbd3-43a5-bd9e-56380296a638.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.236.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:56:dc:8d:31:24:c0:fa:c4:89:14:a4:9f:03:45:32:00:86:33:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=729851f922e8482cb2846f560cbb0e3dd3f6520afe21f6ca76eee393eee2e247, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:23:e1:0f:5f:bf:d8:bb:f4:12:a3:5b:da:16:
15:97:6f:27:08:1a:41:97:a7:0f:d6:ad:82:b4:af:
c5:ff:ee:82:a0:83:0b:dc:68:b1:19:e8:ec:bc:8b:
02:c2:9a:b1:8b:1e:a9:4f:bc:42:7d:76:ab:ac:26:
1e:93:ff:58:23:d5:43:a3:8c:c0:6a:70:25:f5:7e:
7d:80:4b:8a:03:48:d1:55:f8:74:17:ad:76:1a:d7:
4f:51:df:fb:33:f7:12:e5:f6:ce:8f:5c:0c:43:ff:
f4:1f:15:3a:14:71:3e:70:0e:56:d6:75:f2:09:31:
1a:5c:74:2b:95:7a:9f:b9:7f:f8:76:6f:9e:39:4b:
c6:4c:f9:68:ad:49:01:88:78:d4:77:1a:34:4c:7e:
2a:d8:0c:ea:bb:8c:df:37:fe:32:08:46:9d:01:a6:
54:10:74:64:18:86:a4:e2:aa:37:30:a0:64:d5:f1:
18:6c:b5:83:0a:7f:b0:9d:c8:67:a5:45:51:b7:3f:
61:99:d8:6a:b0:99:97:08:28:10:67:5e:e4:9c:d6:
ab:1f:e0:e8:f8:fe:2f:e6:f3:93:ad:80:7f:4f:d5:
e6:71:f0:5f:48:0e:38:e8:34:fe:1b:38:9e:d8:83:
df:ff:bc:9f:62:71:eb:76:47:d2:f0:6e:22:9e:1c:
7f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:27:0D:EF:23:10:45:86:8D:CE:DF:42:83:3E:20:CC:28:44:A9:4A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/20422b97-bbd3-43a5-bd9e-56380296a638.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.236.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2c:13:33:92:90:63:6d:fa:97:a5:e1:f4:23:a6:a7:4f:35:e9:
54:6a:4a:c3:bc:81:ad:63:87:e5:77:42:36:39:ad:73:a9:61:
6a:9f:8f:c6:dc:09:5a:44:51:5c:aa:59:05:a8:e6:ed:f8:1f:
79:90:29:34:a8:01:52:03:8f:94:e4:66:d2:c7:32:4c:81:79:
83:7b:56:92:94:08:49:f9:42:b3:41:fb:70:cf:48:97:87:dc:
7a:58:90:19:74:ee:41:4a:93:f2:65:85:2b:1d:e4:4f:bc:e4:
e0:ca:28:28:92:d6:aa:dd:9e:25:0f:8c:71:97:fc:bb:16:8a:
db:7a:23:a9:64:60:95:f0:e9:12:5e:ff:f8:d5:a1:01:c4:9f:
09:96:1c:77:12:54:87:7a:96:36:fe:8d:e8:55:3f:70:8a:58:
a8:84:15:01:ab:12:be:ca:0e:12:99:e0:65:7d:e4:cc:17:8f:
93:d8:b6:7a:57:5c:7f:a4:76:94:a4:dc:02:6e:16:10:83:a6:
52:1f:95:58:e2:6a:8c:be:27:ac:8b:fa:4c:e2:c0:76:f8:79:
82:a4:e0:a8:70:ae:86:56:35:a7:19:a3:47:47:3a:d5:ea:c3:
62:1a:f9:72:c1:22:73:10:19:07:0e:00:c1:d8:88:0f:0f:b8:
7e:77:a2:19
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFFbcjTEkwPrEiRSknwNFMgCGM8gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyOTg1MWY5MjJlODQ4MmNiMjg0NmY1NjBjYmIwZTNkZDNmNjUyMGFmZTIx
ZjZjYTc2ZWVlMzkzZWVlMmUyNDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsj4Q9fv9i79BKjW9oWFZdvJwgaQZenD9atgrSvxf/ugqCDC9xosRno7LyL
AsKasYseqU+8Qn12q6wmHpP/WCPVQ6OMwGpwJfV+fYBLigNI0VX4dBetdhrXT1Hf
+zP3EuX2zo9cDEP/9B8VOhRxPnAOVtZ18gkxGlx0K5V6n7l/+HZvnjlLxkz5aK1J
AYh41HcaNEx+KtgM6ruM3zf+MghGnQGmVBB0ZBiGpOKqNzCgZNXxGGy1gwp/sJ3I
Z6VFUbc/YZnYarCZlwgoEGde5JzWqx/g6Pj+L+bzk62Af0/V5nHwX0gOOOg0/hs4
ntiD3/+8n2Jx63ZH0vBuIp4cfx8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS9Jw3v
IxBFho3O30KDPiDMKESpSjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjA0MjJiOTctYmJkMy00M2E1LWJkOWUtNTYzODAyOTZhNjM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPsMA0G
CSqGSIb3DQEBCwUAA4IBAQAsEzOSkGNt+pel4fQjpqdPNelUakrDvIGtY4fld0I2
Oa1zqWFqn4/G3AlaRFFcqlkFqObt+B95kCk0qAFSA4+U5GbSxzJMgXmDe1aSlAhJ
+UKzQftwz0iXh9x6WJAZdO5BSpPyZYUrHeRPvOTgyigoktaq3Z4lD4xxl/y7Forb
eiOpZGCV8OkSXv/41aEBxJ8Jlhx3ElSHepY2/o3oVT9wiliohBUBqxK+yg4SmeBl
feTMF4+T2LZ6V1x/pHaUpNwCbhYQg6ZSH5VY4mqMviesi/pM4sB2+HmCpOCocK6G
VjWnGaNHRzrV6sNiGvlywSJzEBkHDgDB2IgPD7h+d6IZ
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:27 2024 by rpki-client on console-ams.rpki-client.org