Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9bcb01bf-5e97-476b-b855-1bba036f903d.roa
File: 9bcb01bf-5e97-476b-b855-1bba036f903d.roa (raw, json)
Hash identifier: hcoIb0+a2ipB4KcQwyiRht64igOuc6ZS0q62dQjSlpY=
Subject key identifier: AD:3C:8D:A5:86:4F:21:21:9A:97:A6:E1:53:03:BE:50:36:2A:F0:F7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7ED560A2C909B4E1F8B09385605E3E0115A7A242
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9bcb01bf-5e97-476b-b855-1bba036f903d.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.50.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:d5:60:a2:c9:09:b4:e1:f8:b0:93:85:60:5e:3e:01:15:a7:a2:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=c90e384250e6c47bc3f6a5509153e99b06445898b0c4b78775346aeaf96140b5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9b:4d:8c:90:05:78:d6:1a:1e:c1:bd:69:27:
a5:83:ce:e7:f0:12:14:1f:10:a7:ca:91:58:63:69:
54:ad:4c:04:13:fd:38:83:da:39:c6:90:fc:df:da:
98:bb:f1:e3:21:a2:fc:0c:c9:41:80:3d:5d:74:24:
ca:20:42:12:db:2c:b9:e3:82:68:19:3c:06:ea:7d:
9d:1e:9d:bf:d6:81:98:2a:6e:bd:19:04:ca:ac:51:
1b:dc:08:bc:20:89:92:9a:48:8e:e7:2d:ea:13:63:
78:45:25:05:1b:d7:d3:73:c3:02:c1:ea:37:81:4c:
5d:04:18:c8:b7:f3:10:98:41:05:51:cb:97:a5:9f:
2a:5d:7c:a4:4c:93:27:03:6f:aa:b2:1b:0c:db:61:
ba:4e:9f:c6:74:1a:be:43:1c:e7:bf:20:f7:02:be:
76:53:67:07:7a:94:d4:dc:5a:5f:8a:c7:29:c0:59:
ae:79:11:cb:6d:5d:2a:3a:9b:8f:2d:d8:26:b7:ec:
aa:c3:d9:da:27:5e:fc:fd:f1:98:3b:58:97:5a:3e:
bf:84:43:b6:fd:e9:fe:b8:54:cd:06:80:65:f4:f2:
11:ef:83:e4:84:20:f1:0e:14:01:e7:aa:ab:e1:f4:
fb:9d:78:2f:a1:9c:b8:35:93:ab:ad:61:f0:fe:d2:
ca:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:3C:8D:A5:86:4F:21:21:9A:97:A6:E1:53:03:BE:50:36:2A:F0:F7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9bcb01bf-5e97-476b-b855-1bba036f903d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b6:76:63:6d:46:3e:83:58:ed:e3:1f:4d:10:fe:0e:8e:80:23:
ec:86:6a:25:49:ac:50:28:fb:14:a7:37:e8:fb:92:e9:a6:36:
2f:a2:67:b2:da:43:41:11:6e:4f:74:04:03:1e:2f:fa:e3:80:
55:80:c8:ec:51:55:06:2b:6d:c0:5e:d5:61:30:30:d8:7d:84:
ef:fe:96:10:8d:5e:7b:c9:c3:db:ce:ac:09:82:ef:17:e5:0c:
60:5d:cb:57:29:7b:2b:ef:ee:fd:af:9e:8d:cb:68:be:76:a1:
7c:a7:9b:38:ed:15:79:d3:c8:3d:6a:5e:1b:9e:a7:03:15:88:
bf:95:8d:72:23:a1:4c:36:93:d6:69:ed:3a:54:4f:1c:10:49:
28:70:d0:35:fc:05:bb:aa:06:79:cc:f5:85:54:87:36:b0:77:
38:03:a6:3f:a4:45:77:e3:56:67:7a:1d:3c:51:9f:56:b6:e9:
6b:67:50:bc:53:c5:fc:5d:74:a4:82:1c:eb:dc:01:9a:d3:dc:
d0:d0:1f:bd:1f:f9:fb:f4:4b:a8:81:4e:ec:51:aa:67:e5:53:
3e:40:06:0e:7f:6d:b3:d4:ce:c8:be:ee:0f:c3:74:47:f4:ba:
c6:0b:d4:34:da:42:e8:14:e9:05:f5:02:72:c7:c2:72:d0:a2:
4e:24:b1:e8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUftVgoskJtOH4sJOFYF4+ARWnokIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5MGUzODQyNTBlNmM0N2JjM2Y2YTU1MDkxNTNlOTliMDY0NDU4OThiMGM0
Yjc4Nzc1MzQ2YWVhZjk2MTQwYjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKubTYyQBXjWGh7BvWknpYPO5/ASFB8Qp8qRWGNpVK1MBBP9OIPaOcaQ/N/a
mLvx4yGi/AzJQYA9XXQkyiBCEtssueOCaBk8Bup9nR6dv9aBmCpuvRkEyqxRG9wI
vCCJkppIjuct6hNjeEUlBRvX03PDAsHqN4FMXQQYyLfzEJhBBVHLl6WfKl18pEyT
JwNvqrIbDNthuk6fxnQavkMc578g9wK+dlNnB3qU1NxaX4rHKcBZrnkRy21dKjqb
jy3YJrfsqsPZ2ide/P3xmDtYl1o+v4RDtv3p/rhUzQaAZfTyEe+D5IQg8Q4UAeeq
q+H0+514L6GcuDWTq61h8P7SynMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBStPI2l
hk8hIZqXpuFTA75QNirw9zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWJjYjAxYmYtNWU5Ny00NzZiLWI4NTUtMWJiYTAzNmY5MDNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMyMA0G
CSqGSIb3DQEBCwUAA4IBAQC2dmNtRj6DWO3jH00Q/g6OgCPshmolSaxQKPsUpzfo
+5LppjYvomey2kNBEW5PdAQDHi/644BVgMjsUVUGK23AXtVhMDDYfYTv/pYQjV57
ycPbzqwJgu8X5QxgXctXKXsr7+79r56Ny2i+dqF8p5s47RV508g9al4bnqcDFYi/
lY1yI6FMNpPWae06VE8cEEkocNA1/AW7qgZ5zPWFVIc2sHc4A6Y/pEV341Zneh08
UZ9WtulrZ1C8U8X8XXSkghzr3AGa09zQ0B+9H/n79EuogU7sUapn5VM+QAYOf22z
1M7Ivu4Pw3RH9LrGC9Q02kLoFOkF9QJyx8Jy0KJOJLHo
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:19 2024 by rpki-client on console-fra.rpki-client.org