Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/056ba6e3-7c55-40b5-9c67-9ca2afb3d662.roa
File: 056ba6e3-7c55-40b5-9c67-9ca2afb3d662.roa (raw, json)
Hash identifier: ip/pRxhWKXrTC13/QD+zKE9bYINuWiDjpHBkoDjgczc=
Subject key identifier: B9:FF:12:C5:40:ED:18:33:6A:7C:B4:57:EC:6C:D4:C6:50:91:57:5E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5539E18B28E9F958AA39137D58871ADD84069340
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/056ba6e3-7c55-40b5-9c67-9ca2afb3d662.roa
Signing time: Wed 17 Apr 2024 00:00:00 +0000
ROA not before: Wed 17 Apr 2024 00:00:00 +0000
ROA not after: Wed 22 May 2024 23:59:59 +0000
asID: 7224
IP address blocks: 46.51.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:39:e1:8b:28:e9:f9:58:aa:39:13:7d:58:87:1a:dd:84:06:93:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 00:00:00 2024 GMT
Not After : May 22 23:59:59 2024 GMT
Subject: serialNumber=640184a976fc7f41996b4d7f872aaa4b707c10ebef34591f3b2535cbbfe60161, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:43:ab:82:cc:77:1b:cd:30:02:ec:fd:0b:8b:
d3:e3:ce:6b:ac:42:a9:50:ba:6f:81:9a:b5:dd:2a:
7d:48:92:b7:a3:c0:16:70:0d:a7:2f:4d:77:c2:82:
b9:7d:5e:93:9b:19:46:fc:7d:04:8a:e3:5f:76:7f:
17:5e:da:c4:79:9e:20:d0:30:88:1a:81:a1:28:a3:
01:82:04:2f:1e:3d:f3:7c:ca:64:b4:d8:3e:03:ce:
1d:ac:75:aa:70:04:ca:6c:c3:a1:e0:89:86:be:53:
3d:ef:08:e3:07:da:03:82:08:a9:dd:cf:7b:e5:a0:
29:41:c7:f9:fc:b5:92:52:70:2a:83:e5:c2:66:f7:
e6:4a:8e:70:f3:9b:c9:15:59:f4:52:ed:91:20:f7:
4a:da:94:c7:9b:1d:a4:dd:41:f7:27:69:6a:a5:2f:
fe:13:a3:c3:b9:96:b5:d5:80:66:62:0d:d1:35:29:
1e:f2:03:8b:cf:5c:e1:73:1e:5d:d2:ee:ed:a3:5b:
67:07:b9:a4:83:52:41:74:fa:e3:31:45:9e:ea:d8:
7a:10:43:c1:96:ea:32:f1:36:a2:f4:f4:59:93:fe:
1f:a3:28:df:e8:f0:e2:65:89:e7:e0:55:8a:b8:62:
df:4a:c1:33:65:5e:47:02:4d:54:d2:d7:dc:5e:d4:
37:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:FF:12:C5:40:ED:18:33:6A:7C:B4:57:EC:6C:D4:C6:50:91:57:5E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/056ba6e3-7c55-40b5-9c67-9ca2afb3d662.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.128.0/17
Signature Algorithm: sha256WithRSAEncryption
08:87:1b:43:6e:5c:06:1e:7f:f0:8a:27:a1:a8:66:02:3b:a5:
6d:fa:9d:e1:4a:22:38:46:91:5e:03:f6:52:16:42:9a:50:82:
80:16:48:43:74:01:c3:89:19:ce:0e:a0:ef:36:52:62:c9:74:
b1:2a:e2:c0:36:90:d3:d5:67:5d:40:d6:c8:c1:31:35:78:1b:
b7:e7:46:1a:4c:83:67:ac:1a:f2:92:8a:1c:e4:2b:bd:8b:6b:
97:4a:68:41:d7:62:57:8c:16:32:24:6b:ef:fa:22:f3:59:43:
70:c0:d6:e7:a7:b1:15:dc:46:b3:e3:52:33:70:99:9e:c2:3c:
ed:41:28:4b:b1:65:82:21:d9:54:f4:4e:cd:35:5e:87:65:0c:
3d:ce:d2:3a:d4:cd:2c:d3:c5:66:7b:f3:54:71:31:f3:12:71:
e0:ba:a1:97:dd:61:1a:3f:87:7e:87:29:a0:b9:d8:1e:09:45:
12:6e:c9:fd:5f:3b:2e:cb:f6:4a:5d:52:2f:6e:82:f1:73:12:
fc:69:17:eb:74:88:86:86:de:a2:03:c7:c0:26:40:6a:de:79:
b4:47:8c:0e:43:4a:e2:9d:bf:0d:be:d5:c6:9f:44:85:5a:ef:
ad:b0:5e:2f:4e:8e:02:d4:42:99:e2:d8:d8:44:53:28:6b:10:
b1:7e:6f:9b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVTnhiyjp+ViqORN9WIca3YQGk0AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MTcwMDAwMDBaFw0yNDA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0MDE4NGE5NzZmYzdmNDE5OTZiNGQ3Zjg3MmFhYTRiNzA3YzEwZWJlZjM0
NTkxZjNiMjUzNWNiYmZlNjAxNjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN5Dq4LMdxvNMALs/QuL0+POa6xCqVC6b4Gatd0qfUiSt6PAFnANpy9Nd8KC
uX1ek5sZRvx9BIrjX3Z/F17axHmeINAwiBqBoSijAYIELx4983zKZLTYPgPOHax1
qnAEymzDoeCJhr5TPe8I4wfaA4IIqd3Pe+WgKUHH+fy1klJwKoPlwmb35kqOcPOb
yRVZ9FLtkSD3StqUx5sdpN1B9ydpaqUv/hOjw7mWtdWAZmIN0TUpHvIDi89c4XMe
XdLu7aNbZwe5pINSQXT64zFFnurYehBDwZbqMvE2ovT0WZP+H6Mo3+jw4mWJ5+BV
irhi30rBM2VeRwJNVNLX3F7UNzECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS5/xLF
QO0YM2p8tFfsbNTGUJFXXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDU2YmE2ZTMtN2M1NS00MGI1LTljNjctOWNhMmFmYjNkNjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBy4zgDAN
BgkqhkiG9w0BAQsFAAOCAQEACIcbQ25cBh5/8IonoahmAjulbfqd4UoiOEaRXgP2
UhZCmlCCgBZIQ3QBw4kZzg6g7zZSYsl0sSriwDaQ09VnXUDWyMExNXgbt+dGGkyD
Z6wa8pKKHOQrvYtrl0poQddiV4wWMiRr7/oi81lDcMDW56exFdxGs+NSM3CZnsI8
7UEoS7FlgiHZVPROzTVeh2UMPc7SOtTNLNPFZnvzVHEx8xJx4Lqhl91hGj+Hfocp
oLnYHglFEm7J/V87Lsv2Sl1SL26C8XMS/GkX63SIhobeogPHwCZAat55tEeMDkNK
4p2/Db7Vxp9EhVrvrbBeL06OAtRCmeLY2ERTKGsQsX5vmw==
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:11 2024 by rpki-client on console-fra.rpki-client.org