Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4153cd44-f090-48a5-bffc-3b2fed0e0348.roa
File: 4153cd44-f090-48a5-bffc-3b2fed0e0348.roa (raw, json)
Hash identifier: 9rWD9ov/EAaFqHLx9O1dzOI/IwJ7UmupkHqyeWdueoc=
Subject key identifier: 1D:8F:C9:0C:59:0E:64:07:77:55:8E:C8:96:EB:C6:0F:8B:B3:96:F1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 543EFA177D59C48897CEABF1D2360AD6CE732F1F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4153cd44-f090-48a5-bffc-3b2fed0e0348.roa
Signing time: Tue 26 Mar 2024 00:00:00 +0000
ROA not before: Tue 26 Mar 2024 00:00:00 +0000
ROA not after: Tue 30 Apr 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.72.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 29 Mar 2024 21:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:3e:fa:17:7d:59:c4:88:97:ce:ab:f1:d2:36:0a:d6:ce:73:2f:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 26 00:00:00 2024 GMT
Not After : Apr 30 23:59:59 2024 GMT
Subject: serialNumber=5e8ba5eed10f65f3d35547d9999add1063c2da99a55d0e85bc078cb06ee8a8a4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:28:7e:95:49:24:aa:c9:60:79:c1:bb:86:6d:
23:14:84:98:57:56:78:65:00:39:a5:f2:2e:23:c8:
52:02:ac:53:2c:6f:1d:e8:18:aa:6d:47:3f:b9:75:
c4:21:a3:11:b8:ac:52:b6:2a:94:9d:f9:d3:d5:13:
95:e3:75:f2:ee:42:ab:6c:81:76:d1:dd:87:02:b8:
a8:88:e8:c9:78:65:68:57:76:89:e8:32:01:74:b0:
a8:61:23:d2:b9:73:96:96:3b:00:39:ab:e7:4d:7f:
85:ee:6d:14:13:b7:27:25:42:e8:b0:de:2e:3e:2d:
c7:5c:8d:e0:c3:a4:e1:63:96:24:ef:22:35:b0:b8:
b7:0e:0f:db:ce:a8:e4:64:33:83:c2:66:43:d4:da:
06:16:2c:3e:38:a4:16:29:70:2f:5d:1a:81:09:7d:
b2:85:f2:2c:70:7e:fe:ea:74:69:e2:24:d8:1a:e0:
b8:5b:83:d0:f1:15:12:8b:a2:4c:65:ad:61:0f:09:
a3:f8:85:79:4e:4d:1e:59:41:f3:f0:ce:70:eb:e7:
6d:14:90:f6:cb:70:ff:e3:2a:4e:b9:75:fb:0b:06:
45:6c:4a:78:ed:90:45:2b:03:92:98:67:fd:f5:74:
6d:75:5a:d8:ce:a0:de:cf:00:1a:2b:c5:a2:61:2f:
e2:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:8F:C9:0C:59:0E:64:07:77:55:8E:C8:96:EB:C6:0F:8B:B3:96:F1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4153cd44-f090-48a5-bffc-3b2fed0e0348.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.72.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ad:98:88:85:d7:6f:d9:2a:9e:27:e1:ef:8c:00:f1:cf:9d:66:
29:bd:65:45:e6:9c:23:00:c1:d2:76:5c:ef:64:45:78:0e:56:
f3:cc:ba:da:fd:d9:85:4d:0b:fd:59:d1:8c:43:b3:be:b6:af:
37:90:55:05:b5:21:3e:c8:98:d7:7a:b7:05:3b:a5:3a:07:36:
e5:f1:a4:ed:b4:4c:70:f6:3d:e3:a8:b4:f9:87:25:7e:60:65:
e2:0d:41:5d:58:3f:c6:51:5f:6d:59:00:c6:cd:8f:57:63:bb:
8f:88:b0:fe:9f:8a:95:9b:cf:56:42:eb:32:20:48:7c:93:c5:
84:f7:3c:35:75:f0:d1:2b:f6:d6:75:0b:5a:41:d4:cd:22:79:
1b:3e:80:16:f5:33:01:23:d1:eb:0e:31:30:b6:b5:30:ae:b1:
fa:85:fc:68:50:31:12:80:14:c4:b3:7e:30:58:37:f3:79:e1:
7c:40:98:eb:70:79:19:b1:11:57:84:0a:d3:1e:78:46:c6:56:
69:bc:a1:b1:15:b7:12:f1:3f:39:e0:54:cc:a5:35:bc:23:2d:
62:2c:fc:31:89:2d:7a:3d:e9:48:17:2a:51:58:27:68:10:31:
be:93:2d:ae:0e:70:ba:45:89:b1:97:d3:20:10:95:c4:f2:54:
14:20:a5:ce
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVD76F31ZxIiXzqvx0jYK1s5zLx8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMjYwMDAwMDBaFw0yNDA0MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlOGJhNWVlZDEwZjY1ZjNkMzU1NDdkOTk5OWFkZDEwNjNjMmRhOTlhNTVk
MGU4NWJjMDc4Y2IwNmVlOGE4YTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM8ofpVJJKrJYHnBu4ZtIxSEmFdWeGUAOaXyLiPIUgKsUyxvHegYqm1HP7l1
xCGjEbisUrYqlJ3509UTleN18u5Cq2yBdtHdhwK4qIjoyXhlaFd2iegyAXSwqGEj
0rlzlpY7ADmr501/he5tFBO3JyVC6LDeLj4tx1yN4MOk4WOWJO8iNbC4tw4P286o
5GQzg8JmQ9TaBhYsPjikFilwL10agQl9soXyLHB+/up0aeIk2BrguFuD0PEVEoui
TGWtYQ8Jo/iFeU5NHllB8/DOcOvnbRSQ9stw/+MqTrl1+wsGRWxKeO2QRSsDkphn
/fV0bXVa2M6g3s8AGivFomEv4mMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQdj8kM
WQ5kB3dVjsiW68YPi7OW8TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDE1M2NkNDQtZjA5MC00OGE1LWJmZmMtM2IyZmVkMGUwMzQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNIMA0G
CSqGSIb3DQEBCwUAA4IBAQCtmIiF12/ZKp4n4e+MAPHPnWYpvWVF5pwjAMHSdlzv
ZEV4DlbzzLra/dmFTQv9WdGMQ7O+tq83kFUFtSE+yJjXercFO6U6Bzbl8aTttExw
9j3jqLT5hyV+YGXiDUFdWD/GUV9tWQDGzY9XY7uPiLD+n4qVm89WQusyIEh8k8WE
9zw1dfDRK/bWdQtaQdTNInkbPoAW9TMBI9HrDjEwtrUwrrH6hfxoUDESgBTEs34w
WDfzeeF8QJjrcHkZsRFXhArTHnhGxlZpvKGxFbcS8T854FTMpTW8Iy1iLPwxiS16
PelIFypRWCdoEDG+ky2uDnC6RYmxl9MgEJXE8lQUIKXO
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:20 2024 by rpki-client on console-fra.rpki-client.org