Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
File: 9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa (raw, json)
Hash identifier: y+6DWIdpDtxhfKTqOjpGJqmvbzpmGZ64m4nNqQJX9KU=
Subject key identifier: B4:1D:DC:78:A6:BA:7E:44:C3:EE:72:76:55:1E:84:C3:84:D4:00:3A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7A7A30E4BBF6F07740C54075B72F16DF1672DA36
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.188.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:7a:30:e4:bb:f6:f0:77:40:c5:40:75:b7:2f:16:df:16:72:da:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=d50e67c52d8ab1207a468f414cadcdaa77e2c936b61520caf3d000111a29e29b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f4:03:12:58:2e:6b:33:dc:e9:80:44:55:68:
d1:68:90:73:66:62:40:1c:e6:24:76:d3:93:09:1c:
af:7e:98:85:93:61:14:3c:0a:86:a8:aa:c7:d5:a7:
23:e8:39:39:11:58:b2:56:22:89:0c:2b:56:99:70:
3a:49:37:c8:f7:93:4a:af:78:31:5d:c5:4d:83:4d:
8f:50:b5:0e:d0:69:5e:0b:16:9d:d7:4e:92:1b:78:
6e:31:a9:1e:eb:0d:6c:ed:f6:a6:b5:cd:30:f1:ae:
f3:56:e3:fd:59:5b:21:68:6c:75:30:34:b6:0e:41:
3f:07:02:57:75:7a:0a:da:16:e1:4f:5c:1b:64:ba:
d1:7d:27:f0:e2:6e:be:63:fb:b8:4c:64:39:3a:82:
30:d6:3c:ee:b0:9c:54:ed:35:d8:ae:85:47:c3:a3:
2e:1b:23:cf:53:35:0b:a5:b4:33:fc:07:d8:10:ff:
3a:9c:4b:44:f9:5c:28:32:a0:d0:3d:19:26:be:8d:
91:df:8b:04:cb:93:c3:4a:22:49:f3:e6:64:4c:81:
87:a8:02:4b:2d:f8:e1:9a:99:9c:d7:e7:c7:41:e7:
77:3d:12:7a:d4:12:ce:86:7e:1c:77:c7:9f:b4:61:
02:72:ea:49:92:b9:9c:55:1f:f3:83:e6:97:7d:5a:
a0:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:1D:DC:78:A6:BA:7E:44:C3:EE:72:76:55:1E:84:C3:84:D4:00:3A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.188.0.0/15
Signature Algorithm: sha256WithRSAEncryption
90:ee:fa:22:3b:e8:07:16:c9:88:4c:3c:2c:cf:eb:9e:0c:14:
29:9e:2e:40:0d:53:32:23:5b:3c:4d:ba:89:5b:06:13:42:5c:
ad:4d:24:d8:ee:6d:5e:4f:77:f4:6b:39:77:3a:0b:a1:e3:36:
71:ed:a5:29:a1:2d:16:4c:db:d8:3d:d5:ef:66:0a:0c:d6:1f:
10:89:73:e2:d3:98:4b:c1:6f:77:85:3e:d5:c6:a5:09:27:18:
fe:cc:6c:01:82:a9:04:de:28:1a:29:c6:9e:d7:5f:67:21:1d:
c8:0f:43:6b:55:96:f9:d8:f1:78:2f:6d:b7:b5:f1:77:47:3a:
f8:57:d1:2d:c9:67:1d:44:6d:23:5b:64:88:bc:73:5a:06:63:
4b:13:b7:7f:9e:d1:c1:69:87:6d:35:b6:b1:f8:f2:e3:98:84:
05:45:1e:6f:9b:51:cd:3b:49:72:6c:00:fd:8e:7d:6a:db:b6:
f9:d9:bb:a5:ef:b3:b4:b2:a9:11:eb:2a:d6:2d:33:b3:e2:de:
00:ce:47:89:7e:ca:fa:78:08:06:41:a6:90:4f:f0:1d:5c:1b:
67:29:92:b3:4b:b8:fc:17:33:10:f6:38:b7:d9:e3:5b:f7:b2:
bd:96:66:43:61:0e:c2:10:33:90:f6:35:3b:66:01:9e:53:bd:
d3:50:93:35
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUenow5Lv28HdAxUB1ty8W3xZy2jYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1MGU2N2M1MmQ4YWIxMjA3YTQ2OGY0MTRjYWRjZGFhNzdlMmM5MzZiNjE1
MjBjYWYzZDAwMDExMWEyOWUyOWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJf0AxJYLmsz3OmARFVo0WiQc2ZiQBzmJHbTkwkcr36YhZNhFDwKhqiqx9Wn
I+g5ORFYslYiiQwrVplwOkk3yPeTSq94MV3FTYNNj1C1DtBpXgsWnddOkht4bjGp
HusNbO32prXNMPGu81bj/VlbIWhsdTA0tg5BPwcCV3V6CtoW4U9cG2S60X0n8OJu
vmP7uExkOTqCMNY87rCcVO012K6FR8OjLhsjz1M1C6W0M/wH2BD/OpxLRPlcKDKg
0D0ZJr6Nkd+LBMuTw0oiSfPmZEyBh6gCSy344ZqZnNfnx0Hndz0SetQSzoZ+HHfH
n7RhAnLqSZK5nFUf84Pml31aoM8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS0Hdx4
prp+RMPucnZVHoTDhNQAOjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViZmEzNDgtNTkxMC00NjY3LWI0ZGItY2ZiNWJiM2FjYmM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO8MA0G
CSqGSIb3DQEBCwUAA4IBAQCQ7voiO+gHFsmITDwsz+ueDBQpni5ADVMyI1s8TbqJ
WwYTQlytTSTY7m1eT3f0azl3Oguh4zZx7aUpoS0WTNvYPdXvZgoM1h8QiXPi05hL
wW93hT7VxqUJJxj+zGwBgqkE3igaKcae119nIR3ID0NrVZb52PF4L223tfF3Rzr4
V9EtyWcdRG0jW2SIvHNaBmNLE7d/ntHBaYdtNbax+PLjmIQFRR5vm1HNO0lybAD9
jn1q27b52bul77O0sqkR6yrWLTOz4t4AzkeJfsr6eAgGQaaQT/AdXBtnKZKzS7j8
FzMQ9ji32eNb97K9lmZDYQ7CEDOQ9jU7ZgGeU73TUJM1
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org