Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4d02ab68-bf89-433a-a40b-18cc72270181.roa
File: 4d02ab68-bf89-433a-a40b-18cc72270181.roa (raw, json)
Hash identifier: 4x5+2R0R6qCI9t0ivTYIoG8ohwIeVde8RLeu/ReTNOg=
Subject key identifier: A4:AA:3C:95:AB:5E:C4:ED:01:B7:C6:97:6D:0F:7C:E6:38:5A:E0:F0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 64858FC42CDBFADE8129422DC1505E8FAE99A359
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4d02ab68-bf89-433a-a40b-18cc72270181.roa
Signing time: Wed 17 Apr 2024 00:00:00 +0000
ROA not before: Wed 17 Apr 2024 00:00:00 +0000
ROA not after: Wed 22 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 176.34.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:85:8f:c4:2c:db:fa:de:81:29:42:2d:c1:50:5e:8f:ae:99:a3:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 00:00:00 2024 GMT
Not After : May 22 23:59:59 2024 GMT
Subject: serialNumber=b307d43b7ec590aac311392c64ce044ef23b8f3cea875f0123e79847a210bf87, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:88:f7:0f:0d:9f:48:ee:10:f5:5d:54:cf:b5:
f4:90:61:31:be:97:b0:41:95:dd:1c:d9:9a:5a:41:
6c:3e:76:56:93:1b:d0:b4:ba:ba:b2:71:d9:ee:53:
8c:79:6d:63:60:af:f6:ed:22:2a:f2:0f:11:18:c0:
c8:3f:54:dc:1d:eb:f8:4b:95:ed:9e:a9:aa:8c:33:
6a:68:e1:ba:e1:1b:0d:31:5b:e1:4a:77:74:18:18:
2e:72:2b:58:ee:b0:f1:4d:22:97:5e:18:49:bb:44:
fc:7d:72:f9:ca:e4:1d:5e:e1:da:73:8c:98:1f:9c:
ee:d5:e8:5d:a5:a8:cb:c8:a1:a2:f9:25:d9:13:19:
fa:41:71:3f:1d:01:db:f8:32:af:da:06:dd:99:e9:
15:6a:0d:be:88:8f:48:b0:94:2a:6b:ec:f2:aa:79:
f0:01:a9:f2:d7:9f:b8:90:a0:f2:d1:fa:13:4a:63:
a4:d3:9f:58:a0:2b:ed:a5:29:82:10:e1:d3:64:78:
47:67:49:2d:be:f8:be:ee:25:cc:bf:8d:39:5a:e4:
c8:ca:7b:27:7f:d1:cf:ad:41:b9:f2:cf:5a:b3:3c:
35:f7:0b:8a:48:ed:ce:ed:f3:d9:c8:a1:bb:37:e1:
d4:21:0f:9f:7c:9f:4a:bd:59:48:9a:c0:34:bb:87:
ba:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:AA:3C:95:AB:5E:C4:ED:01:B7:C6:97:6D:0F:7C:E6:38:5A:E0:F0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4d02ab68-bf89-433a-a40b-18cc72270181.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
86:2a:cc:db:7b:61:76:1e:43:ed:00:c1:1f:37:3c:a4:ec:3a:
a9:cb:44:c1:fc:ee:ab:52:b7:0a:a5:55:e3:21:53:fa:af:8f:
f6:b7:90:d7:a2:04:f2:ae:2e:a7:20:95:a3:09:42:86:6b:f9:
af:02:db:d7:b6:ff:51:1e:7c:69:0b:8d:bb:e1:3c:29:9e:38:
4b:b3:ee:80:3f:6c:57:81:c8:27:9f:63:6c:01:f7:4d:99:4c:
4f:23:c1:c2:93:bc:cb:09:2e:34:77:c6:52:9a:8b:3b:3f:c5:
2f:c6:d4:28:ea:2c:b9:ea:16:98:d3:f8:73:c6:a7:8b:b9:f4:
95:e5:86:ac:32:57:49:69:90:d2:d2:60:ff:93:29:61:0a:43:
a2:c3:d7:d4:b0:08:25:f3:0b:b6:e3:fc:a6:03:0d:72:9c:06:
78:fe:71:62:53:e1:a9:c4:a8:2f:ad:26:65:03:ad:ff:01:e1:
d7:ac:c7:26:24:ab:5f:44:29:54:72:2d:0e:a7:73:11:d1:7b:
ff:9e:0d:16:91:c4:37:4b:f6:49:68:c4:28:fa:20:ef:04:99:
6e:3c:20:95:27:bd:30:3a:f9:27:39:97:78:5d:be:10:8d:bd:
e6:89:45:dc:af:2d:f2:70:82:35:eb:23:5c:d2:78:54:a7:52:
2a:26:14:7e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZIWPxCzb+t6BKUItwVBej66Zo1kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MTcwMDAwMDBaFw0yNDA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzMDdkNDNiN2VjNTkwYWFjMzExMzkyYzY0Y2UwNDRlZjIzYjhmM2NlYTg3
NWYwMTIzZTc5ODQ3YTIxMGJmODcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOCI9w8Nn0juEPVdVM+19JBhMb6XsEGV3RzZmlpBbD52VpMb0LS6urJx2e5T
jHltY2Cv9u0iKvIPERjAyD9U3B3r+EuV7Z6pqowzamjhuuEbDTFb4Up3dBgYLnIr
WO6w8U0il14YSbtE/H1y+crkHV7h2nOMmB+c7tXoXaWoy8ihovkl2RMZ+kFxPx0B
2/gyr9oG3ZnpFWoNvoiPSLCUKmvs8qp58AGp8tefuJCg8tH6E0pjpNOfWKAr7aUp
ghDh02R4R2dJLb74vu4lzL+NOVrkyMp7J3/Rz61BufLPWrM8NfcLikjtzu3z2cih
uzfh1CEPn3yfSr1ZSJrANLuHuk0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSkqjyV
q17E7QG3xpdtD3zmOFrg8DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGQwMmFiNjgtYmY4OS00MzNhLWE0MGItMThjYzcyMjcwMTgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDALAiMA0G
CSqGSIb3DQEBCwUAA4IBAQCGKszbe2F2HkPtAMEfNzyk7Dqpy0TB/O6rUrcKpVXj
IVP6r4/2t5DXogTyri6nIJWjCUKGa/mvAtvXtv9RHnxpC4274TwpnjhLs+6AP2xX
gcgnn2NsAfdNmUxPI8HCk7zLCS40d8ZSmos7P8UvxtQo6iy56haY0/hzxqeLufSV
5YasMldJaZDS0mD/kylhCkOiw9fUsAgl8wu24/ymAw1ynAZ4/nFiU+GpxKgvrSZl
A63/AeHXrMcmJKtfRClUci0Op3MR0Xv/ng0WkcQ3S/ZJaMQo+iDvBJluPCCVJ70w
OvknOZd4Xb4Qjb3miUXcry3ycII16yNc0nhUp1IqJhR+
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:11 2024 by rpki-client on console-fra.rpki-client.org