Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3113975a-2f82-4201-a061-176481f88265.roa
File: 3113975a-2f82-4201-a061-176481f88265.roa (raw, json)
Hash identifier: AcQ4e6ETvQu5ydDl9Vqboqb+uFr+FCcqp+H8Jv6fsA0=
Subject key identifier: B3:37:6D:D9:C2:44:6A:C1:78:C9:E7:F3:C2:F1:52:3B:52:C6:AC:19
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 023C00AF9722944F4A697FE6BFF8E7739A0CF586
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3113975a-2f82-4201-a061-176481f88265.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.180.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:3c:00:af:97:22:94:4f:4a:69:7f:e6:bf:f8:e7:73:9a:0c:f5:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=a00b2a5d68aeb6fcab8b5beeb9bd70a56e4653b87a5910e1d982ce5566d72b5e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ce:3c:48:e0:31:c5:cf:fb:91:f1:03:6d:c7:
0d:35:4a:ce:5f:ce:42:9c:2e:e5:90:e5:5e:dc:ad:
73:f2:b3:39:86:49:aa:15:46:c3:7d:53:48:de:0c:
dd:aa:78:de:b5:e5:6a:37:1b:23:c5:bf:1b:56:8a:
19:3a:48:b2:17:6e:8a:8a:f1:12:b0:dc:2e:c1:00:
89:89:51:cc:ec:e6:ae:40:89:50:7e:eb:d5:af:29:
f1:cb:ed:6a:b5:f5:23:f6:1f:c1:0d:27:fc:7c:d7:
a1:0f:16:b2:a7:fe:5d:65:cd:6b:f1:3f:4a:fb:0f:
22:23:6f:22:54:b1:a6:69:b7:5f:94:f8:d6:01:23:
e4:15:cf:c3:53:c6:46:26:ca:72:9f:cf:25:f6:e9:
21:96:fd:b8:00:fb:76:20:37:d8:c6:e3:88:70:7b:
02:a3:63:84:8d:cc:8d:08:8d:60:9e:4c:bf:72:c5:
82:e6:4c:f6:e0:b0:54:5b:4a:70:dc:40:01:a5:7b:
2b:0d:be:32:89:68:a4:2b:5f:e0:70:a7:5a:4e:74:
21:ea:ca:5c:71:cb:02:8f:f5:e4:ea:19:93:72:23:
f1:6a:49:55:d8:cc:ae:c3:de:3e:59:be:35:92:e3:
d9:72:f9:1a:0c:6c:8a:b0:05:1f:ed:e2:fc:70:73:
0c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:37:6D:D9:C2:44:6A:C1:78:C9:E7:F3:C2:F1:52:3B:52:C6:AC:19
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3113975a-2f82-4201-a061-176481f88265.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
68:49:64:7c:bc:be:3b:f8:1a:59:bb:a0:56:29:a6:57:0c:3a:
c3:58:1d:38:ee:57:dd:47:00:10:72:40:8d:99:ff:1b:82:e6:
45:bc:ec:41:63:dd:51:54:8f:cc:ae:7b:51:c6:ce:40:8c:98:
51:e3:42:f6:30:1e:65:66:f2:70:89:72:a3:de:54:2f:34:ea:
46:cd:66:7b:aa:27:8a:cf:bf:32:83:39:86:f8:08:f0:a0:14:
16:da:4c:47:23:8d:54:dd:92:b1:c8:c8:43:18:50:0f:63:b8:
ab:a2:f4:cd:42:ff:55:68:79:91:58:50:92:49:75:8a:e8:6c:
e4:bd:56:92:e5:d1:dd:05:69:b1:d2:9e:b9:b3:8d:49:64:f2:
b5:cc:b6:22:6c:14:9e:05:0f:0e:95:e4:7a:3a:f5:60:ac:53:
08:a6:83:2a:1c:36:3c:7a:94:7a:69:6e:e1:ad:4d:b6:16:1e:
c5:4f:05:8c:d2:b6:c0:c5:e1:0e:ba:f4:65:85:38:0a:16:58:
d6:3a:a2:b0:c3:0b:cc:8f:b6:6f:6d:e6:c9:20:68:f3:22:d1:
e9:e1:bf:b9:58:bc:6b:38:f8:2c:d9:f3:66:3f:13:f6:04:f1:
db:23:ac:16:ce:2c:b3:90:bc:7b:c0:42:4f:2f:0d:e5:7b:0f:
06:ed:de:e2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAjwAr5cilE9KaX/mv/jnc5oM9YYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwMGIyYTVkNjhhZWI2ZmNhYjhiNWJlZWI5YmQ3MGE1NmU0NjUzYjg3YTU5
MTBlMWQ5ODJjZTU1NjZkNzJiNWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMTOPEjgMcXP+5HxA23HDTVKzl/OQpwu5ZDlXtytc/KzOYZJqhVGw31TSN4M
3ap43rXlajcbI8W/G1aKGTpIshduiorxErDcLsEAiYlRzOzmrkCJUH7r1a8p8cvt
arX1I/YfwQ0n/HzXoQ8Wsqf+XWXNa/E/SvsPIiNvIlSxpmm3X5T41gEj5BXPw1PG
RibKcp/PJfbpIZb9uAD7diA32MbjiHB7AqNjhI3MjQiNYJ5Mv3LFguZM9uCwVFtK
cNxAAaV7Kw2+MolopCtf4HCnWk50IerKXHHLAo/15OoZk3Ij8WpJVdjMrsPePlm+
NZLj2XL5GgxsirAFH+3i/HBzDDkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSzN23Z
wkRqwXjJ5/PC8VI7UsasGTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzExMzk3NWEtMmY4Mi00MjAxLWEwNjEtMTc2NDgxZjg4MjY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G
CSqGSIb3DQEBCwUAA4IBAQBoSWR8vL47+BpZu6BWKaZXDDrDWB047lfdRwAQckCN
mf8bguZFvOxBY91RVI/MrntRxs5AjJhR40L2MB5lZvJwiXKj3lQvNOpGzWZ7qieK
z78ygzmG+AjwoBQW2kxHI41U3ZKxyMhDGFAPY7irovTNQv9VaHmRWFCSSXWK6Gzk
vVaS5dHdBWmx0p65s41JZPK1zLYibBSeBQ8OleR6OvVgrFMIpoMqHDY8epR6aW7h
rU22Fh7FTwWM0rbAxeEOuvRlhTgKFljWOqKwwwvMj7ZvbebJIGjzItHp4b+5WLxr
OPgs2fNmPxP2BPHbI6wWziyzkLx7wEJPLw3lew8G7d7i
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org