Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/65006a80-461d-4fa1-9ee7-0c6ea5fbb77a.roa
File: 65006a80-461d-4fa1-9ee7-0c6ea5fbb77a.roa (raw, json)
Hash identifier: NwOdyykKpUt/7W3Ekz7qQE03i6VEO+Rq5Zi38/mU+hI=
Subject key identifier: D0:06:E9:D9:25:BF:9A:35:D9:32:E0:1F:A5:6D:71:E9:59:0B:E5:3F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2B4F6E68BA6CE4A95F47D0FA8B28BB6FEB08E669
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/65006a80-461d-4fa1-9ee7-0c6ea5fbb77a.roa
Signing time: Fri 22 Sep 2023 00:00:00 +0000
ROA not before: Fri 22 Sep 2023 00:00:00 +0000
ROA not after: Fri 27 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.88.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Sep 2023 11:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:4f:6e:68:ba:6c:e4:a9:5f:47:d0:fa:8b:28:bb:6f:eb:08:e6:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 22 00:00:00 2023 GMT
Not After : Oct 27 23:59:59 2023 GMT
Subject: serialNumber=ec7dae51dd9449489d33ce0d72ddcabc3e4e54d7d546200b61c2f65bb191c4bc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e1:d0:b5:9f:00:9f:a7:7a:af:4b:98:dd:c3:
d2:68:1d:05:cb:07:07:d6:00:5a:bf:ac:18:ef:65:
f1:72:07:aa:bc:3a:91:22:28:00:79:5f:19:96:ce:
0b:c6:1b:11:68:5c:96:02:ea:6b:a2:29:3d:2d:cc:
fd:fb:47:1d:23:a5:b5:06:35:6f:0f:cf:8e:97:83:
99:62:d5:92:c0:60:fd:70:a6:53:d0:92:89:d8:9d:
6d:ce:88:5f:bd:a4:e0:40:62:93:df:b0:44:b0:fb:
55:44:08:da:97:34:d2:32:ff:44:ad:b9:fe:35:bf:
ad:27:7d:41:17:43:c9:d9:56:23:b5:50:c9:af:4f:
f1:cb:dc:7a:39:cb:e6:f9:56:c0:74:93:16:f6:40:
21:1f:4c:57:62:95:a9:74:e9:62:95:37:69:99:04:
e9:61:4b:34:a6:91:cd:39:f9:38:a1:f8:88:03:52:
8f:96:ee:6f:dd:2e:a1:63:ff:a6:6c:9b:cf:a2:0b:
44:3a:eb:40:ea:16:a1:5b:9c:23:52:98:69:80:7b:
cb:f1:07:50:02:23:12:ee:64:65:3b:88:44:d8:96:
f0:17:b5:fd:86:a4:36:b9:6d:76:73:bc:30:66:0c:
06:99:b5:aa:cc:32:36:47:a4:75:43:75:9a:3d:e9:
0b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:06:E9:D9:25:BF:9A:35:D9:32:E0:1F:A5:6D:71:E9:59:0B:E5:3F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/65006a80-461d-4fa1-9ee7-0c6ea5fbb77a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.88.0/21
Signature Algorithm: sha256WithRSAEncryption
46:00:7b:c8:01:60:6a:89:37:80:5b:26:f4:b5:e4:13:92:b6:
3a:e2:2f:53:f0:2c:f2:dc:ae:96:51:19:0d:3b:4f:73:0c:79:
57:9f:f7:de:f1:26:13:d2:4b:d3:8d:5a:7b:78:cb:ac:71:16:
c1:ac:46:0e:7a:e8:76:bd:20:a7:fb:00:4e:73:32:4c:e7:e1:
de:df:e4:d4:5d:87:d9:1b:f4:c6:ee:b5:19:ac:db:8b:1f:e2:
32:5b:51:b9:17:8f:94:ae:3d:0f:56:04:35:44:df:90:fb:d4:
37:0d:de:5c:7f:44:dd:02:bb:28:e4:91:f6:75:7f:bb:10:b4:
73:30:3c:45:a9:77:10:74:12:1b:ef:fe:c9:c8:09:57:97:cd:
e0:e2:c5:05:fd:6b:0a:cc:03:14:84:e0:94:80:aa:66:04:c9:
2d:49:b4:0e:83:36:3d:54:d6:97:52:e2:4b:a9:9c:87:45:f3:
8a:6e:b4:10:79:70:ed:70:1a:a4:24:8a:92:37:91:94:18:2a:
f7:5e:05:df:63:2a:07:1f:47:a5:c1:1a:c5:24:5a:47:88:e1:
4a:d2:25:5c:30:83:ba:1d:54:82:33:d8:83:61:98:0b:92:bb:
bb:be:0b:88:3d:3f:05:b2:7f:02:f3:8b:72:c4:d5:79:56:06:
40:4c:b9:f9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUK09uaLps5KlfR9D6iyi7b+sI5mkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MjIwMDAwMDBaFw0yMzEwMjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjN2RhZTUxZGQ5NDQ5NDg5ZDMzY2UwZDcyZGRjYWJjM2U0ZTU0ZDdkNTQ2
MjAwYjYxYzJmNjViYjE5MWM0YmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvh0LWfAJ+neq9LmN3D0mgdBcsHB9YAWr+sGO9l8XIHqrw6kSIoAHlfGZbO
C8YbEWhclgLqa6IpPS3M/ftHHSOltQY1bw/PjpeDmWLVksBg/XCmU9CSididbc6I
X72k4EBik9+wRLD7VUQI2pc00jL/RK25/jW/rSd9QRdDydlWI7VQya9P8cvcejnL
5vlWwHSTFvZAIR9MV2KVqXTpYpU3aZkE6WFLNKaRzTn5OKH4iANSj5bub90uoWP/
pmybz6ILRDrrQOoWoVucI1KYaYB7y/EHUAIjEu5kZTuIRNiW8Be1/YakNrltdnO8
MGYMBpm1qswyNkekdUN1mj3pC98CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTQBunZ
Jb+aNdky4B+lbXHpWQvlPzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjUwMDZhODAtNDYxZC00ZmExLTllZTctMGM2ZWE1ZmJiNzdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAWDAN
BgkqhkiG9w0BAQsFAAOCAQEARgB7yAFgaok3gFsm9LXkE5K2OuIvU/As8tyullEZ
DTtPcwx5V5/33vEmE9JL041ae3jLrHEWwaxGDnrodr0gp/sATnMyTOfh3t/k1F2H
2Rv0xu61Gazbix/iMltRuRePlK49D1YENUTfkPvUNw3eXH9E3QK7KOSR9nV/uxC0
czA8Ral3EHQSG+/+ycgJV5fN4OLFBf1rCswDFITglICqZgTJLUm0DoM2PVTWl1Li
S6mch0Xzim60EHlw7XAapCSKkjeRlBgq914F32MqBx9HpcEaxSRaR4jhStIlXDCD
uh1UgjPYg2GYC5K7u74LiD0/BbJ/AvOLcsTVeVYGQEy5+Q==
-----END CERTIFICATE-----
Generated at Fri Sep 22 15:45:17 2023 by rpki-client on console-ams.rpki-client.org