Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d0b0abfa-80be-4dbb-917e-af17d5ed9db9.roa
File: d0b0abfa-80be-4dbb-917e-af17d5ed9db9.roa (raw, json)
Hash identifier: 25e/c5WVLGeV5Gj357ckxLPzIAYAf/GnbYl4+xOt1Dg=
Subject key identifier: 03:FC:18:02:E0:1C:B9:91:D8:D9:9B:0A:E8:F4:E2:C5:AD:DD:9C:55
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3667AE40856FE043C0660739CF2B6FF1D9E483A3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d0b0abfa-80be-4dbb-917e-af17d5ed9db9.roa
Signing time: Wed 27 Mar 2024 00:00:00 +0000
ROA not before: Wed 27 Mar 2024 00:00:00 +0000
ROA not after: Wed 01 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 57.104.0.0/13 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Apr 2024 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:67:ae:40:85:6f:e0:43:c0:66:07:39:cf:2b:6f:f1:d9:e4:83:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 27 00:00:00 2024 GMT
Not After : May 1 23:59:59 2024 GMT
Subject: serialNumber=ad10ae9cabf052ef2f60ff26045e0ef5e06633cd1e1855bc3354edd7ebc19e05, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7e:f0:42:35:9c:ce:23:2c:ef:06:f2:d8:29:
3e:3d:0c:9b:07:35:3d:f2:26:a7:ee:57:67:22:38:
c5:74:3f:a4:e3:fa:11:6d:93:d4:bc:ed:69:8d:31:
51:8f:1e:9d:1f:3f:aa:32:5a:7a:31:f8:85:e0:1b:
e5:93:cb:ff:e5:f6:d2:e2:d3:e1:40:bf:17:63:ea:
af:98:2e:df:4c:b9:30:ae:41:32:71:d3:84:2f:8e:
ac:7d:13:23:97:a2:9c:2f:4f:13:6d:4c:50:3e:93:
90:77:e0:ad:a9:c7:3e:92:2f:86:f8:fe:fe:d5:5e:
16:0a:40:75:bb:c8:85:d2:c8:41:7f:8e:27:62:f9:
f0:32:b1:b2:f1:e3:b2:ee:50:30:6f:9c:ce:aa:65:
20:a7:59:48:4d:59:b8:7b:67:dd:ee:ae:f2:39:f2:
35:39:32:e0:f0:27:cf:af:84:fe:de:b8:17:e3:f4:
9d:ed:6e:cd:9e:f1:a8:d8:77:59:97:40:f1:92:ab:
ed:a7:ec:bf:f6:6e:e3:4a:f6:b9:6c:dd:57:19:b5:
99:1c:6e:c7:63:ca:10:51:3f:05:65:51:0b:4b:35:
cf:13:59:b0:9c:d4:54:eb:83:5b:ef:20:af:31:89:
c5:99:fb:91:c8:ca:78:8e:3d:e9:ab:e8:d3:58:cc:
03:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:FC:18:02:E0:1C:B9:91:D8:D9:9B:0A:E8:F4:E2:C5:AD:DD:9C:55
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d0b0abfa-80be-4dbb-917e-af17d5ed9db9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.104.0.0/13
Signature Algorithm: sha256WithRSAEncryption
6e:bf:13:d0:34:ce:66:d7:80:c0:45:df:f8:7d:6d:3c:4a:05:
d1:d4:10:84:e4:1a:5c:a4:80:c4:55:93:12:45:6e:08:a9:3e:
a4:c8:c8:96:bb:88:e5:2e:49:22:14:d2:78:77:4a:10:e3:39:
25:6c:5d:59:d8:6a:ea:0e:ac:cb:a4:9e:c0:cd:e8:61:1b:f1:
8d:c9:65:bd:c0:d6:65:71:ae:8a:c2:a0:35:2d:ac:55:fa:7d:
ff:18:a2:9e:3e:70:85:88:a4:6b:31:c0:c6:bb:14:eb:a2:32:
ed:50:ad:f3:e1:da:31:5d:00:6f:ab:65:b0:4d:82:b6:14:0c:
11:8f:77:12:19:a4:21:ed:85:10:35:aa:90:38:57:55:55:e1:
49:6b:f1:d3:fd:a3:f1:56:f3:0a:c2:ee:25:da:d5:36:17:d3:
2a:9e:76:bd:2c:8b:53:45:e8:c4:83:07:11:44:4e:f0:57:be:
de:f4:f3:ce:6e:e4:a3:4a:67:6b:18:dd:35:c6:59:96:24:ad:
dd:6f:44:7b:1f:48:a2:dc:6a:42:95:fb:0a:a5:51:74:01:21:
15:9d:d9:2e:b7:7a:29:65:90:d4:f5:eb:13:9d:19:17:c0:dc:
a0:2f:e2:d4:ce:51:75:72:2d:25:5e:d3:2a:eb:58:a7:53:8c:
63:6d:f3:cf
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNmeuQIVv4EPAZgc5zytv8dnkg6MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMjcwMDAwMDBaFw0yNDA1MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkMTBhZTljYWJmMDUyZWYyZjYwZmYyNjA0NWUwZWY1ZTA2NjMzY2QxZTE4
NTViYzMzNTRlZGQ3ZWJjMTllMDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKB+8EI1nM4jLO8G8tgpPj0Mmwc1PfImp+5XZyI4xXQ/pOP6EW2T1LztaY0x
UY8enR8/qjJaejH4heAb5ZPL/+X20uLT4UC/F2Pqr5gu30y5MK5BMnHThC+OrH0T
I5einC9PE21MUD6TkHfgranHPpIvhvj+/tVeFgpAdbvIhdLIQX+OJ2L58DKxsvHj
su5QMG+czqplIKdZSE1ZuHtn3e6u8jnyNTky4PAnz6+E/t64F+P0ne1uzZ7xqNh3
WZdA8ZKr7afsv/Zu40r2uWzdVxm1mRxux2PKEFE/BWVRC0s1zxNZsJzUVOuDW+8g
rzGJxZn7kcjKeI496avo01jMAwUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQD/BgC
4By5kdjZmwro9OLFrd2cVTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDBiMGFiZmEtODBiZS00ZGJiLTkxN2UtYWYxN2Q1ZWQ5ZGI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzloMA0G
CSqGSIb3DQEBCwUAA4IBAQBuvxPQNM5m14DARd/4fW08SgXR1BCE5BpcpIDEVZMS
RW4IqT6kyMiWu4jlLkkiFNJ4d0oQ4zklbF1Z2GrqDqzLpJ7AzehhG/GNyWW9wNZl
ca6KwqA1LaxV+n3/GKKePnCFiKRrMcDGuxTrojLtUK3z4doxXQBvq2WwTYK2FAwR
j3cSGaQh7YUQNaqQOFdVVeFJa/HT/aPxVvMKwu4l2tU2F9Mqnna9LItTRejEgwcR
RE7wV77e9PPObuSjSmdrGN01xlmWJK3db0R7H0ii3GpClfsKpVF0ASEVndkut3op
ZZDU9esTnRkXwNygL+LUzlF1ci0lXtMq61inU4xjbfPP
-----END CERTIFICATE-----
Generated at Thu Apr 18 00:46:57 2024 by rpki-client on console-fra.rpki-client.org