Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/64347f36-e1a1-4726-8ba2-f1a09daab7d1.roa
File: 64347f36-e1a1-4726-8ba2-f1a09daab7d1.roa (raw, json)
Hash identifier: LlzevesjCzbqESdwdXFfxsSpC+SAer/q3vwDrwfV9ok=
Subject key identifier: EF:B8:84:88:AB:1B:D7:A2:D6:84:63:7D:2D:96:D0:24:CC:D0:AC:0C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5B96AFE7C8CE40B4FC6B1700F6996C46AF921E58
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/64347f36-e1a1-4726-8ba2-f1a09daab7d1.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.200.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:96:af:e7:c8:ce:40:b4:fc:6b:17:00:f6:99:6c:46:af:92:1e:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=208c41c8b8b9ead6eb2b846eb510792bf02590b8ec50ab0af1768595551346f3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d9:c6:42:48:6e:e0:58:51:a7:76:c9:64:8e:
7f:cd:ab:12:c6:d4:f8:7d:ee:fe:65:3c:4a:29:65:
86:62:d3:a9:d6:6c:4f:ad:29:6d:71:fe:b7:ee:55:
37:ed:ee:61:60:75:fb:21:09:cb:17:e3:7f:56:33:
84:ca:7b:d6:5a:af:ba:6d:00:41:83:c3:56:50:56:
75:a4:a4:42:76:7e:9a:89:82:22:84:da:40:51:ad:
9c:c1:4f:e0:10:b6:aa:df:8d:37:0a:84:eb:de:21:
f2:a3:89:8d:6f:df:91:f6:80:c9:ef:0b:a3:be:40:
65:71:1e:1f:24:17:f3:f8:30:d0:d9:5b:73:6a:d0:
89:de:c7:f6:48:77:48:0e:51:fb:81:cd:c5:50:92:
61:99:0a:d5:4a:04:6f:dd:0d:09:08:8e:4e:42:2c:
d0:f2:77:3a:bf:97:d6:55:07:a3:9e:95:8e:b8:d8:
48:86:31:cc:9e:bd:df:bd:fe:3d:2e:8a:17:66:c7:
5a:40:f5:59:ca:03:a4:a1:d9:9c:bb:4e:83:d2:43:
24:86:fe:82:09:44:00:1e:30:e4:7c:0a:ce:f7:8b:
e1:fc:ca:72:c8:4b:7e:8a:84:b9:12:77:27:4e:dd:
02:ef:dc:f6:d4:d4:36:e1:77:4a:b4:14:f7:c4:6a:
79:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:B8:84:88:AB:1B:D7:A2:D6:84:63:7D:2D:96:D0:24:CC:D0:AC:0C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/64347f36-e1a1-4726-8ba2-f1a09daab7d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.200.0.0/15
Signature Algorithm: sha256WithRSAEncryption
0b:07:ac:12:0f:bc:99:28:e1:19:4b:fe:a2:3f:0e:67:65:b7:
e3:6a:bb:26:84:13:eb:8c:c1:45:b7:cc:2a:94:0d:2d:86:d6:
de:b6:ee:9e:67:0a:38:a6:91:72:5e:67:9e:26:04:f0:9c:0f:
9e:0c:49:4e:0e:97:bf:45:f0:b0:f2:a7:27:77:13:cd:a0:4d:
a3:ee:e0:fd:15:7e:5d:cb:f5:2a:ea:1f:41:99:af:f5:ad:62:
86:38:58:ff:1a:b0:df:36:23:c2:eb:58:e3:29:c5:bc:a2:7b:
57:c4:ae:49:26:a7:38:fc:5e:d4:d6:5f:b5:b9:1d:67:75:ef:
6f:67:f8:d3:6a:f7:02:f0:92:81:97:8b:a0:f7:f6:6d:41:98:
f0:e7:3c:ff:69:23:f5:6d:25:62:65:01:60:0d:d5:82:55:1c:
c5:32:b1:0e:bb:52:e9:86:dc:30:37:79:55:18:dd:39:c5:60:
7e:43:4d:4b:7b:40:8f:30:68:eb:fc:4f:c4:49:03:90:5d:b2:
3d:c9:28:5b:18:03:f5:42:8e:aa:97:20:56:7f:58:4d:5c:e4:
b4:b2:1b:2b:24:73:0b:e8:6c:67:34:b9:2f:c5:3f:b9:69:80:
bc:f6:e2:2d:44:f7:9f:cb:70:ba:90:6b:45:85:41:34:8c:ee:
c8:b8:a1:f1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUW5av58jOQLT8axcA9plsRq+SHlgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwOGM0MWM4YjhiOWVhZDZlYjJiODQ2ZWI1MTA3OTJiZjAyNTkwYjhlYzUw
YWIwYWYxNzY4NTk1NTUxMzQ2ZjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOLZxkJIbuBYUad2yWSOf82rEsbU+H3u/mU8SillhmLTqdZsT60pbXH+t+5V
N+3uYWB1+yEJyxfjf1YzhMp71lqvum0AQYPDVlBWdaSkQnZ+momCIoTaQFGtnMFP
4BC2qt+NNwqE694h8qOJjW/fkfaAye8Lo75AZXEeHyQX8/gw0Nlbc2rQid7H9kh3
SA5R+4HNxVCSYZkK1UoEb90NCQiOTkIs0PJ3Or+X1lUHo56VjrjYSIYxzJ69373+
PS6KF2bHWkD1WcoDpKHZnLtOg9JDJIb+gglEAB4w5HwKzveL4fzKcshLfoqEuRJ3
J07dAu/c9tTUNuF3SrQU98RqeeECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTvuISI
qxvXotaEY30tltAkzNCsDDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjQzNDdmMzYtZTFhMS00NzI2LThiYTItZjFhMDlkYWFiN2QxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G
CSqGSIb3DQEBCwUAA4IBAQALB6wSD7yZKOEZS/6iPw5nZbfjarsmhBPrjMFFt8wq
lA0thtbetu6eZwo4ppFyXmeeJgTwnA+eDElODpe/RfCw8qcndxPNoE2j7uD9FX5d
y/Uq6h9Bma/1rWKGOFj/GrDfNiPC61jjKcW8ontXxK5JJqc4/F7U1l+1uR1nde9v
Z/jTavcC8JKBl4ug9/ZtQZjw5zz/aSP1bSViZQFgDdWCVRzFMrEOu1LphtwwN3lV
GN05xWB+Q01Le0CPMGjr/E/ESQOQXbI9yShbGAP1Qo6qlyBWf1hNXOS0shsrJHML
6GxnNLkvxT+5aYC89uItRPefy3C6kGtFhUE0jO7IuKHx
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org