Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
File: d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa (raw, json)
Hash identifier: uLXVtuV/193nIXz5Z3a9SC4Y5EnpYmvvf+DGh9+5a9I=
Subject key identifier: 88:98:E0:FC:E0:9A:82:3B:35:A1:E7:B6:AC:5B:70:6B:2F:63:B9:E7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 31975AECD5C4C61C942ADDC63DCD6698A858192A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.110.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:97:5a:ec:d5:c4:c6:1c:94:2a:dd:c6:3d:cd:66:98:a8:58:19:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=f2b063b85946267aa70d7a71847ba2a2b585db9e264a66e1d9e940272df63bb6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:76:bb:fe:5b:0b:1b:88:55:6c:9c:64:9d:d9:
30:fa:ee:ff:39:f6:c8:37:59:fd:d5:c7:69:85:61:
9c:1b:7c:c1:e6:85:1d:4d:9e:67:0d:16:8c:07:32:
d9:ef:0c:62:b9:d4:9b:fa:44:fb:4c:95:68:28:21:
20:b5:28:e6:08:b9:6b:9e:a3:2a:48:b1:10:93:c9:
43:f1:b9:ff:7a:a4:58:e6:ea:ba:9e:43:55:a1:68:
5e:38:ca:b0:98:ae:6c:32:a5:98:81:5e:78:cf:0b:
70:93:b9:b8:a3:58:62:db:26:b3:e7:77:b3:ec:18:
58:aa:ef:0f:de:a0:9e:00:09:b6:32:91:5f:a6:13:
e2:88:9c:da:8d:4b:ca:b3:1c:14:e0:8a:ab:8b:c7:
56:35:51:2f:a2:05:e6:2e:fe:4d:49:06:52:a4:0e:
b2:82:95:e7:2e:8b:d1:18:18:8b:a3:dc:f5:b4:f9:
73:e9:ad:7d:a0:e2:02:16:7f:9f:85:bd:b1:21:ab:
0a:bc:9f:c6:e7:1f:72:25:3a:02:dc:5b:47:e7:c2:
22:e4:42:1e:44:36:50:c6:bf:b3:3a:d0:3c:03:13:
f5:f4:29:33:51:58:76:44:8c:39:a3:f3:1d:8a:70:
5f:e8:93:a2:72:f5:85:c9:96:d1:c5:ca:f4:0b:4e:
86:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:98:E0:FC:E0:9A:82:3B:35:A1:E7:B6:AC:5B:70:6B:2F:63:B9:E7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.110.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bf:39:14:9b:8c:33:9a:ed:40:77:69:de:7b:ae:92:7f:9b:81:
60:e4:54:80:6a:fc:e7:62:2a:6c:c8:30:1b:e5:3c:1c:0b:03:
06:5d:94:8a:57:1c:8b:41:c4:78:4b:54:f6:5d:c8:f8:8b:04:
73:d8:a9:71:70:c9:a8:44:cb:67:14:f2:fa:07:91:19:61:c7:
b8:42:94:9e:0f:2a:16:7b:da:d2:b2:95:0e:53:ab:2a:51:ad:
65:ba:fa:9f:d0:c9:6b:b6:a9:49:05:19:d6:5e:69:75:99:6c:
68:d7:ae:63:7e:8c:56:ad:31:19:86:17:23:2a:ce:1e:3a:d7:
dc:db:d3:6f:05:d8:21:16:53:f6:1c:36:d1:c6:98:47:91:55:
62:5d:f3:00:ad:cd:9f:8b:88:11:a3:18:5a:00:ca:90:fa:00:
1d:05:e2:3a:bc:61:5f:c1:df:e3:3a:1f:20:57:34:2e:90:b4:
fa:02:9e:7f:c2:bf:b7:04:87:33:02:44:20:31:3d:55:40:69:
a5:c9:69:48:09:87:00:2f:8b:98:a5:e8:f5:46:0f:49:9e:41:
82:9d:68:23:4f:50:c2:ff:52:2e:e3:f3:53:29:0b:c7:3f:45:
f5:0a:81:a1:aa:e3:cf:9d:c5:31:a4:d5:39:88:52:68:b4:2f:
96:9b:d2:59
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMZda7NXExhyUKt3GPc1mmKhYGSowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyYjA2M2I4NTk0NjI2N2FhNzBkN2E3MTg0N2JhMmEyYjU4NWRiOWUyNjRh
NjZlMWQ5ZTk0MDI3MmRmNjNiYjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL12u/5bCxuIVWycZJ3ZMPru/zn2yDdZ/dXHaYVhnBt8weaFHU2eZw0WjAcy
2e8MYrnUm/pE+0yVaCghILUo5gi5a56jKkixEJPJQ/G5/3qkWObqup5DVaFoXjjK
sJiubDKlmIFeeM8LcJO5uKNYYtsms+d3s+wYWKrvD96gngAJtjKRX6YT4oic2o1L
yrMcFOCKq4vHVjVRL6IF5i7+TUkGUqQOsoKV5y6L0RgYi6Pc9bT5c+mtfaDiAhZ/
n4W9sSGrCryfxucfciU6AtxbR+fCIuRCHkQ2UMa/szrQPAMT9fQpM1FYdkSMOaPz
HYpwX+iTonL1hcmW0cXK9AtOhosCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSImOD8
4JqCOzWh57asW3BrL2O55zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDI0MTc2MWEtNGM2ZS00ZGIzLWJhMGEtMjZiMmVkYTYyMjJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNuMA0G
CSqGSIb3DQEBCwUAA4IBAQC/ORSbjDOa7UB3ad57rpJ/m4Fg5FSAavznYipsyDAb
5TwcCwMGXZSKVxyLQcR4S1T2Xcj4iwRz2KlxcMmoRMtnFPL6B5EZYce4QpSeDyoW
e9rSspUOU6sqUa1luvqf0MlrtqlJBRnWXml1mWxo165jfoxWrTEZhhcjKs4eOtfc
29NvBdghFlP2HDbRxphHkVViXfMArc2fi4gRoxhaAMqQ+gAdBeI6vGFfwd/jOh8g
VzQukLT6Ap5/wr+3BIczAkQgMT1VQGmlyWlICYcAL4uYpej1Rg9JnkGCnWgjT1DC
/1Iu4/NTKQvHP0X1CoGhquPPncUxpNU5iFJotC+Wm9JZ
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org