Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/72138391-f885-46be-9450-815e493cd6a4.roa
File: 72138391-f885-46be-9450-815e493cd6a4.roa (raw, json)
Hash identifier: ppXGkvd1xYGA+VXSey+gBmN1QOu5OMiPnmDFVgUs/Xk=
Subject key identifier: A6:9F:A5:33:0C:62:FC:84:20:91:8D:52:1A:6D:4F:71:1B:D7:DA:F3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 61E01E784679F1BF5A1BCFD2691545405F07E271
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/72138391-f885-46be-9450-815e493cd6a4.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.180.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:e0:1e:78:46:79:f1:bf:5a:1b:cf:d2:69:15:45:40:5f:07:e2:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=f9f80ff188720e95e44d9057dbebc083eeb07d62b88e3723fc53d1064d5b6fa6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:05:79:89:91:3d:0a:d9:fa:39:af:9a:3b:9c:
40:be:ec:b9:f4:f8:40:7f:27:5a:c4:01:19:f8:f9:
32:3b:68:11:c5:ac:1d:79:4b:79:86:b4:14:3d:3d:
53:d6:bf:eb:41:b2:43:d8:e4:27:5e:8f:88:f0:c0:
21:88:f3:24:e7:0e:1c:92:16:bf:e5:85:8d:e3:f5:
9e:01:79:8d:74:70:2e:80:f4:51:5a:1d:ee:a0:30:
a8:af:f7:09:1a:aa:b1:b1:a9:8f:25:cb:21:1d:a8:
d5:3d:43:3f:70:f4:f4:a1:f0:e4:a3:db:ab:81:bf:
30:e4:33:eb:f3:8a:41:7e:5f:f5:ae:e7:66:ea:05:
e5:5d:35:01:9d:5e:ef:5c:56:93:d3:d4:7b:4d:bb:
f5:f5:70:9f:82:ba:0b:21:ef:32:55:3c:4d:1d:89:
6b:e3:3f:de:37:bd:aa:7c:b0:20:99:a7:2a:e7:21:
08:eb:2a:d1:ee:6d:fe:76:2f:ac:96:98:ec:f4:7f:
bd:73:dd:81:80:41:8f:ab:1b:b1:87:ba:c4:7a:40:
74:a9:3c:f2:de:31:75:c4:a1:a2:2e:8a:67:32:ac:
40:6f:1f:4d:ea:19:2a:18:0a:06:41:c6:c4:cb:33:
bf:57:21:30:16:a4:f8:ad:35:82:69:2a:10:80:0e:
50:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:9F:A5:33:0C:62:FC:84:20:91:8D:52:1A:6D:4F:71:1B:D7:DA:F3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/72138391-f885-46be-9450-815e493cd6a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ce:51:21:18:73:67:96:01:a4:e5:af:9b:5a:1a:d2:47:33:13:
db:e8:d9:b0:5e:7e:27:ae:40:db:78:82:76:a3:7b:b5:5e:f1:
f0:14:35:a1:cb:94:53:d7:f7:2d:10:12:96:89:e7:aa:b7:bc:
88:31:66:36:a5:1b:8f:ec:41:3b:c8:49:55:4e:63:dd:55:cc:
2d:fa:3b:e9:2e:26:bc:97:10:c4:0c:d5:69:31:47:76:6a:69:
bb:52:0e:8c:d4:b9:88:8c:c0:f1:96:a6:15:27:d1:02:59:39:
23:d6:c4:7e:74:12:da:32:76:2a:4f:0b:02:c6:6d:3d:c0:fc:
4b:eb:2c:07:15:7f:7a:e7:2f:3e:37:7d:87:48:ab:78:19:83:
f7:b4:73:3e:87:d3:4a:a7:51:89:da:10:d2:fb:53:29:d1:cb:
38:4d:0f:8b:98:7d:05:6d:63:f5:8b:72:4c:a2:29:de:93:49:
14:c6:25:2d:3a:49:08:d9:57:04:6e:ef:33:17:bb:9a:16:f9:
44:1c:56:67:f4:4d:bb:04:e9:de:d6:a4:39:8c:95:a0:a0:50:
40:8a:92:c5:75:ea:96:63:c7:a9:70:c9:c6:a5:a7:06:3d:76:
60:fc:aa:fa:d2:b6:52:eb:b3:9f:94:97:5e:19:7f:7a:81:c2:
89:c8:e8:84
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYeAeeEZ58b9aG8/SaRVFQF8H4nEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5ZjgwZmYxODg3MjBlOTVlNDRkOTA1N2RiZWJjMDgzZWViMDdkNjJiODhl
MzcyM2ZjNTNkMTA2NGQ1YjZmYTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkFeYmRPQrZ+jmvmjucQL7sufT4QH8nWsQBGfj5MjtoEcWsHXlLeYa0FD09
U9a/60GyQ9jkJ16PiPDAIYjzJOcOHJIWv+WFjeP1ngF5jXRwLoD0UVod7qAwqK/3
CRqqsbGpjyXLIR2o1T1DP3D09KHw5KPbq4G/MOQz6/OKQX5f9a7nZuoF5V01AZ1e
71xWk9PUe0279fVwn4K6CyHvMlU8TR2Ja+M/3je9qnywIJmnKuchCOsq0e5t/nYv
rJaY7PR/vXPdgYBBj6sbsYe6xHpAdKk88t4xdcShoi6KZzKsQG8fTeoZKhgKBkHG
xMszv1chMBak+K01gmkqEIAOUBUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSmn6Uz
DGL8hCCRjVIabU9xG9fa8zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzIxMzgzOTEtZjg4NS00NmJlLTk0NTAtODE1ZTQ5M2NkNmE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G
CSqGSIb3DQEBCwUAA4IBAQDOUSEYc2eWAaTlr5taGtJHMxPb6NmwXn4nrkDbeIJ2
o3u1XvHwFDWhy5RT1/ctEBKWieeqt7yIMWY2pRuP7EE7yElVTmPdVcwt+jvpLia8
lxDEDNVpMUd2amm7Ug6M1LmIjMDxlqYVJ9ECWTkj1sR+dBLaMnYqTwsCxm09wPxL
6ywHFX965y8+N32HSKt4GYP3tHM+h9NKp1GJ2hDS+1Mp0cs4TQ+LmH0FbWP1i3JM
oinek0kUxiUtOkkI2VcEbu8zF7uaFvlEHFZn9E27BOne1qQ5jJWgoFBAipLFdeqW
Y8epcMnGpacGPXZg/Kr60rZS67OflJdeGX96gcKJyOiE
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org