Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0992c8f3-91b8-483e-82a3-3c5c9c1a9e84.roa
File: 0992c8f3-91b8-483e-82a3-3c5c9c1a9e84.roa (raw, json)
Hash identifier: jUXYXWdr5o9kxkCs82hAz0GIxAmV/v514plJknBVmu8=
Subject key identifier: 60:56:C3:C8:C2:12:A3:D1:65:D5:46:0A:BB:FF:10:72:C4:52:C3:6D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3937B4DC96A05030A54E7FE15B30226F56B84C12
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0992c8f3-91b8-483e-82a3-3c5c9c1a9e84.roa
Signing time: Mon 13 May 2024 00:00:00 +0000
ROA not before: Mon 13 May 2024 00:00:00 +0000
ROA not after: Mon 17 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 178.236.0.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:37:b4:dc:96:a0:50:30:a5:4e:7f:e1:5b:30:22:6f:56:b8:4c:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 13 00:00:00 2024 GMT
Not After : Jun 17 23:59:59 2024 GMT
Subject: serialNumber=cf5062cd685e77122c87394381c000bf92e70cef6c04c98596886a7e25565aed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:dc:7b:97:6f:b0:86:25:42:71:8d:95:4a:0f:
97:18:42:3f:ef:0a:4a:6b:a0:54:d6:be:01:8f:b6:
dc:1c:c0:e4:94:28:c3:52:83:f2:51:8f:33:c9:a3:
a3:35:8d:fe:10:be:ac:16:b5:12:06:93:e0:95:c0:
c8:26:bf:fb:b1:2c:82:2e:65:86:95:9b:9f:25:cd:
fc:0b:9c:73:ef:00:0f:d2:05:fd:c0:89:bd:c4:13:
75:c9:c9:9c:f1:ce:70:bb:6f:8a:7c:6b:91:39:e6:
d3:43:80:96:ff:e6:3f:b2:cd:80:71:80:2b:8b:ed:
1c:a5:de:81:9c:f3:bb:78:38:33:75:24:b4:ee:da:
e9:f2:6e:63:5f:7c:6f:9c:ab:23:91:1d:55:38:76:
18:2c:f0:8f:05:03:b3:57:a2:f1:46:9b:ab:3d:83:
b3:6a:d6:49:c1:5a:5f:fa:82:0c:a8:ea:a3:37:6a:
0c:f1:bd:06:d1:8a:d9:c5:34:df:48:a5:f4:f8:47:
12:2c:e0:fb:27:3f:0c:a4:7e:7d:aa:e4:09:ee:bc:
2c:9e:70:72:2d:41:47:cd:d1:1c:71:9e:63:59:cc:
43:dd:b3:f1:99:77:70:c0:e2:6e:46:5e:0b:35:7f:
c0:47:a9:8e:0b:e7:cd:d0:63:78:90:3c:3f:cd:8f:
bb:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:56:C3:C8:C2:12:A3:D1:65:D5:46:0A:BB:FF:10:72:C4:52:C3:6D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0992c8f3-91b8-483e-82a3-3c5c9c1a9e84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.0.0/20
Signature Algorithm: sha256WithRSAEncryption
99:58:10:c5:4f:77:6f:da:57:a8:0f:87:4c:2a:82:16:17:5d:
0b:e9:44:a8:73:49:7b:0f:f9:57:0d:29:f4:d3:43:e0:30:b1:
90:b7:2a:3c:8f:d1:a6:ae:1a:ab:46:75:e7:0b:80:38:e4:75:
1a:30:72:64:4a:4a:23:22:0e:47:8a:f9:6f:0e:82:21:a3:2a:
51:e2:46:3a:e6:98:51:17:90:42:81:8a:47:af:eb:d7:5b:fe:
34:ee:04:ef:12:4f:02:3b:ad:30:74:3c:4a:23:7f:e7:41:2d:
c2:87:c3:03:9a:19:ca:59:e5:71:40:38:db:54:a1:8d:07:20:
db:95:0b:19:0f:e3:6d:a2:49:b1:e6:4d:05:96:4a:e1:f9:f5:
58:92:41:ab:60:ae:c1:42:1c:04:df:e5:c9:bb:02:03:29:48:
50:06:d0:af:3d:11:77:90:82:b8:5b:76:30:a2:0a:67:20:0b:
59:47:9f:89:0a:ba:96:64:fd:4c:21:0e:6f:72:95:c4:06:61:
47:d4:d6:9a:f0:d2:90:0b:49:46:f4:8e:d2:3c:76:e9:24:3f:
60:39:10:69:d2:a9:58:25:d3:aa:ca:36:ce:ce:96:ab:b8:3f:
33:cb:06:3f:ec:e6:e0:4f:ea:80:4c:9c:73:85:1b:ed:34:49:
8e:3e:02:d8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOTe03JagUDClTn/hWzAib1a4TBIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA1MTMwMDAwMDBaFw0yNDA2MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmNTA2MmNkNjg1ZTc3MTIyYzg3Mzk0MzgxYzAwMGJmOTJlNzBjZWY2YzA0
Yzk4NTk2ODg2YTdlMjU1NjVhZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJDce5dvsIYlQnGNlUoPlxhCP+8KSmugVNa+AY+23BzA5JQow1KD8lGPM8mj
ozWN/hC+rBa1EgaT4JXAyCa/+7Esgi5lhpWbnyXN/Aucc+8AD9IF/cCJvcQTdcnJ
nPHOcLtvinxrkTnm00OAlv/mP7LNgHGAK4vtHKXegZzzu3g4M3UktO7a6fJuY198
b5yrI5EdVTh2GCzwjwUDs1ei8Uabqz2Ds2rWScFaX/qCDKjqozdqDPG9BtGK2cU0
30il9PhHEizg+yc/DKR+farkCe68LJ5wci1BR83RHHGeY1nMQ92z8Zl3cMDibkZe
CzV/wEepjgvnzdBjeJA8P82Pu2cCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRgVsPI
whKj0WXVRgq7/xByxFLDbTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDk5MmM4ZjMtOTFiOC00ODNlLTgyYTMtM2M1YzljMWE5ZTg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLLsADAN
BgkqhkiG9w0BAQsFAAOCAQEAmVgQxU93b9pXqA+HTCqCFhddC+lEqHNJew/5Vw0p
9NND4DCxkLcqPI/Rpq4aq0Z15wuAOOR1GjByZEpKIyIOR4r5bw6CIaMqUeJGOuaY
UReQQoGKR6/r11v+NO4E7xJPAjutMHQ8SiN/50EtwofDA5oZylnlcUA421ShjQcg
25ULGQ/jbaJJseZNBZZK4fn1WJJBq2CuwUIcBN/lybsCAylIUAbQrz0Rd5CCuFt2
MKIKZyALWUefiQq6lmT9TCEOb3KVxAZhR9TWmvDSkAtJRvSO0jx26SQ/YDkQadKp
WCXTqso2zs6Wq7g/M8sGP+zm4E/qgEycc4Ub7TRJjj4C2A==
-----END CERTIFICATE-----
Generated at Sun Jun 2 01:38:06 2024 by rpki-client on console-ams.rpki-client.org