Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97585122-fbed-4029-849a-162097054103.roa
File: 97585122-fbed-4029-849a-162097054103.roa (raw, json)
Hash identifier: PlV2IHWjYDrxmVwFCfEbG1MeflR1dXo/hni4hBpQGUk=
Subject key identifier: 91:40:DC:66:52:14:3B:78:B6:7F:E7:D8:10:B5:6B:45:16:D1:7E:26
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6BE51203C810937DDE6FB5EE8AF34E4E80A18045
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97585122-fbed-4029-849a-162097054103.roa
Signing time: Wed 06 Sep 2023 00:00:00 +0000
ROA not before: Wed 06 Sep 2023 00:00:00 +0000
ROA not after: Wed 11 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.72.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Sep 2023 17:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:e5:12:03:c8:10:93:7d:de:6f:b5:ee:8a:f3:4e:4e:80:a1:80:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 6 00:00:00 2023 GMT
Not After : Oct 11 23:59:59 2023 GMT
Subject: serialNumber=27e539f7baa12d5551b817463008a8a9153b90270995339585579282360731a7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:11:a9:a0:ed:91:97:aa:bf:da:77:80:aa:e4:
f7:66:03:5b:f8:99:32:36:fc:02:a3:a4:86:6e:96:
9e:02:5d:11:76:97:1b:cf:65:4e:54:15:55:75:df:
91:1b:39:ba:34:6f:a3:d4:f3:5a:c9:96:cb:4c:17:
ce:c3:a9:8f:ac:80:bf:b9:f2:c2:e9:45:a6:41:77:
8a:0d:16:d8:5e:35:e5:02:2a:30:5c:d9:55:34:81:
d1:10:b0:d9:b9:a3:b0:fe:ad:82:15:e0:43:36:f5:
27:7d:76:09:1c:63:97:fd:79:a7:66:b0:bd:4e:c0:
76:02:8c:60:b5:fd:36:1b:bf:a8:cd:ae:96:bb:6e:
e2:09:8f:4a:6e:0a:30:08:aa:84:9e:17:e5:f1:a5:
05:63:31:a9:b8:ff:ff:33:c5:34:40:02:61:82:79:
8e:a8:78:54:73:96:05:80:8c:3d:db:01:39:03:83:
49:36:1b:2c:fc:42:51:5b:d9:82:41:59:0a:71:96:
cc:20:ee:d9:7d:d5:0b:64:0e:0f:32:dc:ae:0b:44:
be:7c:0b:f8:5e:d1:54:73:8b:e0:c9:fb:92:cb:6e:
22:8a:ed:cc:66:bf:34:f6:1d:ea:ac:93:0e:d9:e0:
9c:be:b6:9f:8a:74:51:d2:38:d4:73:33:ef:88:7d:
f4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:40:DC:66:52:14:3B:78:B6:7F:E7:D8:10:B5:6B:45:16:D1:7E:26
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97585122-fbed-4029-849a-162097054103.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.72.0.0/15
Signature Algorithm: sha256WithRSAEncryption
d1:b0:61:f5:11:54:d5:5c:c3:cb:e5:9c:b0:db:51:2c:77:ca:
8d:aa:a3:28:7c:ff:e3:38:fb:10:48:26:14:8f:ca:ca:b2:dc:
b6:20:07:40:95:76:18:f5:1e:79:bb:d0:9e:a0:dc:91:82:34:
75:09:1b:8c:da:95:24:94:50:5d:cf:d2:e4:6f:ed:f0:a1:35:
52:c3:59:95:98:29:6e:0e:30:10:9f:4a:49:3b:a4:a5:ce:75:
43:cd:b5:c5:87:c4:7a:b9:fd:c3:96:99:ec:c7:0f:36:68:a0:
79:32:6f:47:30:13:fb:97:89:79:c7:6a:b7:33:d3:35:81:a9:
c7:2e:d7:27:83:3f:2a:f4:7a:e4:52:a9:94:2d:aa:bb:97:ff:
8e:01:a3:02:55:2d:6f:17:1b:ef:3c:07:04:b7:5c:fb:0c:80:
6e:63:aa:20:e6:41:6c:6d:a2:d7:16:57:19:2e:ce:64:d5:83:
bf:4a:94:35:dc:3c:59:65:36:e1:ea:1d:d3:9d:3e:77:31:37:
8d:a6:e8:96:19:68:37:8e:a2:6c:00:08:28:10:66:69:76:0d:
5e:27:17:e2:d7:03:a6:fb:1d:92:81:db:16:28:85:2b:93:12:
a4:f9:72:2f:c1:c9:c2:59:67:cf:2d:cc:cb:fd:e7:e3:0d:25:
37:65:8e:31
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUa+USA8gQk33eb7XuivNOToChgEUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDYwMDAwMDBaFw0yMzEwMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3ZTUzOWY3YmFhMTJkNTU1MWI4MTc0NjMwMDhhOGE5MTUzYjkwMjcwOTk1
MzM5NTg1NTc5MjgyMzYwNzMxYTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANMRqaDtkZeqv9p3gKrk92YDW/iZMjb8AqOkhm6WngJdEXaXG89lTlQVVXXf
kRs5ujRvo9TzWsmWy0wXzsOpj6yAv7nywulFpkF3ig0W2F415QIqMFzZVTSB0RCw
2bmjsP6tghXgQzb1J312CRxjl/15p2awvU7AdgKMYLX9Nhu/qM2ulrtu4gmPSm4K
MAiqhJ4X5fGlBWMxqbj//zPFNEACYYJ5jqh4VHOWBYCMPdsBOQODSTYbLPxCUVvZ
gkFZCnGWzCDu2X3VC2QODzLcrgtEvnwL+F7RVHOL4Mn7kstuIortzGa/NPYd6qyT
DtngnL62n4p0UdI41HMz74h99F8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSRQNxm
UhQ7eLZ/59gQtWtFFtF+JjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTc1ODUxMjItZmJlZC00MDI5LTg0OWEtMTYyMDk3MDU0MTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNIMA0G
CSqGSIb3DQEBCwUAA4IBAQDRsGH1EVTVXMPL5Zyw21Esd8qNqqMofP/jOPsQSCYU
j8rKsty2IAdAlXYY9R55u9CeoNyRgjR1CRuM2pUklFBdz9Lkb+3woTVSw1mVmClu
DjAQn0pJO6SlznVDzbXFh8R6uf3Dlpnsxw82aKB5Mm9HMBP7l4l5x2q3M9M1ganH
Ltcngz8q9HrkUqmULaq7l/+OAaMCVS1vFxvvPAcEt1z7DIBuY6og5kFsbaLXFlcZ
Ls5k1YO/SpQ13DxZZTbh6h3TnT53MTeNpuiWGWg3jqJsAAgoEGZpdg1eJxfi1wOm
+x2SgdsWKIUrkxKk+XIvwcnCWWfPLczL/efjDSU3ZY4x
-----END CERTIFICATE-----
Generated at Wed Sep 6 00:20:49 2023 by rpki-client on console-fra.rpki-client.org