Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
File: 5b05d201-6089-4826-a4dd-c7a9d71bd900.roa (raw, json)
Hash identifier: dDlF0LpdCsBPTN092eYyZsOzdgR7xFUUYtnWnyoHqi8=
Subject key identifier: 7B:22:1F:56:C0:EF:E1:19:98:44:16:FA:76:A6:A3:0C:C0:7C:C3:9A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3BF94981E9787F68B55ECCF75FBA775ACBD20E29
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.102.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 17:37:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:f9:49:81:e9:78:7f:68:b5:5e:cc:f7:5f:ba:77:5a:cb:d2:0e:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=3fbd5cd944a3e1a7458857466cdb8b197e46b0c4fe727ad0888754569b967ce1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e9:1d:11:2a:b2:5a:e4:1a:ba:a6:01:d6:d7:
43:fb:68:80:45:85:bf:2a:72:1f:e3:8c:38:e4:ab:
de:73:5e:9c:5b:0b:0b:7f:bd:18:3d:4a:60:0d:3e:
f8:ba:d5:2f:15:4d:2f:87:e0:28:1c:9a:e4:7f:6d:
cd:87:23:27:c6:e2:38:7b:8b:a8:0f:18:39:bc:33:
02:98:6b:97:4e:85:d8:2f:69:3b:2e:f5:54:f6:40:
82:a0:9c:04:8e:2b:87:57:e5:20:49:e6:83:19:b2:
cd:d4:69:bf:a2:e9:af:8c:b6:39:0b:c9:5e:af:f6:
4e:ee:9b:6e:9e:0c:c5:03:71:be:7a:e5:31:fc:a1:
bf:16:f2:4d:3f:9b:74:f7:c8:53:d3:f5:ff:0b:3f:
34:36:9e:95:b9:4f:39:d9:31:26:03:6b:66:65:84:
bc:7d:d8:38:6c:35:8e:29:6e:cd:ac:23:d3:3e:fd:
bc:98:b0:61:89:d3:45:be:d9:6e:9c:ef:a2:04:1e:
a6:7b:93:fc:31:f0:e2:94:30:0e:db:ce:8e:1a:9c:
44:4a:55:0a:b9:e3:ab:7b:ec:cd:f4:e0:32:c5:fb:
60:2c:9f:c3:13:33:07:05:96:1e:d7:29:c7:d4:49:
24:28:e3:97:4e:24:93:7b:94:15:e5:e0:c2:0c:80:
ac:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:22:1F:56:C0:EF:E1:19:98:44:16:FA:76:A6:A3:0C:C0:7C:C3:9A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.102.0.0/16
Signature Algorithm: sha256WithRSAEncryption
71:e0:d4:72:73:95:a6:7b:04:27:36:01:20:b2:4a:93:8c:70:
86:07:be:7d:f4:60:25:44:3c:d9:0a:77:a1:2c:49:6f:09:56:
9e:86:46:ab:a9:ec:2f:03:73:95:75:a8:4e:59:62:1b:e1:03:
5a:4e:19:c1:e9:cb:13:6a:ed:6d:4a:d1:72:76:09:3f:34:6e:
91:32:a6:ec:8b:ea:43:f8:0e:b3:d7:bb:0a:11:38:2c:70:89:
48:67:d4:5a:0e:6b:93:27:58:fa:94:e8:50:da:b6:fe:77:c8:
ba:3b:78:1a:24:0b:eb:58:93:30:97:72:0b:66:70:f0:61:67:
81:9b:37:c2:d6:13:7f:2c:d6:b2:b5:44:02:81:36:92:6f:25:
0a:12:78:92:88:81:d0:a4:10:ea:e5:b2:54:20:cd:07:15:04:
48:ed:96:4d:d6:df:99:a7:4b:19:3c:21:8a:49:49:a8:5c:13:
53:97:87:85:2a:ed:7d:85:2f:4c:da:13:2c:43:31:4f:d0:4c:
6c:f5:53:1f:d8:2b:45:e3:94:c5:42:7e:6c:50:14:35:79:5a:
38:d8:78:b8:09:e1:57:fa:74:f1:ec:99:c8:46:1f:63:a5:86:
09:99:d8:b7:ab:81:cc:7e:f0:0b:42:f9:b5:1b:5f:04:6c:81:
17:aa:84:08
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUO/lJgel4f2i1Xsz3X7p3WsvSDikwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmYmQ1Y2Q5NDRhM2UxYTc0NTg4NTc0NjZjZGI4YjE5N2U0NmIwYzRmZTcy
N2FkMDg4ODc1NDU2OWI5NjdjZTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvpHREqslrkGrqmAdbXQ/togEWFvypyH+OMOOSr3nNenFsLC3+9GD1KYA0+
+LrVLxVNL4fgKBya5H9tzYcjJ8biOHuLqA8YObwzAphrl06F2C9pOy71VPZAgqCc
BI4rh1flIEnmgxmyzdRpv6Lpr4y2OQvJXq/2Tu6bbp4MxQNxvnrlMfyhvxbyTT+b
dPfIU9P1/ws/NDaelblPOdkxJgNrZmWEvH3YOGw1jiluzawj0z79vJiwYYnTRb7Z
bpzvogQepnuT/DHw4pQwDtvOjhqcREpVCrnjq3vszfTgMsX7YCyfwxMzBwWWHtcp
x9RJJCjjl04kk3uUFeXgwgyArIkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR7Ih9W
wO/hGZhEFvp2pqMMwHzDmjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWIwNWQyMDEtNjA4OS00ODI2LWE0ZGQtYzdhOWQ3MWJkOTAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNmMA0G
CSqGSIb3DQEBCwUAA4IBAQBx4NRyc5WmewQnNgEgskqTjHCGB7599GAlRDzZCneh
LElvCVaehkarqewvA3OVdahOWWIb4QNaThnB6csTau1tStFydgk/NG6RMqbsi+pD
+A6z17sKETgscIlIZ9RaDmuTJ1j6lOhQ2rb+d8i6O3gaJAvrWJMwl3ILZnDwYWeB
mzfC1hN/LNaytUQCgTaSbyUKEniSiIHQpBDq5bJUIM0HFQRI7ZZN1t+Zp0sZPCGK
SUmoXBNTl4eFKu19hS9M2hMsQzFP0Exs9VMf2CtF45TFQn5sUBQ1eVo42Hi4CeFX
+nTx7JnIRh9jpYYJmdi3q4HMfvALQvm1G18EbIEXqoQI
-----END CERTIFICATE-----
Generated at Wed May 1 00:35:45 2024 by rpki-client on console-ams.rpki-client.org