Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/62b77dbe-d122-43ba-a2b6-ab9120df0176.roa
File: 62b77dbe-d122-43ba-a2b6-ab9120df0176.roa (raw, json)
Hash identifier: 0K37qc+ZglWFRYMKWTGW5/FYX/FKd+92tTkv7jyOeEA=
Subject key identifier: 16:D0:0F:CE:BA:75:8E:A8:7B:3F:BB:9A:70:0C:4A:CB:9A:F6:69:20
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3FE429851BD69855228444F4EFBA4DD77655EA4A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/62b77dbe-d122-43ba-a2b6-ab9120df0176.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.96.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:e4:29:85:1b:d6:98:55:22:84:44:f4:ef:ba:4d:d7:76:55:ea:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=2f391c6bb91174432575e62570ce93fcd087ad494d85cc8362cb693fc5b6087d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b2:5d:84:e5:b2:11:57:a1:71:6c:2f:44:34:
d5:2b:91:c8:14:38:f0:5b:d6:f6:6d:b5:1c:74:9c:
06:3a:d6:3a:b7:1d:90:18:95:5a:76:df:4f:48:4a:
49:23:c7:01:4b:44:70:3f:a7:eb:4a:57:6a:cb:fc:
4d:8f:67:8b:74:7c:cd:46:21:c1:39:03:b8:17:e5:
02:6d:03:05:e1:80:dc:3f:2d:83:23:4c:90:20:c4:
c9:e2:c1:d5:ee:f5:27:f3:22:ef:57:12:d1:c3:f0:
dc:62:3f:a4:fd:2a:5d:ae:74:d4:5b:8b:6d:e3:d3:
c3:9b:65:48:7a:6d:20:12:99:c2:a1:04:49:9a:0e:
04:24:c8:15:a1:67:03:ff:7c:72:ef:53:ac:a7:71:
c7:e6:7f:20:dd:0d:31:04:d0:37:71:a7:d6:62:31:
db:77:3a:5b:a7:b2:ad:27:b6:49:5a:3e:d6:c0:70:
af:c4:49:61:a0:b3:a5:7f:00:0c:ab:5c:d1:49:80:
56:21:8c:86:5f:6f:a9:1a:12:c1:fc:e1:4a:4a:32:
54:7b:cd:62:77:9c:d2:a4:9c:9b:fc:15:1f:52:75:
c0:5a:49:58:ef:39:aa:f0:40:d0:90:3a:ec:c9:d4:
5c:07:1b:26:03:6b:a5:db:3a:fd:df:45:ad:70:27:
30:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:D0:0F:CE:BA:75:8E:A8:7B:3F:BB:9A:70:0C:4A:CB:9A:F6:69:20
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/62b77dbe-d122-43ba-a2b6-ab9120df0176.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/14
Signature Algorithm: sha256WithRSAEncryption
9a:0e:87:22:f7:98:b4:42:f4:0b:eb:3b:1b:54:d6:ce:e8:4f:
cc:35:d5:9e:b2:25:af:bb:55:0c:83:c0:ba:22:59:a1:d8:2a:
0b:4d:c7:ef:4a:97:9a:4a:0b:15:b7:ad:93:00:bf:de:65:52:
34:22:8d:cc:af:be:ed:3e:11:64:fe:aa:64:2e:c9:2b:32:56:
3a:d6:ec:fa:19:18:4e:2e:ba:ed:bb:6c:16:83:4f:43:96:14:
ce:df:41:4c:5d:d0:35:91:9a:82:fa:04:da:44:3d:85:6c:65:
0f:7b:f7:d8:ec:d8:9e:d1:e6:c0:a7:e7:03:98:6e:c4:ea:de:
ea:69:e2:63:8d:97:45:9a:51:81:e5:1e:62:1b:04:db:b1:bb:
8b:3f:82:eb:d8:b8:f1:9b:25:d9:58:da:ea:c6:9c:3e:9a:8c:
fb:1b:9f:b9:5c:8d:fd:f4:25:76:e9:58:e5:21:7f:8e:fd:00:
18:2f:9a:ec:44:64:da:29:59:23:44:79:ae:81:62:7f:a9:99:
bf:3f:61:d1:c7:2d:fa:a7:4d:e9:40:46:bc:e5:b2:f4:d0:bd:
34:b5:5b:bf:2f:47:d4:b5:2b:4b:45:4f:c1:8c:6a:96:b5:d2:
0e:94:46:20:1e:38:47:71:b1:04:4d:6f:e5:a3:56:7d:de:be:
54:38:d2:3b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUP+QphRvWmFUihET077pN13ZV6kowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmMzkxYzZiYjkxMTc0NDMyNTc1ZTYyNTcwY2U5M2ZjZDA4N2FkNDk0ZDg1
Y2M4MzYyY2I2OTNmYzViNjA4N2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSyXYTlshFXoXFsL0Q01SuRyBQ48FvW9m21HHScBjrWOrcdkBiVWnbfT0hK
SSPHAUtEcD+n60pXasv8TY9ni3R8zUYhwTkDuBflAm0DBeGA3D8tgyNMkCDEyeLB
1e71J/Mi71cS0cPw3GI/pP0qXa501FuLbePTw5tlSHptIBKZwqEESZoOBCTIFaFn
A/98cu9TrKdxx+Z/IN0NMQTQN3Gn1mIx23c6W6eyrSe2SVo+1sBwr8RJYaCzpX8A
DKtc0UmAViGMhl9vqRoSwfzhSkoyVHvNYnec0qScm/wVH1J1wFpJWO85qvBA0JA6
7MnUXAcbJgNrpds6/d9FrXAnMP0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQW0A/O
unWOqHs/u5pwDErLmvZpIDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjJiNzdkYmUtZDEyMi00M2JhLWEyYjYtYWI5MTIwZGYwMTc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNgMA0G
CSqGSIb3DQEBCwUAA4IBAQCaDoci95i0QvQL6zsbVNbO6E/MNdWesiWvu1UMg8C6
Ilmh2CoLTcfvSpeaSgsVt62TAL/eZVI0Io3Mr77tPhFk/qpkLskrMlY61uz6GRhO
Lrrtu2wWg09DlhTO30FMXdA1kZqC+gTaRD2FbGUPe/fY7Nie0ebAp+cDmG7E6t7q
aeJjjZdFmlGB5R5iGwTbsbuLP4Lr2LjxmyXZWNrqxpw+moz7G5+5XI399CV26Vjl
IX+O/QAYL5rsRGTaKVkjRHmugWJ/qZm/P2HRxy36p03pQEa85bL00L00tVu/L0fU
tStLRU/BjGqWtdIOlEYgHjhHcbEETW/lo1Z93r5UONI7
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:25 2024 by rpki-client on console-ams.rpki-client.org