Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ff6c730e-cc30-43c0-a320-08514ba518f0.roa
File: ff6c730e-cc30-43c0-a320-08514ba518f0.roa (raw, json)
Hash identifier: 7IrKFRfWa0tpbJgwUfWhh0+ziDb0J35J7k3pcZJzLUA=
Subject key identifier: 27:EA:39:5E:B8:64:EF:5D:D4:0A:80:97:AB:D2:72:EC:33:14:4F:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 30BCFD179764E0C57890BF10CC667CE47C0E21E4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ff6c730e-cc30-43c0-a320-08514ba518f0.roa
Signing time: Wed 17 Apr 2024 00:00:00 +0000
ROA not before: Wed 17 Apr 2024 00:00:00 +0000
ROA not after: Wed 22 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 87.238.80.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:bc:fd:17:97:64:e0:c5:78:90:bf:10:cc:66:7c:e4:7c:0e:21:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 00:00:00 2024 GMT
Not After : May 22 23:59:59 2024 GMT
Subject: serialNumber=883c444548310d643e132e886d0c0f34ffa17562fbd0e64de5272c3d1600eecf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:43:5b:9f:f0:59:99:93:d4:5e:f2:c1:66:3f:
85:0e:9f:54:e6:97:29:5c:a9:ef:31:68:2a:ad:29:
39:ed:d2:58:06:a2:e1:91:62:17:4d:79:d4:e6:a7:
31:13:95:64:44:95:3e:9a:3d:9a:fe:50:24:02:2c:
53:2b:ab:69:95:a9:67:f8:a2:2e:d6:70:40:e6:c4:
2a:55:61:69:27:82:a2:14:16:d2:c4:9e:9b:a2:bf:
86:63:f1:c3:43:92:fc:d8:90:c7:5a:e3:ef:3b:71:
52:1b:ef:b6:65:b7:2c:29:9a:b6:85:41:82:cc:7c:
e9:78:67:70:5a:1f:c1:15:78:ae:ca:3e:23:b5:e9:
c3:a2:7a:27:cc:4a:64:1f:18:f1:d8:18:f0:1d:61:
8d:54:a4:71:7f:c4:64:92:a0:b0:6f:f9:e8:69:74:
5f:d6:80:b5:cb:96:c4:c9:24:0f:06:91:7c:fe:79:
4f:14:ff:1d:28:21:4e:30:7a:38:75:b0:c4:20:34:
ec:e0:5a:86:19:af:08:9a:a8:bc:07:6e:25:a7:64:
ec:3f:db:71:66:bb:6b:4a:d6:17:a6:72:aa:87:d9:
e6:87:9a:0c:3c:54:5f:00:82:d1:00:2a:23:f8:a5:
2b:f4:e0:5c:ca:5b:d2:31:6c:4c:67:16:35:31:a5:
d5:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:EA:39:5E:B8:64:EF:5D:D4:0A:80:97:AB:D2:72:EC:33:14:4F:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ff6c730e-cc30-43c0-a320-08514ba518f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.80.0/21
Signature Algorithm: sha256WithRSAEncryption
4c:32:b4:2d:3f:df:27:ad:dd:79:5e:00:4b:ce:b7:c2:0b:9b:
94:be:28:05:76:f6:5c:33:64:dd:02:69:88:a4:84:b6:66:78:
d8:55:c5:3b:74:2b:53:b1:65:6c:0e:12:5e:20:dc:d4:0e:f8:
17:13:3b:7d:49:cf:a1:8a:49:d7:22:a7:44:54:b4:22:0d:ba:
ad:e9:01:ee:a4:e0:28:a9:69:b3:8f:2a:8a:68:2d:2d:6e:fd:
36:b3:88:dd:1d:e4:fc:52:7a:3f:75:7e:a7:b9:75:08:99:e1:
51:1b:8c:01:14:5c:a1:b9:ef:77:b0:8a:19:26:8c:0f:1a:6e:
d2:70:b6:3d:e9:b3:4b:f9:06:ba:ee:8f:32:a3:9a:62:71:ca:
38:a0:02:27:83:c3:2a:55:9e:b3:e1:6e:68:24:dd:1e:99:d9:
a3:91:ac:9a:92:6b:f3:9f:54:c5:bc:23:d1:fb:5e:72:c3:0c:
f1:c4:ee:74:8d:7c:d7:79:90:a7:07:f1:65:4f:fa:ac:b3:fe:
8f:a7:9a:7a:06:d1:97:b2:90:4f:6e:a8:8b:6f:cf:ef:52:87:
c8:22:64:0c:6a:bd:54:fc:3a:cf:dc:1b:fe:8c:76:57:e9:8c:
43:f0:a2:b4:a5:57:66:55:d1:e4:ad:3c:b6:10:a7:4d:b9:37:
cd:61:17:06
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMLz9F5dk4MV4kL8QzGZ85HwOIeQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MTcwMDAwMDBaFw0yNDA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4M2M0NDQ1NDgzMTBkNjQzZTEzMmU4ODZkMGMwZjM0ZmZhMTc1NjJmYmQw
ZTY0ZGU1MjcyYzNkMTYwMGVlY2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBDW5/wWZmT1F7ywWY/hQ6fVOaXKVyp7zFoKq0pOe3SWAai4ZFiF0151Oan
MROVZESVPpo9mv5QJAIsUyuraZWpZ/iiLtZwQObEKlVhaSeCohQW0sSem6K/hmPx
w0OS/NiQx1rj7ztxUhvvtmW3LCmatoVBgsx86XhncFofwRV4rso+I7Xpw6J6J8xK
ZB8Y8dgY8B1hjVSkcX/EZJKgsG/56Gl0X9aAtcuWxMkkDwaRfP55TxT/HSghTjB6
OHWwxCA07OBahhmvCJqovAduJadk7D/bcWa7a0rWF6ZyqofZ5oeaDDxUXwCC0QAq
I/ilK/TgXMpb0jFsTGcWNTGl1T8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQn6jle
uGTvXdQKgJer0nLsMxRPjTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmY2YzczMGUtY2MzMC00M2MwLWEzMjAtMDg1MTRiYTUxOGYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1fuUDAN
BgkqhkiG9w0BAQsFAAOCAQEATDK0LT/fJ63deV4AS863wgublL4oBXb2XDNk3QJp
iKSEtmZ42FXFO3QrU7FlbA4SXiDc1A74FxM7fUnPoYpJ1yKnRFS0Ig26rekB7qTg
KKlps48qimgtLW79NrOI3R3k/FJ6P3V+p7l1CJnhURuMARRcobnvd7CKGSaMDxpu
0nC2PemzS/kGuu6PMqOaYnHKOKACJ4PDKlWes+FuaCTdHpnZo5GsmpJr859Uxbwj
0ftecsMM8cTudI1813mQpwfxZU/6rLP+j6eaegbRl7KQT26oi2/P71KHyCJkDGq9
VPw6z9wb/ox2V+mMQ/CitKVXZlXR5K08thCnTbk3zWEXBg==
-----END CERTIFICATE-----
Generated at Mon May 6 00:49:45 2024 by rpki-client on console-fra.rpki-client.org