Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b7d2dc9-a8a3-4f79-b9fd-1aacf4f4373a.roa
File: 3b7d2dc9-a8a3-4f79-b9fd-1aacf4f4373a.roa (raw, json)
Hash identifier: sN+NhFiPM9VpcexJWe+pOwkmfUXPBjAjrlQ7IqrZ6Mk=
Subject key identifier: 55:A5:A8:71:BC:D4:0F:B9:45:D0:2E:F2:D7:F0:44:53:34:BF:BB:F5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 618FDDB194B9F1436F338463805F7F3382DC3482
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b7d2dc9-a8a3-4f79-b9fd-1aacf4f4373a.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.108.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:8f:dd:b1:94:b9:f1:43:6f:33:84:63:80:5f:7f:33:82:dc:34:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=302fd7137178070ca3aecf5fd752f1d9d4ef0aeb19b6bb342954087e4b546721, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:52:96:3e:54:28:5c:b6:1d:20:1d:59:fc:06:
d4:06:8e:ab:5e:ad:c2:7a:2f:82:77:19:66:f5:c6:
8e:89:9e:06:2f:be:ba:40:3e:10:14:9a:ef:c2:f2:
9c:5c:12:ec:9c:76:cc:89:ba:ea:ef:85:93:b0:0f:
f2:42:2e:97:49:0e:2c:ad:16:19:76:31:eb:26:83:
75:8b:15:15:97:0e:a8:0d:21:1c:e3:04:69:ea:37:
64:1b:52:1e:b5:81:2c:90:96:0e:81:77:e0:78:03:
86:d0:e3:f5:1d:60:e7:7e:3b:cf:40:88:e6:23:d6:
06:3f:db:7c:4a:8d:02:f3:7b:07:45:71:90:93:cb:
75:9a:f9:8e:5e:81:ab:15:99:c2:7c:23:20:ca:10:
00:f2:1c:9c:1b:b8:16:88:a6:b5:92:72:1f:64:10:
2d:b6:f5:40:9a:6a:b6:9e:29:4e:e3:45:4e:ab:bb:
07:b7:27:c2:50:ed:49:98:3f:e6:85:46:d2:e0:88:
75:ba:d9:68:92:69:6d:1e:99:a9:06:68:73:80:8e:
03:ae:a0:31:8b:68:4e:d4:c0:ea:10:67:da:58:ee:
c0:f8:70:7e:b1:50:93:a7:84:43:1d:08:08:f5:6b:
19:06:6f:29:e7:30:d5:08:72:4e:d5:29:3d:6c:f0:
db:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:A5:A8:71:BC:D4:0F:B9:45:D0:2E:F2:D7:F0:44:53:34:BF:BB:F5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b7d2dc9-a8a3-4f79-b9fd-1aacf4f4373a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.108.0.0/16
Signature Algorithm: sha256WithRSAEncryption
29:69:45:b9:c7:b4:39:3b:cd:8a:c0:e9:85:2f:12:4b:98:41:
d4:d0:e6:81:9a:43:d4:49:42:fb:57:af:b8:60:e4:ed:df:71:
13:03:2f:42:19:69:16:f0:08:d6:61:21:a0:cf:f6:bc:5b:d5:
95:8c:04:bc:ea:e6:ab:1a:2c:20:df:de:d2:52:4b:f6:f2:13:
36:ae:31:1e:df:df:54:5d:f4:8e:73:dc:93:c3:79:e9:ae:b0:
df:ca:7b:bc:9a:d8:fc:fc:42:f9:ac:04:c5:65:99:ae:02:e6:
c7:02:06:2f:23:28:52:35:e1:2c:a8:90:f9:80:4d:ab:88:7c:
d7:b9:6e:a5:db:31:c4:7b:64:93:16:9d:4a:c9:92:86:55:e0:
34:15:3b:8d:2a:03:ef:03:58:7b:f5:7a:80:c4:c9:82:8e:73:
a1:57:e2:da:82:45:7c:0d:35:60:3d:f3:bf:b1:54:a3:3d:7d:
1a:96:5e:2e:2f:b2:4a:7e:50:b8:b2:a0:50:06:a4:de:43:a9:
5b:98:52:9f:21:d4:ea:40:cc:81:64:8d:2e:53:c7:86:b7:2e:
fc:13:79:b5:a3:a7:45:c6:ff:84:40:e2:91:35:8a:05:28:9e:
56:42:09:ee:de:7b:82:80:10:eb:97:56:cb:dd:31:0d:3b:51:
f8:b4:78:76
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYY/dsZS58UNvM4RjgF9/M4LcNIIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwMmZkNzEzNzE3ODA3MGNhM2FlY2Y1ZmQ3NTJmMWQ5ZDRlZjBhZWIxOWI2
YmIzNDI5NTQwODdlNGI1NDY3MjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOpSlj5UKFy2HSAdWfwG1AaOq16twnovgncZZvXGjomeBi++ukA+EBSa78Ly
nFwS7Jx2zIm66u+Fk7AP8kIul0kOLK0WGXYx6yaDdYsVFZcOqA0hHOMEaeo3ZBtS
HrWBLJCWDoF34HgDhtDj9R1g5347z0CI5iPWBj/bfEqNAvN7B0VxkJPLdZr5jl6B
qxWZwnwjIMoQAPIcnBu4FoimtZJyH2QQLbb1QJpqtp4pTuNFTqu7B7cnwlDtSZg/
5oVG0uCIdbrZaJJpbR6ZqQZoc4COA66gMYtoTtTA6hBn2ljuwPhwfrFQk6eEQx0I
CPVrGQZvKecw1QhyTtUpPWzw270CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRVpahx
vNQPuUXQLvLX8ERTNL+79TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2I3ZDJkYzktYThhMy00Zjc5LWI5ZmQtMWFhY2Y0ZjQzNzNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNsMA0G
CSqGSIb3DQEBCwUAA4IBAQApaUW5x7Q5O82KwOmFLxJLmEHU0OaBmkPUSUL7V6+4
YOTt33ETAy9CGWkW8AjWYSGgz/a8W9WVjAS86uarGiwg397SUkv28hM2rjEe399U
XfSOc9yTw3nprrDfynu8mtj8/EL5rATFZZmuAubHAgYvIyhSNeEsqJD5gE2riHzX
uW6l2zHEe2STFp1KyZKGVeA0FTuNKgPvA1h79XqAxMmCjnOhV+LagkV8DTVgPfO/
sVSjPX0all4uL7JKflC4sqBQBqTeQ6lbmFKfIdTqQMyBZI0uU8eGty78E3m1o6dF
xv+EQOKRNYoFKJ5WQgnu3nuCgBDrl1bL3TENO1H4tHh2
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org