Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
File: cf51afdd-468d-4999-b2cd-4c6517505aee.roa (raw, json)
Hash identifier: UjhxRFHtHe0AAmRCUnsXbCRJTA2IEVjyjMX909LIs1Y=
Subject key identifier: 3E:90:1B:89:CE:2D:3C:13:58:0B:D2:23:CC:2F:6B:D8:72:23:3F:23
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 382B18D337528E5595714C908B188EE56884AB73
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.202.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:2b:18:d3:37:52:8e:55:95:71:4c:90:8b:18:8e:e5:68:84:ab:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=67f8d10246bc2a2e18c2e65576307ddab22a54e43f422b25e3f89eb469efe434, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d7:14:ed:e6:98:3f:c5:f1:71:fd:a2:6d:f9:
bb:21:a4:6a:2a:d5:c6:e1:e3:c4:11:0e:20:1e:ee:
86:cc:87:1f:cc:f8:11:fc:31:31:1c:51:30:ec:fe:
4f:73:90:c2:62:b6:e0:be:a7:38:ea:4a:ed:37:c5:
28:ca:31:7c:d0:78:e4:e1:31:4d:5f:70:1d:23:e0:
27:eb:94:a1:2d:46:4d:41:57:57:9a:cd:e4:ab:30:
85:74:ee:2c:d7:f0:6a:6c:c3:a6:e5:c6:4c:c7:24:
36:ff:2e:3b:28:38:01:bb:81:29:41:1a:35:3f:dd:
88:9e:35:fb:8e:37:91:96:63:09:6c:67:2b:3a:05:
fc:83:bd:74:2d:5c:af:2e:12:1c:4c:ff:c1:c7:d7:
cd:bf:3c:b0:d1:d7:5b:85:9b:1d:32:47:1a:7e:9f:
73:5a:fc:3f:ed:bd:05:52:c5:7f:2c:24:7c:53:aa:
43:77:29:57:29:2c:e4:5b:eb:7b:18:0e:d2:5b:d5:
35:8f:b3:43:09:4f:b0:77:f1:01:9d:ef:b2:80:06:
1d:72:dd:42:24:7d:e9:c5:9e:ef:a1:33:3c:77:4e:
42:7a:d0:b9:01:af:75:67:85:6c:f4:18:db:c9:00:
23:c0:ed:64:32:f8:f4:4d:af:bb:1e:fb:6e:eb:0c:
58:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:90:1B:89:CE:2D:3C:13:58:0B:D2:23:CC:2F:6B:D8:72:23:3F:23
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.202.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ba:35:d1:40:0a:d3:21:e2:fc:b3:99:7f:62:32:8a:28:44:58:
69:5a:f1:82:89:95:6d:a4:e8:7f:3f:c4:22:3e:c6:c8:c1:50:
31:f6:23:22:da:40:2a:ba:0f:5e:3a:c6:27:9d:6d:7e:8f:44:
66:21:19:f5:ab:7b:2d:ef:18:25:41:a5:24:27:f4:fd:51:ef:
e4:2f:05:a9:3d:93:30:29:46:26:3b:fe:2b:49:7d:67:8f:24:
d1:68:e3:29:16:b5:79:5a:94:ea:d7:3d:43:0f:11:f4:f7:cb:
f3:78:54:d3:26:ef:9d:7b:71:f7:bd:68:44:4c:50:fe:81:0b:
31:ad:10:96:fe:93:da:4d:2f:f0:79:38:b9:87:42:40:1e:a8:
79:9d:31:02:77:bc:81:ed:c4:f6:6e:6e:58:c8:05:36:67:82:
f0:60:2c:72:b4:ff:49:bb:03:12:10:e0:c9:06:31:c4:10:79:
09:fa:43:d2:a5:54:c4:2a:71:bc:a9:94:ba:2c:d0:19:78:97:
6b:f5:b1:a8:48:56:59:f5:d4:58:4c:ff:38:cc:17:a8:5d:11:
6d:b0:af:7c:d9:88:13:d5:61:8d:bd:cd:43:01:5f:23:61:95:
3d:7c:f8:23:32:a9:68:a5:92:80:db:cb:8e:6f:7b:15:6f:41:
1f:f8:82:4a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOCsY0zdSjlWVcUyQixiO5WiEq3MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3ZjhkMTAyNDZiYzJhMmUxOGMyZTY1NTc2MzA3ZGRhYjIyYTU0ZTQzZjQy
MmIyNWUzZjg5ZWI0NjllZmU0MzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLXFO3mmD/F8XH9om35uyGkairVxuHjxBEOIB7uhsyHH8z4EfwxMRxRMOz+
T3OQwmK24L6nOOpK7TfFKMoxfNB45OExTV9wHSPgJ+uUoS1GTUFXV5rN5KswhXTu
LNfwamzDpuXGTMckNv8uOyg4AbuBKUEaNT/diJ41+443kZZjCWxnKzoF/IO9dC1c
ry4SHEz/wcfXzb88sNHXW4WbHTJHGn6fc1r8P+29BVLFfywkfFOqQ3cpVyks5Fvr
exgO0lvVNY+zQwlPsHfxAZ3vsoAGHXLdQiR96cWe76EzPHdOQnrQuQGvdWeFbPQY
28kAI8DtZDL49E2vux77busMWNcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ+kBuJ
zi08E1gL0iPML2vYciM/IzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2Y1MWFmZGQtNDY4ZC00OTk5LWIyY2QtNGM2NTE3NTA1YWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPKMA0G
CSqGSIb3DQEBCwUAA4IBAQC6NdFACtMh4vyzmX9iMoooRFhpWvGCiZVtpOh/P8Qi
PsbIwVAx9iMi2kAqug9eOsYnnW1+j0RmIRn1q3st7xglQaUkJ/T9Ue/kLwWpPZMw
KUYmO/4rSX1njyTRaOMpFrV5WpTq1z1DDxH098vzeFTTJu+de3H3vWhETFD+gQsx
rRCW/pPaTS/weTi5h0JAHqh5nTECd7yB7cT2bm5YyAU2Z4LwYCxytP9JuwMSEODJ
BjHEEHkJ+kPSpVTEKnG8qZS6LNAZeJdr9bGoSFZZ9dRYTP84zBeoXRFtsK982YgT
1WGNvc1DAV8jYZU9fPgjMqlopZKA28uOb3sVb0Ef+IJK
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:07 2024 by rpki-client on console-fra.rpki-client.org