Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f67407cf-5834-4984-bfd7-dae383ea166b.roa
File: f67407cf-5834-4984-bfd7-dae383ea166b.roa (raw, json)
Hash identifier: IQXmasU4NBQNIzQc8Kmyvps+6+Oct6SGG7TCFEgaD74=
Subject key identifier: E6:19:CC:3B:92:98:2D:E9:F8:BA:67:8C:DC:7F:37:61:01:05:9F:CA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 74A94ABB0DC6F31E2B517134B103D69EC30E022A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f67407cf-5834-4984-bfd7-dae383ea166b.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.40.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:a9:4a:bb:0d:c6:f3:1e:2b:51:71:34:b1:03:d6:9e:c3:0e:02:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=401eda92344880d22509af5e22656a4b3e76386130cc64ce722e874b1a65dc0b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8c:1a:55:5e:e6:97:c5:4c:30:d8:92:8a:9f:
18:51:62:31:18:41:be:f4:ad:27:47:66:fe:e6:3e:
fc:8a:49:d7:af:d3:fa:67:1e:cb:b0:ee:66:ec:10:
2d:dc:65:c4:b2:bf:a1:b7:98:a0:84:c3:c4:a4:1c:
5f:2f:4a:8e:e9:44:eb:37:59:1b:94:40:45:e9:2e:
65:fe:57:af:93:3c:4f:20:81:fb:22:ba:89:25:59:
bf:a4:e1:07:0f:de:f4:3c:73:a5:43:d9:f9:4f:bc:
ef:2d:20:a1:4b:4a:74:d4:c7:5e:12:d6:4c:b6:27:
76:1f:5c:57:2a:6b:19:38:4c:62:3b:f0:e9:d4:ea:
fb:8c:37:32:6e:44:17:bc:b1:48:0e:17:f6:c2:d4:
69:77:a4:0c:3a:3a:a2:68:c7:59:4b:66:1d:a9:f8:
26:19:2b:76:fe:41:3f:a4:98:82:37:38:fd:f5:34:
d0:e3:0e:df:8c:fb:4e:14:a0:9b:b0:28:a2:a3:14:
77:9c:cb:07:21:ef:4f:bd:6e:7e:fc:71:3d:8c:26:
7e:41:7c:c9:89:cc:54:26:e0:b5:fe:68:f7:30:2e:
4a:77:ff:cb:73:b4:e4:e4:c3:53:b6:78:42:79:be:
21:75:28:ea:88:ab:f4:4e:69:ce:84:29:c7:51:2f:
41:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:19:CC:3B:92:98:2D:E9:F8:BA:67:8C:DC:7F:37:61:01:05:9F:CA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f67407cf-5834-4984-bfd7-dae383ea166b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6f:52:b8:1c:6b:7a:be:9f:dc:64:c9:07:f8:ff:d5:a4:7c:8a:
2a:75:89:1d:66:39:34:bc:4c:ad:0c:0e:27:bb:0d:a1:eb:9b:
ba:ae:d9:90:c1:e9:4c:92:fc:93:4d:03:ff:84:e0:f5:41:9d:
73:b0:a4:69:ac:cc:8b:d2:13:56:0e:67:bb:a2:cd:73:ca:f1:
2a:87:a0:5f:57:01:0a:dc:d8:fd:62:6b:d1:cc:bb:ee:7c:65:
3f:5d:ea:e5:84:d9:36:54:fd:1b:0e:8d:b2:01:73:6a:0b:cd:
8d:dd:5b:64:34:c8:9b:c2:d7:46:df:ee:0b:7d:c0:44:d2:cb:
01:d9:e9:54:98:ef:b0:9c:4e:37:ec:5a:da:a1:25:b1:60:0c:
42:0a:74:8e:eb:82:c5:76:e1:89:80:39:9d:8b:95:db:64:d3:
e3:20:e7:4b:3d:2e:c5:45:fe:b3:f6:76:e1:13:a8:23:f9:7c:
30:7d:0a:41:3d:9e:54:39:14:2a:42:ba:7e:59:bc:eb:77:aa:
f1:0a:aa:9e:41:8f:f0:e9:49:56:f9:42:19:ae:88:29:3c:57:
20:c8:4f:12:56:a7:12:c6:92:ca:8b:e9:1f:42:76:d9:a4:28:
88:d7:9e:8b:46:89:68:d2:28:0d:94:b7:66:22:d6:ca:b7:16:
10:be:0d:f0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdKlKuw3G8x4rUXE0sQPWnsMOAiowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwMWVkYTkyMzQ0ODgwZDIyNTA5YWY1ZTIyNjU2YTRiM2U3NjM4NjEzMGNj
NjRjZTcyMmU4NzRiMWE2NWRjMGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKKMGlVe5pfFTDDYkoqfGFFiMRhBvvStJ0dm/uY+/IpJ16/T+mcey7DuZuwQ
LdxlxLK/obeYoITDxKQcXy9KjulE6zdZG5RARekuZf5Xr5M8TyCB+yK6iSVZv6Th
Bw/e9DxzpUPZ+U+87y0goUtKdNTHXhLWTLYndh9cVyprGThMYjvw6dTq+4w3Mm5E
F7yxSA4X9sLUaXekDDo6omjHWUtmHan4Jhkrdv5BP6SYgjc4/fU00OMO34z7ThSg
m7AooqMUd5zLByHvT71ufvxxPYwmfkF8yYnMVCbgtf5o9zAuSnf/y3O05OTDU7Z4
Qnm+IXUo6oir9E5pzoQpx1EvQdcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTmGcw7
kpgt6fi6Z4zcfzdhAQWfyjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjY3NDA3Y2YtNTgzNC00OTg0LWJmZDctZGFlMzgzZWExNjZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMoMA0G
CSqGSIb3DQEBCwUAA4IBAQBvUrgca3q+n9xkyQf4/9WkfIoqdYkdZjk0vEytDA4n
uw2h65u6rtmQwelMkvyTTQP/hOD1QZ1zsKRprMyL0hNWDme7os1zyvEqh6BfVwEK
3Nj9YmvRzLvufGU/XerlhNk2VP0bDo2yAXNqC82N3VtkNMibwtdG3+4LfcBE0ssB
2elUmO+wnE437FraoSWxYAxCCnSO64LFduGJgDmdi5XbZNPjIOdLPS7FRf6z9nbh
E6gj+XwwfQpBPZ5UORQqQrp+Wbzrd6rxCqqeQY/w6UlW+UIZrogpPFcgyE8SVqcS
xpLKi+kfQnbZpCiI156LRolo0igNlLdmItbKtxYQvg3w
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:51 2024 by rpki-client on console-ams.rpki-client.org