Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11438c8f-0517-4bd0-b3e1-4c738a71c912.roa
File: 11438c8f-0517-4bd0-b3e1-4c738a71c912.roa (raw, json)
Hash identifier: PhTdbA5jf4/u/7Z469EvApl3QZTKjNHdr874Q2ZnIw8=
Subject key identifier: CA:34:9F:F6:C8:62:10:47:85:23:AF:55:3B:5A:D3:2A:08:60:10:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 220BAE845E6AC07DCB0DDCD0CB07628B58E7DD17
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11438c8f-0517-4bd0-b3e1-4c738a71c912.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:0b:ae:84:5e:6a:c0:7d:cb:0d:dc:d0:cb:07:62:8b:58:e7:dd:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=e34ef0500f25df3474acf7f192a566400445474d2064db2e2c36050d39788d4f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:74:5a:70:ea:f4:e5:87:d9:f2:be:91:90:d4:
2a:43:92:ee:bf:1e:87:3e:87:3b:82:82:a5:dc:cd:
9e:25:18:e4:7b:58:da:01:8d:2c:69:37:1f:57:dc:
f7:e0:fb:9e:b7:93:da:5c:55:3e:a1:30:e5:3c:86:
6b:5b:5c:63:0c:bc:fc:41:69:ed:37:3e:d7:a2:75:
43:69:4a:76:2d:a4:6b:20:d3:a4:46:42:f6:15:3b:
64:f7:cf:ef:1c:ca:02:0c:11:bd:76:1f:60:69:17:
89:5e:a7:17:09:e9:3f:bf:24:01:47:b8:8f:31:1c:
02:e1:9d:4b:72:c7:ea:17:88:f1:e6:15:f3:55:78:
71:f3:e8:5a:2f:72:d6:61:ec:cd:20:b8:c1:90:18:
99:cd:49:a0:c0:7c:a5:9c:0b:97:0c:15:eb:cd:b7:
cc:d2:d0:55:d2:32:86:8e:f9:35:e6:54:9a:c2:68:
3e:e6:c1:7a:c3:0e:b5:86:92:15:54:a4:6e:bc:21:
1a:a7:8a:cc:99:dd:92:cf:4c:fa:6e:82:9f:a1:ac:
8d:69:7a:5c:e0:3e:59:59:7d:b5:49:19:07:82:16:
26:a5:d8:a0:0e:c7:7c:0f:43:63:e1:ee:d9:08:0a:
2c:57:41:8f:3b:24:1b:d9:9e:27:90:61:57:60:8e:
a6:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:34:9F:F6:C8:62:10:47:85:23:AF:55:3B:5A:D3:2A:08:60:10:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11438c8f-0517-4bd0-b3e1-4c738a71c912.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.32.0/19
Signature Algorithm: sha256WithRSAEncryption
b1:18:a9:30:73:9f:ee:04:d1:5b:6a:a3:ee:01:f2:88:4d:1e:
93:7c:70:38:12:50:d7:56:1a:0a:8a:b9:c7:4a:e1:31:ab:e1:
3a:07:a3:5c:bd:b4:96:9d:18:c3:5d:e2:4d:6e:4e:c9:6c:1a:
26:e3:f0:31:47:f0:ed:b2:bb:a7:12:25:79:3f:87:39:46:c4:
10:d0:72:b3:61:79:6b:0d:d9:a9:a6:dc:a1:3c:9d:51:1a:a6:
b5:4c:6b:d1:bc:1a:16:77:51:ca:26:7f:50:76:7d:ee:fd:f4:
74:c9:16:e0:8c:f9:f4:c5:38:40:16:30:90:64:39:97:97:38:
c0:83:06:a0:cc:7b:b0:9a:6f:1d:f9:38:7b:26:ea:1d:4e:45:
22:81:88:40:8d:25:e3:5b:c0:d0:6c:d7:7c:c3:22:a7:38:74:
3a:a6:f2:72:7a:85:7a:29:2a:99:93:07:b6:e8:2e:86:68:c7:
c7:da:65:88:6c:ac:46:5c:2c:83:35:93:8f:0f:4f:70:a5:86:
64:be:57:0a:87:52:2a:a9:36:72:49:7c:29:95:79:da:97:e9:
40:d3:e9:6e:16:fb:a8:02:52:d6:65:fc:e2:c8:cc:63:21:d3:
6c:78:90:00:1b:91:26:0a:9a:7c:07:88:19:c2:d7:22:9d:2f:
28:ad:ef:17
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIguuhF5qwH3LDdzQywdii1jn3RcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzNGVmMDUwMGYyNWRmMzQ3NGFjZjdmMTkyYTU2NjQwMDQ0NTQ3NGQyMDY0
ZGIyZTJjMzYwNTBkMzk3ODhkNGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJZ0WnDq9OWH2fK+kZDUKkOS7r8ehz6HO4KCpdzNniUY5HtY2gGNLGk3H1fc
9+D7nreT2lxVPqEw5TyGa1tcYwy8/EFp7Tc+16J1Q2lKdi2kayDTpEZC9hU7ZPfP
7xzKAgwRvXYfYGkXiV6nFwnpP78kAUe4jzEcAuGdS3LH6heI8eYV81V4cfPoWi9y
1mHszSC4wZAYmc1JoMB8pZwLlwwV6823zNLQVdIyho75NeZUmsJoPubBesMOtYaS
FVSkbrwhGqeKzJndks9M+m6Cn6GsjWl6XOA+WVl9tUkZB4IWJqXYoA7HfA9DY+Hu
2QgKLFdBjzskG9meJ5BhV2COpicCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTKNJ/2
yGIQR4Ujr1U7WtMqCGAQaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTE0MzhjOGYtMDUxNy00YmQwLWIzZTEtNGM3MzhhNzFjOTEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiIDAN
BgkqhkiG9w0BAQsFAAOCAQEAsRipMHOf7gTRW2qj7gHyiE0ek3xwOBJQ11YaCoq5
x0rhMavhOgejXL20lp0Yw13iTW5OyWwaJuPwMUfw7bK7pxIleT+HOUbEENBys2F5
aw3ZqabcoTydURqmtUxr0bwaFndRyiZ/UHZ97v30dMkW4Iz59MU4QBYwkGQ5l5c4
wIMGoMx7sJpvHfk4eybqHU5FIoGIQI0l41vA0GzXfMMipzh0OqbycnqFeikqmZMH
tuguhmjHx9pliGysRlwsgzWTjw9PcKWGZL5XCodSKqk2ckl8KZV52pfpQNPpbhb7
qAJS1mX84sjMYyHTbHiQABuRJgqafAeIGcLXIp0vKK3vFw==
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org