Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1de09e6a-4b24-4aab-95d6-9e1b8fd34f67.roa
File: 1de09e6a-4b24-4aab-95d6-9e1b8fd34f67.roa (raw, json)
Hash identifier: mHC+YoKOSrZ5g2EGGITSAfXfLmGpfVuSYYdZBr7KmJ0=
Subject key identifier: B7:A2:59:C3:E9:E0:2F:91:49:F5:EE:00:54:B2:C1:99:31:75:9A:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7EAD2F33E334081764A61F44B4A87962D22CAF24
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1de09e6a-4b24-4aab-95d6-9e1b8fd34f67.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 176.32.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:ad:2f:33:e3:34:08:17:64:a6:1f:44:b4:a8:79:62:d2:2c:af:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=944c05c93985eada48a1138f9010c8d9424f7b935c9fed5dd2e1b8fbbdde09b6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:49:3d:a9:2a:86:c4:37:07:ea:45:f0:13:b3:
59:c7:de:5a:ff:e8:18:48:56:3f:6e:e7:98:f8:78:
9d:c5:10:5e:87:85:ca:21:e4:29:05:8c:fb:ce:a5:
4e:66:17:30:8d:21:20:c1:97:36:89:1e:8e:02:0f:
63:d5:ef:f4:15:0f:e7:14:0b:b7:ec:7b:2a:88:11:
4e:25:ae:29:d6:17:2c:85:e9:d6:13:58:2b:a6:7a:
ca:9c:b5:33:89:ac:20:32:ae:46:d5:e2:00:3d:57:
2d:df:c5:ac:e9:94:8e:e1:e9:7e:24:da:4c:2a:1a:
f5:fd:61:12:ef:0c:0a:42:c2:02:84:8a:52:64:24:
e1:ce:6c:27:bd:40:01:56:d4:9d:02:aa:ce:0c:af:
4a:70:2f:b2:63:c6:be:95:8e:09:1b:de:83:a9:97:
f5:02:94:bc:1e:dd:e2:a4:14:90:9c:ff:7e:23:94:
4f:9f:07:a1:3f:e4:fe:2a:2a:82:58:c3:1b:5b:c0:
12:f5:48:0e:48:5f:a1:4b:61:95:42:9b:e8:f8:ee:
30:3d:66:ea:73:9e:51:09:3f:9f:7b:56:71:b8:e7:
9f:fa:10:76:a2:17:11:e6:8f:63:c1:12:0d:32:a0:
8d:9f:c3:9b:f8:ea:27:90:d4:78:d7:e8:83:90:f4:
b9:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:A2:59:C3:E9:E0:2F:91:49:F5:EE:00:54:B2:C1:99:31:75:9A:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1de09e6a-4b24-4aab-95d6-9e1b8fd34f67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/18
Signature Algorithm: sha256WithRSAEncryption
c9:65:d3:ea:2f:3b:a7:bf:c5:3e:30:a1:5d:8c:bf:d0:33:6c:
86:23:cb:46:55:1a:bc:b8:6d:5e:36:f9:47:04:d9:cf:ee:39:
fc:b0:10:c2:04:50:62:07:17:b5:6f:d6:55:d8:56:1a:41:ae:
4f:fc:f7:e6:35:7a:81:f6:89:29:5d:97:a8:79:49:14:aa:97:
0f:82:84:e5:78:bc:62:0c:16:7a:24:6c:22:a0:01:0c:8e:f1:
a0:58:95:46:68:82:88:97:c4:8a:74:ef:a7:3a:37:31:cd:eb:
8c:4f:aa:59:c4:7b:ea:8d:29:e1:4f:a3:00:b9:d4:96:05:05:
de:fc:20:f9:29:12:ca:47:1c:16:2c:f7:16:06:3d:41:4c:c2:
f5:bd:ad:71:7c:2b:09:4f:34:39:c7:28:cc:c4:30:14:19:c9:
5a:60:3c:3a:0f:6c:34:25:c9:56:78:99:09:a2:f9:9b:1a:97:
81:42:c0:1d:ca:c7:fd:be:27:46:09:d1:7d:f5:8f:a9:77:26:
dd:69:d9:0e:66:81:03:f6:b9:b1:60:2c:2d:36:b3:fb:bb:03:
85:e4:d8:4b:91:32:39:b5:a6:ab:6b:60:3b:ac:8b:39:7b:f8:
e2:85:3f:4e:7a:64:b7:98:c7:0e:ba:ea:2c:52:13:61:d4:b2:
9e:93:ab:54
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfq0vM+M0CBdkph9EtKh5YtIsryQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDk0NGMwNWM5Mzk4NWVhZGE0OGExMTM4ZjkwMTBjOGQ5NDI0ZjdiOTM1Yzlm
ZWQ1ZGQyZTFiOGZiYmRkZTA5YjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANFJPakqhsQ3B+pF8BOzWcfeWv/oGEhWP27nmPh4ncUQXoeFyiHkKQWM+86l
TmYXMI0hIMGXNokejgIPY9Xv9BUP5xQLt+x7KogRTiWuKdYXLIXp1hNYK6Z6ypy1
M4msIDKuRtXiAD1XLd/FrOmUjuHpfiTaTCoa9f1hEu8MCkLCAoSKUmQk4c5sJ71A
AVbUnQKqzgyvSnAvsmPGvpWOCRveg6mX9QKUvB7d4qQUkJz/fiOUT58HoT/k/ioq
gljDG1vAEvVIDkhfoUthlUKb6PjuMD1m6nOeUQk/n3tWcbjnn/oQdqIXEeaPY8ES
DTKgjZ/Dm/jqJ5DUeNfog5D0ubUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS3olnD
6eAvkUn17gBUssGZMXWaBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWRlMDllNmEtNGIyNC00YWFiLTk1ZDYtOWUxYjhmZDM0ZjY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBrAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAyWXT6i87p7/FPjChXYy/0DNshiPLRlUavLhtXjb5
RwTZz+45/LAQwgRQYgcXtW/WVdhWGkGuT/z35jV6gfaJKV2XqHlJFKqXD4KE5Xi8
YgwWeiRsIqABDI7xoFiVRmiCiJfEinTvpzo3Mc3rjE+qWcR76o0p4U+jALnUlgUF
3vwg+SkSykccFiz3FgY9QUzC9b2tcXwrCU80OccozMQwFBnJWmA8Og9sNCXJVniZ
CaL5mxqXgULAHcrH/b4nRgnRffWPqXcm3WnZDmaBA/a5sWAsLTaz+7sDheTYS5Ey
ObWmq2tgO6yLOXv44oU/Tnpkt5jHDrrqLFITYdSynpOrVA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:32 2024 by rpki-client on console-ams.rpki-client.org