Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
File: 8d2d588e-ac05-4633-acba-4d5705f7071e.roa (raw, json)
Hash identifier: 8vvej5NPdqPaQrro8Kg31UO7NEwJmgh4KJJfYKNpNI8=
Subject key identifier: 61:02:87:4D:73:4E:BB:B7:85:B8:0A:62:48:C4:FE:C4:5E:FB:5F:52
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 41D2C28574BEE62369BFC474CE14CE0F896E3231
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.180.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:d2:c2:85:74:be:e6:23:69:bf:c4:74:ce:14:ce:0f:89:6e:32:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=6ce0de97f544b1d5ae5c1efb0eae09329ca0e32bc6c66cfbaa495ae83c013cce, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:03:87:e5:44:0d:a7:6d:f5:23:42:ef:b7:db:
03:fb:1b:10:47:38:5e:0d:ef:fd:3d:66:0e:52:7d:
13:1c:92:23:e8:d0:95:e7:b5:9c:b9:82:2b:77:c4:
d7:81:9a:e5:3f:f0:66:4d:d0:75:f6:98:09:af:f7:
72:04:26:e9:7e:e8:4c:88:ee:fa:e2:3f:be:40:f5:
19:2c:48:d7:17:f6:49:66:69:0e:11:47:49:2f:4b:
1e:47:ab:b8:a4:2c:7b:63:4e:71:dc:c6:7d:e0:72:
d9:94:2f:c3:6b:e1:1d:96:36:bd:02:0a:b2:d6:86:
e4:18:64:4e:6a:81:ca:13:26:90:75:13:12:19:f4:
a2:e4:c3:10:de:9a:64:46:93:45:d0:1a:f0:19:53:
e1:0f:7f:44:98:1e:a8:86:f2:b4:fb:ac:4d:b3:41:
1a:d9:7e:0a:6d:82:8f:ea:2e:b3:92:55:1b:ca:b3:
0c:c6:12:1c:6d:9c:d4:e5:ea:93:1f:96:2b:8f:40:
f2:ba:2f:be:ae:cf:28:84:b3:71:ab:65:d4:2d:c9:
0e:2f:54:28:44:e4:07:20:96:49:e9:ea:63:ba:4d:
ab:e0:5a:c3:c2:14:5a:9f:99:d3:2a:57:ec:c6:ad:
ae:ca:4d:c6:f9:ae:aa:55:11:2a:27:5c:99:15:56:
27:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:02:87:4D:73:4E:BB:B7:85:B8:0A:62:48:C4:FE:C4:5E:FB:5F:52
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
6d:01:3f:8d:13:d6:47:f6:63:d5:6b:e3:f4:5e:0a:90:5a:15:
84:90:3a:0b:64:33:6b:49:e2:0b:68:30:2b:00:3f:d1:cc:31:
1c:5a:2c:5a:ee:d2:f6:1f:61:9a:a9:6b:a2:4a:a3:a2:4d:df:
3f:55:98:fd:57:b4:31:dc:2e:36:64:1d:8c:e1:3f:1c:bf:0a:
2b:9e:e0:f7:80:d1:ed:87:a5:36:e3:4d:2a:d1:4b:6b:99:1c:
6f:26:a6:55:5c:37:35:58:b3:2d:a6:ef:d8:c4:bc:6b:4e:45:
10:72:f0:e8:76:e1:a6:07:1c:7e:58:02:1f:d8:c8:00:75:3d:
36:81:a7:85:af:7e:04:7b:d2:8e:c6:55:8c:b4:85:47:23:95:
1e:e2:a2:0d:ca:50:9e:54:32:6e:46:02:b3:96:b2:9a:86:27:
52:8e:b5:ad:f9:65:46:5a:b1:cd:d2:cb:54:42:91:90:0c:c9:
40:de:05:86:9f:21:88:c0:f3:6d:22:fa:a7:7c:ad:d9:55:3c:
74:94:4a:7f:8d:89:d5:4d:2d:60:0f:bc:a4:44:b5:94:61:8a:
44:a7:95:dd:d0:84:97:d2:b8:62:34:b6:74:2d:cd:87:11:a3:
dc:de:ed:59:b4:7e:f1:b2:b8:30:d2:3e:b1:21:84:f6:ec:59:
3a:5c:d2:27
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQdLChXS+5iNpv8R0zhTOD4luMjEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjZTBkZTk3ZjU0NGIxZDVhZTVjMWVmYjBlYWUwOTMyOWNhMGUzMmJjNmM2
NmNmYmFhNDk1YWU4M2MwMTNjY2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALMDh+VEDadt9SNC77fbA/sbEEc4Xg3v/T1mDlJ9ExySI+jQlee1nLmCK3fE
14Ga5T/wZk3QdfaYCa/3cgQm6X7oTIju+uI/vkD1GSxI1xf2SWZpDhFHSS9LHker
uKQse2NOcdzGfeBy2ZQvw2vhHZY2vQIKstaG5BhkTmqByhMmkHUTEhn0ouTDEN6a
ZEaTRdAa8BlT4Q9/RJgeqIbytPusTbNBGtl+Cm2Cj+ous5JVG8qzDMYSHG2c1OXq
kx+WK49A8rovvq7PKISzcatl1C3JDi9UKETkByCWSenqY7pNq+Baw8IUWp+Z0ypX
7MatrspNxvmuqlURKidcmRVWJ48CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRhAodN
c067t4W4CmJIxP7EXvtfUjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGQyZDU4OGUtYWMwNS00NjMzLWFjYmEtNGQ1NzA1ZjcwNzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G
CSqGSIb3DQEBCwUAA4IBAQBtAT+NE9ZH9mPVa+P0XgqQWhWEkDoLZDNrSeILaDAr
AD/RzDEcWixa7tL2H2GaqWuiSqOiTd8/VZj9V7Qx3C42ZB2M4T8cvwornuD3gNHt
h6U2400q0UtrmRxvJqZVXDc1WLMtpu/YxLxrTkUQcvDoduGmBxx+WAIf2MgAdT02
gaeFr34Ee9KOxlWMtIVHI5Ue4qINylCeVDJuRgKzlrKahidSjrWt+WVGWrHN0stU
QpGQDMlA3gWGnyGIwPNtIvqnfK3ZVTx0lEp/jYnVTS1gD7ykRLWUYYpEp5Xd0ISX
0rhiNLZ0Lc2HEaPc3u1ZtH7xsrgw0j6xIYT27Fk6XNIn
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:50 2024 by rpki-client on console-ams.rpki-client.org