Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11438c8f-0517-4bd0-b3e1-4c738a71c912.roa
File: 11438c8f-0517-4bd0-b3e1-4c738a71c912.roa (raw, json)
Hash identifier: s/vi34jlxUJJ+Qa67ERKkxUyEOM1m2j52KiPyG5Ikb8=
Subject key identifier: 30:0F:2E:DC:D2:33:13:B1:99:F9:4D:5A:47:D1:D7:B6:EB:A7:24:3F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 327B3023F60C0D2208A15B5BD89D70BE9ECED25E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11438c8f-0517-4bd0-b3e1-4c738a71c912.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:7b:30:23:f6:0c:0d:22:08:a1:5b:5b:d8:9d:70:be:9e:ce:d2:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=9a1c5382212f889d7b0822febe12e607029ed42d8eb0886b0c76012839f78cb5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5c:66:97:40:69:a3:6d:ad:c8:4b:e2:c6:69:
57:61:c2:e0:b0:60:99:d8:03:3f:90:9a:c4:b2:34:
6b:d9:d6:85:57:8e:66:8b:0f:c3:de:9d:75:9c:57:
88:b6:b0:04:1f:d6:df:1e:bf:83:44:d2:65:65:48:
a0:15:11:c7:1b:93:eb:21:44:ce:bb:14:7d:d9:7a:
60:8c:b1:0b:77:ee:34:42:d2:a7:d9:55:d4:b3:cb:
38:1f:d6:a8:f8:3c:e3:ed:34:22:ec:86:2e:31:2a:
02:aa:ce:3b:3a:e7:9d:4a:d8:b1:6b:5d:62:b0:3e:
73:a9:aa:fb:4b:be:07:15:0a:b9:c6:18:d1:a1:a9:
69:3d:d7:98:72:db:a2:59:e2:a4:d3:19:ba:db:74:
ae:c4:da:bc:b2:27:d9:e8:b6:24:d9:9a:f9:a0:35:
72:f3:c5:30:c0:80:67:89:04:41:4d:46:a3:a3:1b:
eb:6f:95:3b:20:05:98:b0:2f:d5:75:d2:23:c8:28:
9f:85:89:58:eb:ef:40:da:77:ae:d2:1e:5b:32:25:
a6:61:f6:56:4d:9e:b0:ab:77:b9:9d:38:a7:ff:b6:
29:a3:e0:d9:48:44:fd:11:a1:9d:74:c0:2c:50:48:
40:f9:b1:b9:40:44:fd:57:5f:8b:05:a6:2a:01:80:
84:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:0F:2E:DC:D2:33:13:B1:99:F9:4D:5A:47:D1:D7:B6:EB:A7:24:3F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11438c8f-0517-4bd0-b3e1-4c738a71c912.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.32.0/19
Signature Algorithm: sha256WithRSAEncryption
c8:01:aa:7a:08:18:df:ed:56:9d:c7:ed:95:67:c4:97:f5:54:
1f:9f:0d:3b:ae:df:59:d7:d7:6b:91:fb:e6:bc:30:41:1f:19:
e4:b4:96:1f:d0:a9:22:c7:d8:8a:b9:53:35:98:e3:38:b2:ce:
9f:8b:67:a9:49:dc:b7:f8:4f:96:54:94:d6:63:c9:b6:32:ae:
6a:d7:57:5d:cd:44:92:e5:73:e0:d2:76:83:e4:07:c1:a2:aa:
f5:3c:3a:51:97:ee:45:a5:72:77:e0:14:07:34:65:87:d6:3d:
ef:00:97:26:73:c7:eb:db:32:a0:55:95:d7:f7:a7:e5:68:0c:
38:08:dc:8a:16:07:96:fc:f7:42:c2:03:6e:d6:a1:5f:8a:e2:
6d:cb:18:20:81:15:cc:c2:a4:86:88:a9:2c:eb:5d:df:9c:de:
cb:85:d5:c1:13:40:6b:80:38:66:65:29:aa:44:cf:8d:af:88:
0f:69:5d:f1:f4:72:34:00:bf:06:62:9a:79:5f:46:c8:a9:6e:
1f:8f:da:6b:df:07:ba:19:8a:a5:65:5a:dc:e4:a3:ed:a5:03:
3e:31:4f:aa:40:93:10:a1:73:70:41:af:cd:09:2d:8d:75:9f:
65:c1:b4:dd:dc:3c:c1:c1:b1:85:5a:c0:a5:a9:3d:b8:61:23:
6c:0f:a7:89
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMnswI/YMDSIIoVtb2J1wvp7O0l4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhMWM1MzgyMjEyZjg4OWQ3YjA4MjJmZWJlMTJlNjA3MDI5ZWQ0MmQ4ZWIw
ODg2YjBjNzYwMTI4MzlmNzhjYjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFcZpdAaaNtrchL4sZpV2HC4LBgmdgDP5CaxLI0a9nWhVeOZosPw96ddZxX
iLawBB/W3x6/g0TSZWVIoBURxxuT6yFEzrsUfdl6YIyxC3fuNELSp9lV1LPLOB/W
qPg84+00IuyGLjEqAqrOOzrnnUrYsWtdYrA+c6mq+0u+BxUKucYY0aGpaT3XmHLb
olnipNMZutt0rsTavLIn2ei2JNma+aA1cvPFMMCAZ4kEQU1Go6Mb62+VOyAFmLAv
1XXSI8gon4WJWOvvQNp3rtIeWzIlpmH2Vk2esKt3uZ04p/+2KaPg2UhE/RGhnXTA
LFBIQPmxuUBE/VdfiwWmKgGAhEECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQwDy7c
0jMTsZn5TVpH0de266ckPzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTE0MzhjOGYtMDUxNy00YmQwLWIzZTEtNGM3MzhhNzFjOTEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiIDAN
BgkqhkiG9w0BAQsFAAOCAQEAyAGqeggY3+1WncftlWfEl/VUH58NO67fWdfXa5H7
5rwwQR8Z5LSWH9CpIsfYirlTNZjjOLLOn4tnqUnct/hPllSU1mPJtjKuatdXXc1E
kuVz4NJ2g+QHwaKq9Tw6UZfuRaVyd+AUBzRlh9Y97wCXJnPH69syoFWV1/en5WgM
OAjcihYHlvz3QsIDbtahX4ribcsYIIEVzMKkhoipLOtd35zey4XVwRNAa4A4ZmUp
qkTPja+ID2ld8fRyNAC/BmKaeV9GyKluH4/aa98HuhmKpWVa3OSj7aUDPjFPqkCT
EKFzcEGvzQktjXWfZcG03dw8wcGxhVrApak9uGEjbA+niQ==
-----END CERTIFICATE-----
Generated at Fri Apr 19 01:44:15 2024 by rpki-client on console-ams.rpki-client.org