Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97585122-fbed-4029-849a-162097054103.roa
File: 97585122-fbed-4029-849a-162097054103.roa (raw, json)
Hash identifier: slsflylnZtaIV0IjSWEKou9gg7pmjIPwkXeL9HR2b1I=
Subject key identifier: D8:FE:DA:6B:6F:AA:5E:6B:A8:DE:6D:6F:4A:C4:A6:12:00:9D:63:E3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3D50BB1795A1DB25D698BAF3160EB9E756C77287
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97585122-fbed-4029-849a-162097054103.roa
Signing time: Sat 20 Apr 2024 00:00:00 +0000
ROA not before: Sat 20 Apr 2024 00:00:00 +0000
ROA not after: Sat 25 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.72.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:50:bb:17:95:a1:db:25:d6:98:ba:f3:16:0e:b9:e7:56:c7:72:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 20 00:00:00 2024 GMT
Not After : May 25 23:59:59 2024 GMT
Subject: serialNumber=4bc8daeb9edbc2fe2fe6c84a4dc621eaac3bb5a06e544c341185e22d7d6b45f5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6b:ad:0d:d4:69:2f:56:45:1d:1a:b6:e9:71:
1a:17:be:5d:e0:1a:a2:31:88:71:bc:40:17:f5:d0:
db:b7:06:c8:92:8d:5a:b2:4d:ef:05:14:52:68:56:
c9:a3:6d:7c:fd:ea:67:cb:66:9a:dc:fc:a7:e5:92:
15:e4:33:f1:0e:a5:b4:a9:6b:0a:c8:d2:dc:9e:30:
36:08:2f:99:d7:04:09:02:35:c3:c2:c5:78:40:20:
3c:bc:f8:a4:85:9f:b7:bb:bc:9b:b7:0d:df:a0:d2:
78:07:d0:15:4f:d1:93:c4:df:9f:4f:4e:4c:be:5c:
88:f0:e4:b9:06:12:14:10:49:56:ad:c1:bb:1a:9d:
a0:22:0b:6e:d0:80:1c:8c:c9:46:51:0d:f3:0f:0b:
13:9b:2a:8a:cd:7f:37:36:6d:16:96:22:11:05:d0:
88:4f:6b:59:86:b5:61:42:ac:70:05:6a:97:7d:52:
41:f7:74:58:c0:ef:f7:0f:a2:6e:c3:b0:f6:fb:14:
0e:c8:3f:d6:fe:65:f7:51:8e:77:4a:8f:37:79:f5:
51:3f:66:3b:65:aa:c4:0a:fb:27:72:03:7b:d9:c7:
cd:32:79:c3:5f:c2:b3:be:a0:78:4f:4f:54:7a:a9:
56:b4:c5:21:f7:44:67:15:58:bc:ea:29:5b:f4:83:
de:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:FE:DA:6B:6F:AA:5E:6B:A8:DE:6D:6F:4A:C4:A6:12:00:9D:63:E3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97585122-fbed-4029-849a-162097054103.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.72.0.0/15
Signature Algorithm: sha256WithRSAEncryption
24:c0:57:d2:ae:8d:8e:dc:e5:63:4b:49:e3:d5:ec:dd:2f:e4:
7f:1f:ef:3c:77:8f:61:8b:e3:35:14:52:9b:a7:e2:6d:83:51:
6a:92:93:11:32:bc:b6:78:3b:30:37:c0:41:25:4f:30:56:42:
91:26:f4:56:a4:75:a5:fc:84:b3:f5:fd:98:83:ec:75:36:dd:
b7:0c:fe:2b:2e:a7:de:d4:53:9f:0f:2c:ef:bc:eb:bf:f5:a9:
51:ed:2c:3f:09:20:e4:50:2f:79:de:9d:4a:e1:a1:ba:50:ef:
12:90:03:dc:0b:2c:b6:f1:f1:19:00:e0:c5:b1:d4:4a:4c:cd:
01:cc:c7:da:ac:2c:d5:52:6a:d9:f4:7b:47:68:08:d2:c7:ec:
a1:0a:1e:ae:5f:e4:a3:18:32:52:4a:6a:c6:1e:55:0d:ee:cd:
92:63:10:8b:e2:f1:3d:3c:00:12:09:e9:07:f8:c5:74:2e:62:
a6:16:71:8c:e7:09:ac:66:9b:3d:50:18:00:2b:2f:84:a2:0a:
53:86:a0:3f:ad:45:74:40:4a:4b:97:1f:26:73:f5:d9:9c:c0:
5d:d8:0f:1f:e6:4b:4a:35:74:b9:6f:ac:f8:a1:9e:b4:1c:10:
4b:46:cb:63:f1:a3:19:ed:d4:3c:fd:01:9d:f1:13:b8:52:23:
f0:e5:38:cd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPVC7F5Wh2yXWmLrzFg6551bHcocwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjAwMDAwMDBaFw0yNDA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiYzhkYWViOWVkYmMyZmUyZmU2Yzg0YTRkYzYyMWVhYWMzYmI1YTA2ZTU0
NGMzNDExODVlMjJkN2Q2YjQ1ZjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJRrrQ3UaS9WRR0atulxGhe+XeAaojGIcbxAF/XQ27cGyJKNWrJN7wUUUmhW
yaNtfP3qZ8tmmtz8p+WSFeQz8Q6ltKlrCsjS3J4wNggvmdcECQI1w8LFeEAgPLz4
pIWft7u8m7cN36DSeAfQFU/Rk8Tfn09OTL5ciPDkuQYSFBBJVq3BuxqdoCILbtCA
HIzJRlEN8w8LE5sqis1/NzZtFpYiEQXQiE9rWYa1YUKscAVql31SQfd0WMDv9w+i
bsOw9vsUDsg/1v5l91GOd0qPN3n1UT9mO2WqxAr7J3IDe9nHzTJ5w1/Cs76geE9P
VHqpVrTFIfdEZxVYvOopW/SD3n0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTY/tpr
b6pea6jebW9KxKYSAJ1j4zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTc1ODUxMjItZmJlZC00MDI5LTg0OWEtMTYyMDk3MDU0MTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNIMA0G
CSqGSIb3DQEBCwUAA4IBAQAkwFfSro2O3OVjS0nj1ezdL+R/H+88d49hi+M1FFKb
p+Jtg1FqkpMRMry2eDswN8BBJU8wVkKRJvRWpHWl/ISz9f2Yg+x1Nt23DP4rLqfe
1FOfDyzvvOu/9alR7Sw/CSDkUC953p1K4aG6UO8SkAPcCyy28fEZAODFsdRKTM0B
zMfarCzVUmrZ9HtHaAjSx+yhCh6uX+SjGDJSSmrGHlUN7s2SYxCL4vE9PAASCekH
+MV0LmKmFnGM5wmsZps9UBgAKy+EogpThqA/rUV0QEpLlx8mc/XZnMBd2A8f5ktK
NXS5b6z4oZ60HBBLRstj8aMZ7dQ8/QGd8RO4UiPw5TjN
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:48:10 2024 by rpki-client on console-fra.rpki-client.org