Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/79ac9682-f38d-4a27-a674-6ffa67d15d1f.roa
File: 79ac9682-f38d-4a27-a674-6ffa67d15d1f.roa (raw, json)
Hash identifier: oAPvZWDHkZF9KeFmuoPNHv4U/mBfiIrLYxTmg0c2bSA=
Subject key identifier: E9:5D:7C:44:DE:F3:9F:96:2D:62:97:C0:C3:04:F9:B1:AD:18:04:3A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7485FC5D19A691F191CBB6A39A00CB9A24DF1DB0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/79ac9682-f38d-4a27-a674-6ffa67d15d1f.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.184.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:85:fc:5d:19:a6:91:f1:91:cb:b6:a3:9a:00:cb:9a:24:df:1d:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=b03733518c3d6833f2374825e39909a03b16fb9fd52a27d4e2bfb25b369d4ebd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:61:ad:68:ce:2a:07:d7:fe:c6:94:8b:6d:01:
bb:e4:fb:16:7c:60:88:fc:0f:aa:06:1b:39:38:fa:
93:f6:12:4c:3a:fb:5d:a9:4e:31:28:e2:6d:de:b2:
00:e9:1f:de:40:30:aa:11:b5:b5:54:05:02:d4:88:
43:5a:f4:58:56:47:e8:49:26:39:5e:5e:93:60:82:
46:af:b6:bc:85:aa:7c:3d:73:71:ff:54:a6:f5:09:
27:7e:2d:06:44:b6:31:ca:de:dd:2a:44:77:63:03:
e7:aa:ef:12:ca:d1:75:75:87:88:de:b0:55:e2:93:
ef:cc:95:a8:02:8d:c9:e8:0a:c7:97:53:e0:43:ed:
d3:4e:ac:e0:72:29:e6:b4:2b:0c:1a:80:f3:4c:ce:
0f:e8:9a:8e:36:88:f5:e0:92:65:81:41:10:53:17:
e0:4c:d8:c1:39:2d:f6:a1:14:9a:a9:0e:89:66:f0:
6b:a1:43:f8:58:d2:24:d6:ec:9c:d2:d2:4c:76:78:
33:08:32:2f:90:87:c4:02:59:c0:a3:3b:0f:d0:4c:
df:9e:2b:16:1b:78:e9:05:6f:ea:e4:01:dd:36:58:
57:e6:af:3a:6a:60:79:cf:e8:0c:03:86:38:86:bf:
2f:ca:fc:01:49:21:d4:52:57:3b:54:b9:5e:22:7a:
17:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:5D:7C:44:DE:F3:9F:96:2D:62:97:C0:C3:04:F9:B1:AD:18:04:3A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/79ac9682-f38d-4a27-a674-6ffa67d15d1f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.184.0.0/15
Signature Algorithm: sha256WithRSAEncryption
41:f9:e5:2b:d4:bd:57:a9:83:62:4e:a5:39:90:cc:3f:13:b2:
c0:ce:d2:1d:fa:26:84:9b:30:48:db:d3:ad:30:b4:bc:d3:f9:
a9:20:6f:e5:29:cc:3e:a5:48:47:a5:e3:bc:23:b7:3c:c2:72:
f2:0c:f4:98:14:b1:bc:cf:da:f4:fb:19:ba:e7:a1:7f:38:a0:
f1:58:73:5f:2f:df:e3:25:dd:d4:a3:36:2e:a5:cb:18:bf:10:
f9:d9:56:dd:75:31:80:cd:2d:df:3c:c1:64:4a:89:23:a1:2c:
32:87:b5:32:89:c9:a6:a4:b2:8d:dd:aa:2c:4d:14:81:f7:e9:
ab:e3:0b:9a:d9:1d:13:4c:f9:4f:65:58:39:69:b5:e8:d1:fa:
ff:2b:28:b2:f4:c3:d2:36:20:3c:01:c8:5c:ed:99:76:7a:21:
c2:53:dc:13:96:1f:48:7a:4f:1b:f8:d0:88:40:89:93:10:5a:
75:07:43:41:49:7f:7f:23:bd:21:80:b4:33:93:f0:d4:e1:a9:
58:71:9b:d7:0c:9a:95:ef:ab:6b:6e:23:ac:04:c9:7c:eb:0e:
b0:7f:fa:cf:bd:ac:ad:9c:90:20:a9:59:1f:fc:60:83:90:55:
af:3d:37:11:53:55:6b:38:82:e4:ba:2a:67:4a:7f:8e:1c:a7:
b0:22:16:49
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdIX8XRmmkfGRy7ajmgDLmiTfHbAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwMzczMzUxOGMzZDY4MzNmMjM3NDgyNWUzOTkwOWEwM2IxNmZiOWZkNTJh
MjdkNGUyYmZiMjViMzY5ZDRlYmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANNhrWjOKgfX/saUi20Bu+T7FnxgiPwPqgYbOTj6k/YSTDr7XalOMSjibd6y
AOkf3kAwqhG1tVQFAtSIQ1r0WFZH6EkmOV5ek2CCRq+2vIWqfD1zcf9UpvUJJ34t
BkS2Mcre3SpEd2MD56rvEsrRdXWHiN6wVeKT78yVqAKNyegKx5dT4EPt006s4HIp
5rQrDBqA80zOD+iajjaI9eCSZYFBEFMX4EzYwTkt9qEUmqkOiWbwa6FD+FjSJNbs
nNLSTHZ4MwgyL5CHxAJZwKM7D9BM354rFht46QVv6uQB3TZYV+avOmpgec/oDAOG
OIa/L8r8AUkh1FJXO1S5XiJ6FwcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTpXXxE
3vOfli1il8DDBPmxrRgEOjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzlhYzk2ODItZjM4ZC00YTI3LWE2NzQtNmZmYTY3ZDE1ZDFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO4MA0G
CSqGSIb3DQEBCwUAA4IBAQBB+eUr1L1XqYNiTqU5kMw/E7LAztId+iaEmzBI29Ot
MLS80/mpIG/lKcw+pUhHpeO8I7c8wnLyDPSYFLG8z9r0+xm656F/OKDxWHNfL9/j
Jd3UozYupcsYvxD52VbddTGAzS3fPMFkSokjoSwyh7UyicmmpLKN3aosTRSB9+mr
4wua2R0TTPlPZVg5abXo0fr/Kyiy9MPSNiA8Achc7Zl2eiHCU9wTlh9Iek8b+NCI
QImTEFp1B0NBSX9/I70hgLQzk/DU4alYcZvXDJqV76trbiOsBMl86w6wf/rPvayt
nJAgqVkf/GCDkFWvPTcRU1VrOILkuipnSn+OHKewIhZJ
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org