Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1172536b-2edc-4ffb-9fca-b111f3d038a9.roa
File: 1172536b-2edc-4ffb-9fca-b111f3d038a9.roa (raw, json)
Hash identifier: QCvKQiJ2lzMIYTJxT6r39JMgCs+rEzXdquhxkotu+MQ=
Subject key identifier: 15:67:34:45:09:32:97:0C:D6:59:16:2B:8E:A5:4B:A3:E0:B5:66:F7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C2BBD886B69AD390A25F558198D313DB5614170
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1172536b-2edc-4ffb-9fca-b111f3d038a9.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:2b:bd:88:6b:69:ad:39:0a:25:f5:58:19:8d:31:3d:b5:61:41:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=862e80da8e865b2bfdcb3b530127a29675a3eb3d66e364fe2cfc96ddfbecb6f3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b8:73:23:41:b4:d8:39:0f:c6:db:73:16:76:
04:c0:f5:26:90:94:4b:a2:c8:94:f1:36:5b:f1:58:
05:6b:f3:13:b2:69:e2:30:6a:cc:6d:2f:22:5b:8a:
39:f3:8b:90:73:e5:29:05:20:34:0a:46:56:3d:c4:
03:f3:f1:eb:5a:a8:51:82:ed:06:d9:93:58:7c:fe:
d9:5b:b6:33:38:e6:22:5b:a1:8f:2e:fb:3f:de:9d:
ee:6a:2c:42:49:8c:79:d0:23:fe:54:a1:e9:27:63:
a2:c2:71:29:b0:b5:b3:8f:96:40:f5:ab:e6:bc:58:
aa:d5:37:72:a3:c1:8f:c7:45:c2:f2:f2:7d:7c:0f:
09:77:03:63:22:85:38:53:d2:b2:96:e9:d0:8b:7d:
34:35:68:fa:3a:e9:cf:c1:2c:90:7a:28:d5:8d:1b:
4b:be:00:ea:fd:56:f2:2f:08:2f:16:28:5a:58:9a:
85:09:50:07:25:cf:3f:22:cd:f9:29:17:f4:12:ed:
a0:14:ae:3f:ed:39:da:49:86:ff:e1:a2:76:b1:f8:
9f:90:1c:8d:7b:24:f0:36:52:a0:86:1f:1f:01:fc:
b9:b6:c8:3e:bc:8f:9f:48:b5:6d:c3:06:ba:6d:44:
40:48:23:19:24:45:22:b8:2d:96:b8:72:e7:39:d8:
70:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:67:34:45:09:32:97:0C:D6:59:16:2B:8E:A5:4B:A3:E0:B5:66:F7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1172536b-2edc-4ffb-9fca-b111f3d038a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.112.0/21
Signature Algorithm: sha256WithRSAEncryption
1e:09:c6:91:f0:ca:e5:f9:35:71:b9:5d:b3:63:dd:ea:63:cb:
80:2e:c4:f7:59:97:03:b4:ef:b5:f0:2e:dc:be:fa:62:22:bb:
f2:55:69:97:83:62:b7:bc:24:7b:d2:65:fa:c5:c9:94:91:b1:
ca:8d:39:d6:bc:05:ea:3e:e0:8a:ba:16:2b:a7:e4:de:f1:2a:
ba:30:7a:46:36:5b:88:03:ae:04:e0:7c:d8:77:2e:91:cc:4d:
5a:1b:c5:f8:66:36:3d:a0:8b:72:ec:0e:b9:51:4b:03:26:9d:
61:56:ea:97:59:ca:cb:25:de:65:7f:82:7e:c8:9e:3e:8e:11:
66:11:4a:dd:24:21:24:4b:5a:53:b0:3e:e3:dd:0d:23:68:90:
69:7b:59:16:79:57:3a:78:93:ae:0c:09:5e:2c:ee:1b:c2:9d:
ba:f8:f7:23:70:5b:7d:e2:99:5f:39:c3:84:ff:4f:75:a4:b6:
67:6b:4c:d2:40:29:f5:3b:f3:bd:a0:43:5b:3d:9a:c9:47:70:
0c:f0:f2:62:08:89:d7:b8:79:ea:03:74:43:91:e8:d4:3b:2d:
ed:b5:06:33:cf:59:0c:ec:ca:d3:e0:35:98:20:92:32:0a:c0:
4a:1b:28:7e:9a:38:96:14:51:6f:f4:38:e3:19:7e:ff:94:dc:
cd:30:f4:4b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfCu9iGtprTkKJfVYGY0xPbVhQXAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2MmU4MGRhOGU4NjViMmJmZGNiM2I1MzAxMjdhMjk2NzVhM2ViM2Q2NmUz
NjRmZTJjZmM5NmRkZmJlY2I2ZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJK4cyNBtNg5D8bbcxZ2BMD1JpCUS6LIlPE2W/FYBWvzE7Jp4jBqzG0vIluK
OfOLkHPlKQUgNApGVj3EA/Px61qoUYLtBtmTWHz+2Vu2MzjmIluhjy77P96d7mos
QkmMedAj/lSh6SdjosJxKbC1s4+WQPWr5rxYqtU3cqPBj8dFwvLyfXwPCXcDYyKF
OFPSspbp0It9NDVo+jrpz8EskHoo1Y0bS74A6v1W8i8ILxYoWliahQlQByXPPyLN
+SkX9BLtoBSuP+052kmG/+GidrH4n5AcjXsk8DZSoIYfHwH8ubbIPryPn0i1bcMG
um1EQEgjGSRFIrgtlrhy5znYcDUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQVZzRF
CTKXDNZZFiuOpUuj4LVm9zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTE3MjUzNmItMmVkYy00ZmZiLTlmY2EtYjExMWYzZDAzOGE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgcDAN
BgkqhkiG9w0BAQsFAAOCAQEAHgnGkfDK5fk1cblds2Pd6mPLgC7E91mXA7TvtfAu
3L76YiK78lVpl4Nit7wke9Jl+sXJlJGxyo051rwF6j7giroWK6fk3vEqujB6RjZb
iAOuBOB82HcukcxNWhvF+GY2PaCLcuwOuVFLAyadYVbql1nKyyXeZX+CfsiePo4R
ZhFK3SQhJEtaU7A+490NI2iQaXtZFnlXOniTrgwJXizuG8Kduvj3I3BbfeKZXznD
hP9PdaS2Z2tM0kAp9TvzvaBDWz2ayUdwDPDyYgiJ17h56gN0Q5Ho1Dst7bUGM89Z
DOzK0+A1mCCSMgrAShsofpo4lhRRb/Q44xl+/5TczTD0Sw==
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org