Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a17c3105-7086-48e5-a3b7-e8b528c5b9c2.roa
File: a17c3105-7086-48e5-a3b7-e8b528c5b9c2.roa (raw, json)
Hash identifier: HbJNXTIgl8+S7O6ZPo5hxuQzUwNNtqEN00m7ZorjwPY=
Subject key identifier: E1:D7:A7:21:B8:7A:4D:18:39:65:88:37:12:DB:6B:09:7E:F4:B7:75
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 07DF7358A63460E530D455DF0B1F023A35DDFBDC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a17c3105-7086-48e5-a3b7-e8b528c5b9c2.roa
Signing time: Tue 05 Mar 2024 00:00:00 +0000
ROA not before: Tue 05 Mar 2024 00:00:00 +0000
ROA not after: Tue 09 Apr 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.172.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 29 Mar 2024 21:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:df:73:58:a6:34:60:e5:30:d4:55:df:0b:1f:02:3a:35:dd:fb:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 00:00:00 2024 GMT
Not After : Apr 9 23:59:59 2024 GMT
Subject: serialNumber=76cb291aa5bfbc2ca9548b682849aa0b1ffb444b8df8d5bb8cb8b0ace79f8d0b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:20:32:a8:19:aa:d8:25:9c:17:48:2d:43:52:
2d:e2:cf:87:b3:d6:26:7c:e7:95:f9:b0:d9:fc:7e:
3b:27:28:b3:ea:6d:9f:79:a6:14:13:34:33:2e:f1:
e3:33:de:2d:a3:95:f7:aa:db:ee:e2:1a:de:69:25:
c1:da:dd:56:c1:06:dc:e8:47:0b:d5:a6:cd:61:96:
8c:79:6f:d8:d8:3a:54:38:2b:dd:78:ed:1d:f0:11:
0a:86:e3:3f:91:67:ae:2e:bb:ec:2b:5e:88:3f:3e:
69:75:a3:cf:01:8b:57:3e:a1:92:bf:1b:d6:51:54:
56:ba:33:b5:f7:c7:a3:26:96:3c:f4:d8:ce:5a:42:
f5:52:c8:07:50:d7:40:f1:5e:3d:52:dc:9e:ff:e5:
c2:bc:8d:f7:e7:87:16:9f:a4:17:89:eb:6c:e8:0f:
6a:aa:79:88:84:df:27:51:62:20:75:ed:43:2a:32:
bf:13:1e:ec:f2:a0:73:2c:6e:6d:d6:9b:61:d7:d3:
2a:77:9f:16:70:fa:f3:7a:e2:3e:98:d8:83:ea:da:
af:0f:c9:07:8a:56:39:9a:e5:94:7d:1f:39:57:fb:
d3:3a:b1:c8:e5:75:57:93:ef:57:0f:63:e6:e1:53:
43:99:9b:5c:ad:20:1e:3d:67:d0:b1:5b:e2:00:c2:
a3:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:D7:A7:21:B8:7A:4D:18:39:65:88:37:12:DB:6B:09:7E:F4:B7:75
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a17c3105-7086-48e5-a3b7-e8b528c5b9c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.172.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2e:b4:61:5d:08:b1:c7:18:b5:e4:c0:5d:50:29:1b:4e:b2:94:
36:b8:7a:d6:aa:40:cc:8a:b4:15:aa:c6:de:78:73:50:29:46:
aa:8a:19:5e:99:a0:5c:c3:ba:6f:f3:8f:ab:87:01:ea:36:f0:
2b:60:27:bb:f1:62:7d:98:48:b5:b3:9e:96:41:b4:81:86:c2:
e1:2c:44:17:c3:ab:1e:d2:19:3f:2d:4e:49:27:01:64:09:e7:
66:d5:9f:d6:67:b1:cf:96:2b:73:8b:3f:62:39:9d:41:36:d9:
ed:33:74:92:01:90:c1:18:1c:3d:c9:f1:f9:91:d8:f5:ec:07:
72:8b:2e:53:37:82:31:13:2a:64:4e:df:e6:6a:c7:b4:62:bb:
5a:99:83:b7:a1:f6:38:56:07:e9:56:f6:c5:97:6d:4e:6a:93:
ec:04:57:d5:ee:20:67:4f:64:a0:98:e0:3f:03:c0:40:b4:9b:
dc:7e:77:0b:4e:f6:6b:ba:55:4b:85:65:19:bf:9c:7d:0f:84:
f3:89:85:35:a4:44:ab:4e:55:f0:1e:56:ec:5e:73:07:ba:56:
f3:66:cc:bf:1e:ab:b9:09:4f:e9:21:98:31:26:ae:61:1e:70:
aa:d4:4f:7e:1c:02:78:64:3c:8b:fc:33:60:9e:c7:3a:35:e6:
e3:f3:ed:9f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUB99zWKY0YOUw1FXfCx8COjXd+9wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMDUwMDAwMDBaFw0yNDA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2Y2IyOTFhYTViZmJjMmNhOTU0OGI2ODI4NDlhYTBiMWZmYjQ0NGI4ZGY4
ZDViYjhjYjhiMGFjZTc5ZjhkMGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN8gMqgZqtglnBdILUNSLeLPh7PWJnznlfmw2fx+Oycos+ptn3mmFBM0My7x
4zPeLaOV96rb7uIa3mklwdrdVsEG3OhHC9WmzWGWjHlv2Ng6VDgr3XjtHfARCobj
P5Fnri677CteiD8+aXWjzwGLVz6hkr8b1lFUVroztffHoyaWPPTYzlpC9VLIB1DX
QPFePVLcnv/lwryN9+eHFp+kF4nrbOgPaqp5iITfJ1FiIHXtQyoyvxMe7PKgcyxu
bdabYdfTKnefFnD683riPpjYg+rarw/JB4pWOZrllH0fOVf70zqxyOV1V5PvVw9j
5uFTQ5mbXK0gHj1n0LFb4gDCowkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTh16ch
uHpNGDlliDcS22sJfvS3dTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTE3YzMxMDUtNzA4Ni00OGU1LWEzYjctZThiNTI4YzViOWMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOsMA0G
CSqGSIb3DQEBCwUAA4IBAQAutGFdCLHHGLXkwF1QKRtOspQ2uHrWqkDMirQVqsbe
eHNQKUaqihlemaBcw7pv84+rhwHqNvArYCe78WJ9mEi1s56WQbSBhsLhLEQXw6se
0hk/LU5JJwFkCedm1Z/WZ7HPlitziz9iOZ1BNtntM3SSAZDBGBw9yfH5kdj17Ady
iy5TN4IxEypkTt/mase0YrtamYO3ofY4VgfpVvbFl21OapPsBFfV7iBnT2SgmOA/
A8BAtJvcfncLTvZrulVLhWUZv5x9D4TziYU1pESrTlXwHlbsXnMHulbzZsy/Hqu5
CU/pIZgxJq5hHnCq1E9+HAJ4ZDyL/DNgnsc6Nebj8+2f
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:20 2024 by rpki-client on console-fra.rpki-client.org