Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e4b516c1-e154-4f18-af17-f71694b6015c.roa
File: e4b516c1-e154-4f18-af17-f71694b6015c.roa (raw, json)
Hash identifier: mcr4aJiFuXbUOsoRgfGHKTiqhkvNzUTk/WXTh0vofeM=
Subject key identifier: 5D:5D:02:55:79:FA:79:6E:CF:D1:4B:B6:4C:19:57:A1:F1:52:3D:BF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4F62716F1989AA0D640FDDE03B9DE3E92DE8D35B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e4b516c1-e154-4f18-af17-f71694b6015c.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.114.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:62:71:6f:19:89:aa:0d:64:0f:dd:e0:3b:9d:e3:e9:2d:e8:d3:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=dffa7d87fe0175fbf719f8fe41d8b96dff5befdd008ff2d4ed1a803a4ee14294, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:5e:ad:34:df:92:c2:9b:e8:1c:e8:c5:37:d1:
bd:c0:14:c0:b0:b1:af:e5:8d:a1:79:1b:47:1f:b5:
40:ec:47:dc:1e:22:61:7a:41:19:60:50:cc:70:67:
3e:6b:0c:03:0e:41:e3:29:96:86:61:22:21:81:f0:
a4:2e:94:30:35:89:32:20:7c:25:8b:67:8a:49:7a:
c5:e6:a6:0e:f2:27:61:c3:35:ce:e1:73:be:ba:7d:
17:d6:f5:d4:7e:4f:f6:f3:b7:02:9c:1f:c9:a8:0e:
07:de:e2:41:31:90:b7:0d:32:12:16:f6:67:17:84:
b3:54:59:3c:fe:a9:d5:32:11:3e:75:17:49:d0:f0:
8c:db:3d:68:ea:8f:93:ca:7d:41:90:23:b5:1d:fc:
f7:66:6c:fa:d5:fc:ee:06:6f:ff:4f:20:dd:59:a9:
da:d1:5a:cf:87:14:1b:ab:8c:fb:98:b5:a1:2a:50:
6f:2b:77:3a:ae:9c:05:f2:16:de:c8:1f:10:f5:89:
94:3a:b1:10:a4:94:a6:22:a2:cb:a9:f8:24:af:ef:
b9:de:47:5f:cf:41:f5:dc:a8:86:0a:79:38:7c:42:
9c:62:f1:ac:a7:62:84:c6:4e:31:9b:01:e0:b7:2d:
f4:f1:9e:24:8d:dc:31:4c:9e:79:c3:a9:8c:ed:b5:
6d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:5D:02:55:79:FA:79:6E:CF:D1:4B:B6:4C:19:57:A1:F1:52:3D:BF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e4b516c1-e154-4f18-af17-f71694b6015c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.114.0.0/16
Signature Algorithm: sha256WithRSAEncryption
92:08:6d:23:9b:0a:1c:13:03:5d:c1:fd:a7:da:b2:42:00:5e:
65:f8:1c:55:7c:62:b1:27:dc:9f:d5:22:bb:97:4d:60:59:64:
f6:3b:f9:5b:3a:74:fe:d9:ef:61:67:69:f0:4c:ca:ec:b0:1d:
6c:f6:cb:88:ce:03:b6:9b:8f:46:1e:f6:a9:f4:e7:ab:ee:fc:
d0:57:a0:c3:ff:eb:88:b3:15:85:8c:a7:c5:9f:51:a6:bc:54:
b1:bc:e0:5f:f9:9a:58:2e:f3:cf:f1:5f:fc:a1:1c:82:ef:59:
e2:fe:8b:98:59:7e:cd:21:b5:56:3e:24:fe:1f:be:cb:d8:71:
f2:ac:38:e7:d0:3f:a9:8b:e7:ea:4b:0a:d7:17:79:c7:0e:4f:
9f:00:91:14:4e:c2:73:84:47:09:00:00:2b:35:52:88:c9:c8:
de:05:60:80:20:63:b7:d3:42:24:20:3e:94:a2:06:6d:10:ee:
6d:fb:95:69:98:76:e2:4e:ed:8d:29:30:77:32:0a:30:da:0e:
26:25:a7:f6:74:70:a7:90:d1:f8:aa:83:72:a6:68:68:ad:d0:
13:26:2c:96:c5:5a:1b:5b:8b:fb:58:5f:e7:ce:c4:fe:f1:83:
59:1a:ea:56:23:17:c4:b6:30:c4:3b:90:68:f4:29:6e:81:e5:
6a:7c:05:3a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUT2JxbxmJqg1kD93gO53j6S3o01swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmZmE3ZDg3ZmUwMTc1ZmJmNzE5ZjhmZTQxZDhiOTZkZmY1YmVmZGQwMDhm
ZjJkNGVkMWE4MDNhNGVlMTQyOTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN1erTTfksKb6BzoxTfRvcAUwLCxr+WNoXkbRx+1QOxH3B4iYXpBGWBQzHBn
PmsMAw5B4ymWhmEiIYHwpC6UMDWJMiB8JYtnikl6xeamDvInYcM1zuFzvrp9F9b1
1H5P9vO3ApwfyagOB97iQTGQtw0yEhb2ZxeEs1RZPP6p1TIRPnUXSdDwjNs9aOqP
k8p9QZAjtR3892Zs+tX87gZv/08g3Vmp2tFaz4cUG6uM+5i1oSpQbyt3Oq6cBfIW
3sgfEPWJlDqxEKSUpiKiy6n4JK/vud5HX89B9dyohgp5OHxCnGLxrKdihMZOMZsB
4Lct9PGeJI3cMUyeecOpjO21bTkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRdXQJV
efp5bs/RS7ZMGVeh8VI9vzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTRiNTE2YzEtZTE1NC00ZjE4LWFmMTctZjcxNjk0YjYwMTVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNyMA0G
CSqGSIb3DQEBCwUAA4IBAQCSCG0jmwocEwNdwf2n2rJCAF5l+BxVfGKxJ9yf1SK7
l01gWWT2O/lbOnT+2e9hZ2nwTMrssB1s9suIzgO2m49GHvap9Oer7vzQV6DD/+uI
sxWFjKfFn1GmvFSxvOBf+ZpYLvPP8V/8oRyC71ni/ouYWX7NIbVWPiT+H77L2HHy
rDjn0D+pi+fqSwrXF3nHDk+fAJEUTsJzhEcJAAArNVKIycjeBWCAIGO300IkID6U
ogZtEO5t+5VpmHbiTu2NKTB3Mgow2g4mJaf2dHCnkNH4qoNypmhordATJiyWxVob
W4v7WF/nzsT+8YNZGupWIxfEtjDEO5Bo9ClugeVqfAU6
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:30 2024 by rpki-client on console-fra.rpki-client.org