Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
File: 709c8cf6-9d5d-47d6-8b70-40eff8390658.roa (raw, json)
Hash identifier: CqBeRbTY6XoaZOmaI0l48rZryR9HVQQ/EEvWqdmGrjE=
Subject key identifier: EF:D3:4F:AB:C3:02:A7:9A:0B:3D:39:8B:D4:AB:3F:E7:0A:8C:23:D5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 10DFBAAF00A7651AC63F94E414A9A5D4D73EF7A5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.220.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:df:ba:af:00:a7:65:1a:c6:3f:94:e4:14:a9:a5:d4:d7:3e:f7:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=c44b1503a9a72a331cb4c713574f7f9b2a3c2e94a26aece423bbb11707bc157d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5d:52:4f:38:e5:11:40:50:02:a2:c2:f7:c5:
57:59:d5:ab:5c:e6:da:9a:92:e7:6f:1b:44:54:58:
5c:fd:e4:b9:46:54:33:eb:54:9e:62:7b:0f:28:c5:
e0:10:fb:eb:a8:55:cd:8f:87:7e:63:10:64:af:94:
d3:67:a7:ed:96:f5:22:41:bb:65:61:68:ca:a7:8a:
de:2b:e3:86:a8:8d:7b:30:88:4f:ea:0f:f3:5c:76:
80:e9:41:fc:83:41:ef:dc:f1:b0:f1:0c:61:54:39:
46:16:a2:60:2c:0a:fe:da:25:b6:41:b6:c0:d1:38:
d4:c1:34:85:bf:dd:21:85:31:da:0a:14:a1:5c:56:
af:41:32:0a:d8:a3:47:90:04:71:bb:ec:81:2e:d4:
6c:1a:8d:3e:73:e8:5f:94:8b:54:f2:46:55:7c:86:
75:16:24:a2:48:0d:0a:c7:37:5a:94:48:be:21:79:
c8:82:a8:eb:78:4e:a1:58:c1:fb:61:96:3e:aa:c7:
58:90:ec:9c:ac:ce:05:3d:81:b9:64:ee:f7:ce:9f:
ce:cc:94:f1:48:9e:af:0e:e5:43:df:53:6c:c2:9a:
80:8f:c3:45:c0:0a:d4:50:7d:a5:d4:eb:da:7c:f7:
a0:3b:f4:56:cf:eb:1a:e2:b8:69:59:31:8b:48:80:
94:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:D3:4F:AB:C3:02:A7:9A:0B:3D:39:8B:D4:AB:3F:E7:0A:8C:23:D5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.220.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b9:0a:66:4c:e6:5f:4d:26:3b:37:7b:e0:e2:b2:cc:87:00:8e:
45:cf:88:9a:13:c0:a7:98:18:d9:ca:b6:91:a2:14:eb:27:b5:
bd:58:9f:a1:98:f1:91:cb:28:49:61:c8:ba:66:52:6d:49:e1:
8c:46:fe:e0:4d:ab:9c:87:91:ba:7c:62:b2:18:72:b5:5a:db:
98:77:ce:a0:37:d8:b4:f7:3a:85:c3:6a:20:0d:81:b8:d7:e6:
47:24:4d:db:9f:86:f4:50:ea:75:f9:d1:88:d5:13:79:dc:49:
65:f1:36:4b:8c:49:1d:9c:d3:ba:b2:c2:74:ce:13:e7:a4:ab:
16:73:ba:29:e1:ee:a9:f4:1c:ee:37:4a:91:8f:58:83:cf:17:
9a:ce:bb:43:4a:9c:44:67:9e:91:82:da:8e:21:db:d9:93:3a:
9a:90:6e:dd:15:6b:25:2f:a9:4c:5c:ac:e7:bb:a2:81:69:e8:
35:2d:50:c4:b8:76:08:94:91:e9:6e:dc:fd:1d:2d:6b:37:66:
a0:17:e3:42:51:d5:25:43:d9:22:13:4b:53:6e:bd:15:3d:3c:
bb:c5:84:3e:d9:ee:fc:29:b8:c0:f6:1d:de:69:de:87:50:f8:
0c:46:f0:53:c7:70:a0:75:6e:00:d2:5d:db:c3:3b:c5:2c:99:
79:c9:b0:85
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEN+6rwCnZRrGP5TkFKml1Nc+96UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0NGIxNTAzYTlhNzJhMzMxY2I0YzcxMzU3NGY3ZjliMmEzYzJlOTRhMjZh
ZWNlNDIzYmJiMTE3MDdiYzE1N2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1dUk845RFAUAKiwvfFV1nVq1zm2pqS528bRFRYXP3kuUZUM+tUnmJ7DyjF
4BD766hVzY+HfmMQZK+U02en7Zb1IkG7ZWFoyqeK3ivjhqiNezCIT+oP81x2gOlB
/INB79zxsPEMYVQ5RhaiYCwK/toltkG2wNE41ME0hb/dIYUx2goUoVxWr0EyCtij
R5AEcbvsgS7UbBqNPnPoX5SLVPJGVXyGdRYkokgNCsc3WpRIviF5yIKo63hOoVjB
+2GWPqrHWJDsnKzOBT2BuWTu986fzsyU8Uierw7lQ99TbMKagI/DRcAK1FB9pdTr
2nz3oDv0Vs/rGuK4aVkxi0iAlM8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTv00+r
wwKnmgs9OYvUqz/nCowj1TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzA5YzhjZjYtOWQ1ZC00N2Q2LThiNzAtNDBlZmY4MzkwNjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPcMA0G
CSqGSIb3DQEBCwUAA4IBAQC5CmZM5l9NJjs3e+DissyHAI5Fz4iaE8CnmBjZyraR
ohTrJ7W9WJ+hmPGRyyhJYci6ZlJtSeGMRv7gTauch5G6fGKyGHK1WtuYd86gN9i0
9zqFw2ogDYG41+ZHJE3bn4b0UOp1+dGI1RN53Ell8TZLjEkdnNO6ssJ0zhPnpKsW
c7op4e6p9BzuN0qRj1iDzxeazrtDSpxEZ56RgtqOIdvZkzqakG7dFWslL6lMXKzn
u6KBaeg1LVDEuHYIlJHpbtz9HS1rN2agF+NCUdUlQ9kiE0tTbr0VPTy7xYQ+2e78
KbjA9h3ead6HUPgMRvBTx3CgdW4A0l3bwzvFLJl5ybCF
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:32 2023 by rpki-client on console-fra.rpki-client.org