Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/527a47ab-8fe5-4e4c-8e65-4a3536b33dfd.roa
File: 527a47ab-8fe5-4e4c-8e65-4a3536b33dfd.roa (raw, json)
Hash identifier: N7h0vj5Z3X9nMilNr11WG3G93SArBTA+WzhLfneePos=
Subject key identifier: 08:2A:22:C6:33:C2:77:F1:CC:4C:02:4C:9F:01:3D:37:12:79:F6:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 204F7649DD51F54A6E851C678F8C1B29DD4A8BB8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/527a47ab-8fe5-4e4c-8e65-4a3536b33dfd.roa
Signing time: Tue 23 Apr 2024 00:00:00 +0000
ROA not before: Tue 23 Apr 2024 00:00:00 +0000
ROA not after: Tue 28 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:4f:76:49:dd:51:f5:4a:6e:85:1c:67:8f:8c:1b:29:dd:4a:8b:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 23 00:00:00 2024 GMT
Not After : May 28 23:59:59 2024 GMT
Subject: serialNumber=425829d9a8c6b8f4f3a49f7839285144d3a21c864e8a26e150ea524a78ba593b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:44:a7:55:b8:c8:26:15:46:75:1e:a8:a5:0c:
b8:22:26:67:26:74:45:f3:a5:96:53:63:df:f8:87:
d2:d1:21:4b:14:3c:e6:b8:12:31:25:89:98:c5:1f:
47:6c:67:b1:90:ef:7c:bb:02:ee:8a:90:8e:dc:19:
c7:dc:a0:72:a6:fb:4b:1a:3d:1d:43:18:d3:d3:89:
3e:93:fc:f2:0e:46:fc:6c:e6:c8:68:17:d9:1a:52:
3f:2e:de:a5:74:09:5b:50:10:d5:7b:dc:0e:83:60:
bd:56:e6:c8:ea:c7:dd:c9:e3:77:5b:83:aa:0a:9a:
7f:65:e6:72:b2:c2:7a:58:91:df:8e:e0:fc:0f:37:
63:23:b8:f1:d9:7e:37:42:00:78:88:6b:f6:e5:c5:
3e:6c:b6:27:bf:95:0c:40:ed:77:81:f3:af:f6:c0:
bd:57:e7:78:32:d3:a1:bf:37:d4:9e:90:f5:e0:99:
72:f0:a7:a2:8e:5a:66:3f:04:f1:a6:7d:31:ac:18:
7e:cf:82:4d:ba:15:a6:40:36:e0:76:68:c5:91:ed:
7b:33:9d:95:86:fd:1e:34:c2:90:b4:e9:d6:6e:2f:
67:20:ae:cc:64:21:06:f1:c5:35:d0:5c:d1:9e:b9:
0c:3b:f9:aa:12:32:de:58:af:e8:92:39:6c:21:65:
c1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:2A:22:C6:33:C2:77:F1:CC:4C:02:4C:9F:01:3D:37:12:79:F6:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/527a47ab-8fe5-4e4c-8e65-4a3536b33dfd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/19
Signature Algorithm: sha256WithRSAEncryption
64:4b:4f:9e:63:eb:b6:39:47:e3:9f:2b:e3:0d:5b:df:3e:36:
17:6d:46:3c:11:39:a7:b5:73:70:e7:7e:84:47:31:74:3e:26:
a3:c3:58:df:9a:0d:fb:59:0b:ef:54:f1:ea:aa:5d:fc:75:a4:
92:5d:58:c1:8d:85:14:8d:2f:f7:46:04:63:d6:70:de:51:c0:
34:51:fe:a2:51:21:5f:60:54:92:8c:d6:0c:86:a4:f7:66:c2:
da:6d:53:4d:8b:ce:0f:f7:e8:2f:cd:99:9b:4e:2a:71:0c:df:
63:0c:95:ca:3b:18:33:15:e4:ef:a9:94:61:9c:1d:eb:aa:4e:
05:b3:90:cb:2d:d1:20:f3:d6:63:2b:79:55:8d:aa:25:6e:a3:
c7:69:5e:73:59:34:8d:8f:fc:e1:87:b9:ec:8f:ed:9a:27:3a:
b6:92:dc:e5:5e:18:1a:f6:f5:67:27:37:1a:70:80:d3:d9:5d:
fd:70:f1:f0:40:fb:67:ed:90:a5:b0:e9:a2:fb:54:00:da:2c:
8d:3f:61:0b:43:e6:1f:a7:ea:71:4a:6f:b1:05:e0:04:cd:8e:
cf:35:49:20:ab:d4:95:1f:1b:fc:1e:2d:9e:30:ff:f4:98:48:
37:bd:2b:ee:bc:5d:22:16:62:80:6f:5c:21:ed:7c:fc:50:c4:
77:d3:a2:16
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIE92Sd1R9UpuhRxnj4wbKd1Ki7gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjMwMDAwMDBaFw0yNDA1MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyNTgyOWQ5YThjNmI4ZjRmM2E0OWY3ODM5Mjg1MTQ0ZDNhMjFjODY0ZThh
MjZlMTUwZWE1MjRhNzhiYTU5M2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpEp1W4yCYVRnUeqKUMuCImZyZ0RfOlllNj3/iH0tEhSxQ85rgSMSWJmMUf
R2xnsZDvfLsC7oqQjtwZx9ygcqb7Sxo9HUMY09OJPpP88g5G/GzmyGgX2RpSPy7e
pXQJW1AQ1XvcDoNgvVbmyOrH3cnjd1uDqgqaf2XmcrLCeliR347g/A83YyO48dl+
N0IAeIhr9uXFPmy2J7+VDEDtd4Hzr/bAvVfneDLTob831J6Q9eCZcvCnoo5aZj8E
8aZ9MawYfs+CTboVpkA24HZoxZHtezOdlYb9HjTCkLTp1m4vZyCuzGQhBvHFNdBc
0Z65DDv5qhIy3liv6JI5bCFlwckCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQIKiLG
M8J38cxMAkyfAT03Enn2pjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI3YTQ3YWItOGZlNS00ZTRjLThlNjUtNGEzNTM2YjMzZGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiADAN
BgkqhkiG9w0BAQsFAAOCAQEAZEtPnmPrtjlH458r4w1b3z42F21GPBE5p7VzcOd+
hEcxdD4mo8NY35oN+1kL71Tx6qpd/HWkkl1YwY2FFI0v90YEY9Zw3lHANFH+olEh
X2BUkozWDIak92bC2m1TTYvOD/foL82Zm04qcQzfYwyVyjsYMxXk76mUYZwd66pO
BbOQyy3RIPPWYyt5VY2qJW6jx2lec1k0jY/84Ye57I/tmic6tpLc5V4YGvb1Zyc3
GnCA09ld/XDx8ED7Z+2QpbDpovtUANosjT9hC0PmH6fqcUpvsQXgBM2OzzVJIKvU
lR8b/B4tnjD/9JhIN70r7rxdIhZigG9cIe18/FDEd9OiFg==
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:11 2024 by rpki-client on console-fra.rpki-client.org