Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/373cce23-881c-4767-b758-59583f7c5cd3.roa
File: 373cce23-881c-4767-b758-59583f7c5cd3.roa (raw, json)
Hash identifier: IUzFg7fGKPwJUQUEUswxc/96xXg/1PAhAzkUbKr6Tdg=
Subject key identifier: 0B:C9:BC:51:46:7B:83:C6:89:11:29:21:88:FE:2C:35:AB:52:07:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D76AE273BE40CB0A53777898AF671D75471D307
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/373cce23-881c-4767-b758-59583f7c5cd3.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 178.236.0.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:76:ae:27:3b:e4:0c:b0:a5:37:77:89:8a:f6:71:d7:54:71:d3:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=7d395acecb5ad9ab4ce4c8d0864b708a04db374bf1a39fec305b631f71dfddc0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6e:1e:9c:e3:aa:5e:5f:4c:05:4d:45:0a:ad:
88:28:60:bb:14:7a:95:36:f9:fa:1c:4d:fd:f3:8b:
86:c9:02:a2:83:94:af:cd:ee:db:0f:89:62:7e:e6:
76:6c:d6:b0:d5:8d:d7:83:f4:0a:b1:f0:65:77:cc:
b2:38:20:9b:be:b7:30:9c:47:4c:0e:15:47:60:41:
65:ed:18:68:dc:63:e3:9c:3b:44:6d:90:64:f6:6d:
29:e9:32:54:40:e3:82:e6:65:8b:fd:ba:f2:bf:55:
24:21:f1:a5:c1:19:f9:22:34:17:38:76:f7:7b:20:
6d:2a:2b:a2:cf:24:b5:09:ac:e2:50:a4:81:c1:f7:
f0:b0:33:82:50:18:15:0b:5a:f1:4e:b1:d4:4d:f7:
0b:0d:1d:dd:10:bf:59:9d:fb:73:49:75:32:63:63:
8e:81:b4:f6:11:e3:c8:6c:c9:a9:a2:e8:bb:05:ec:
cd:95:38:4a:e4:76:4b:9c:34:da:5f:d6:a4:c0:ac:
b2:bf:96:44:80:3b:b4:e1:20:f5:b3:d6:0b:b5:68:
7e:51:14:83:20:53:88:f8:de:92:15:76:33:9b:d2:
07:08:0d:c8:be:eb:9c:8c:7d:72:b0:8f:43:4f:72:
8e:c4:e8:74:02:5b:29:78:ee:2e:15:c4:75:88:49:
01:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:C9:BC:51:46:7B:83:C6:89:11:29:21:88:FE:2C:35:AB:52:07:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/373cce23-881c-4767-b758-59583f7c5cd3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.0.0/20
Signature Algorithm: sha256WithRSAEncryption
4c:9d:b4:cd:ef:90:e7:0a:e8:06:cd:de:b8:eb:05:f4:17:1c:
62:13:fe:54:41:24:90:2e:f3:9a:d6:e4:28:e5:f6:8d:1d:7d:
fa:92:29:68:e8:68:0d:02:a2:3d:54:3b:18:cf:13:c3:b8:a6:
20:4b:73:32:37:cc:cd:77:a7:90:8c:44:c8:a8:a0:b6:37:cc:
ac:23:83:e8:f0:0b:7d:79:0f:15:a5:a4:b8:7d:e4:da:4a:64:
c1:2d:1e:d2:5e:f5:62:12:30:7a:13:0b:03:0e:eb:51:75:d1:
ae:78:3f:af:ed:26:80:14:d3:5a:b0:12:85:f7:f9:a6:78:b3:
48:01:6a:2a:e6:3c:77:c6:05:9e:d3:7f:b9:1b:df:95:88:3f:
04:63:46:1b:e8:2b:24:c6:cd:03:ad:42:5f:60:71:d0:c0:e6:
7d:9d:cb:94:44:45:dd:00:03:83:f1:cd:b3:cb:4b:7b:7f:31:
24:40:b4:9f:11:ad:92:d0:57:5c:d6:05:a8:5e:ee:c2:9d:70:
16:6c:10:77:ab:3a:3b:7a:f6:19:32:39:87:c1:05:54:c1:a5:
b5:05:6e:00:d1:f6:ef:57:5e:64:98:6d:40:57:ef:58:14:e6:
d6:b2:16:52:eb:e5:ef:97:3f:89:6f:17:78:58:e3:24:e0:72:
91:b7:df:96
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTXauJzvkDLClN3eJivZx11Rx0wcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkMzk1YWNlY2I1YWQ5YWI0Y2U0YzhkMDg2NGI3MDhhMDRkYjM3NGJmMWEz
OWZlYzMwNWI2MzFmNzFkZmRkYzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBuHpzjql5fTAVNRQqtiChguxR6lTb5+hxN/fOLhskCooOUr83u2w+JYn7m
dmzWsNWN14P0CrHwZXfMsjggm763MJxHTA4VR2BBZe0YaNxj45w7RG2QZPZtKeky
VEDjguZli/268r9VJCHxpcEZ+SI0Fzh293sgbSoros8ktQms4lCkgcH38LAzglAY
FQta8U6x1E33Cw0d3RC/WZ37c0l1MmNjjoG09hHjyGzJqaLouwXszZU4SuR2S5w0
2l/WpMCssr+WRIA7tOEg9bPWC7VoflEUgyBTiPjekhV2M5vSBwgNyL7rnIx9crCP
Q09yjsTodAJbKXjuLhXEdYhJAfECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQLybxR
RnuDxokRKSGI/iw1q1IHvTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzczY2NlMjMtODgxYy00NzY3LWI3NTgtNTk1ODNmN2M1Y2QzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLLsADAN
BgkqhkiG9w0BAQsFAAOCAQEATJ20ze+Q5wroBs3euOsF9BccYhP+VEEkkC7zmtbk
KOX2jR19+pIpaOhoDQKiPVQ7GM8Tw7imIEtzMjfMzXenkIxEyKigtjfMrCOD6PAL
fXkPFaWkuH3k2kpkwS0e0l71YhIwehMLAw7rUXXRrng/r+0mgBTTWrAShff5pniz
SAFqKuY8d8YFntN/uRvflYg/BGNGG+grJMbNA61CX2Bx0MDmfZ3LlERF3QADg/HN
s8tLe38xJEC0nxGtktBXXNYFqF7uwp1wFmwQd6s6O3r2GTI5h8EFVMGltQVuANH2
71deZJhtQFfvWBTm1rIWUuvl75c/iW8XeFjjJOBykbfflg==
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:58:38 2024 by rpki-client on console-fra.rpki-client.org