Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/527a47ab-8fe5-4e4c-8e65-4a3536b33dfd.roa
File: 527a47ab-8fe5-4e4c-8e65-4a3536b33dfd.roa (raw, json)
Hash identifier: 1cBtuijc9sKI7PVfC3zifmGA/Dlm8VfOuFqIYieN8sY=
Subject key identifier: EE:9C:E1:A4:20:07:50:D5:04:3D:D6:CD:A9:96:09:0C:76:86:F8:B6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 746A50FBB3652B327C550B6C5F57CD3E31308D55
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/527a47ab-8fe5-4e4c-8e65-4a3536b33dfd.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:6a:50:fb:b3:65:2b:32:7c:55:0b:6c:5f:57:cd:3e:31:30:8d:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=ea357050f6cef46cb1f34e4a8a2a45797222fabe14da192b8548508a914013ae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:76:5a:e2:dc:40:ab:7d:f8:e4:ad:3e:8b:91:
77:4d:69:18:45:dc:78:b2:57:34:67:ca:50:33:c1:
bf:5c:82:d6:f7:4d:02:44:f7:ad:aa:33:8d:19:aa:
2c:1a:45:35:d7:29:6d:6c:57:ca:2c:7e:d8:b2:8e:
5d:3a:55:d1:43:75:b0:1f:1d:a9:2d:5b:fe:3f:37:
b9:05:15:16:2c:64:00:27:60:ea:54:e8:00:40:21:
45:12:37:b3:46:b6:2f:7b:41:97:d8:c6:38:3c:ab:
d7:76:1b:ee:72:05:04:27:75:d0:e3:05:c0:c5:ef:
17:2b:8e:16:84:63:a3:4d:25:03:94:06:19:1a:99:
68:70:f6:7a:c0:9d:67:d2:e7:f7:5a:0c:d5:b0:9f:
3c:03:1b:45:d5:98:f3:7e:75:f6:2a:79:48:d7:03:
b1:23:59:55:00:35:2f:65:59:61:a2:4a:df:49:9c:
91:f6:8d:65:4f:fa:5b:b1:20:ea:19:ff:55:16:94:
41:33:26:16:1d:06:ba:e6:77:97:03:2a:00:60:dc:
34:e4:01:0e:6f:a6:52:e3:e9:50:38:9f:20:fb:d8:
2b:a4:61:ce:a2:b0:3e:fe:00:48:b8:39:05:4b:4d:
74:0c:71:c8:6c:c3:6a:8e:6d:55:bf:68:80:5d:c5:
4a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:9C:E1:A4:20:07:50:D5:04:3D:D6:CD:A9:96:09:0C:76:86:F8:B6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/527a47ab-8fe5-4e4c-8e65-4a3536b33dfd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/19
Signature Algorithm: sha256WithRSAEncryption
7b:b4:2b:55:92:4b:59:97:5c:22:b6:47:5d:80:9b:1a:17:d2:
b1:8d:a2:ce:31:9e:79:b4:d6:dd:00:34:2f:ac:58:ee:07:c9:
8a:01:8e:bc:d7:43:c1:12:ad:e7:d9:21:05:2b:21:31:d7:c4:
0c:88:f1:96:44:1b:d5:1a:97:39:db:fe:94:48:a4:3d:a3:eb:
f5:e5:40:9c:51:17:e5:e7:7c:29:24:fd:31:29:ca:6f:9e:6e:
9a:d5:3a:26:fe:ea:e4:5a:ec:1c:ab:36:c2:e2:45:22:61:4d:
c6:1b:cf:f4:22:19:19:2f:aa:a5:a5:65:4c:b2:2d:a5:3b:0c:
e2:4d:80:ad:73:64:53:a7:bb:1b:b8:da:b8:aa:dc:de:21:fd:
44:46:79:04:78:7e:c5:6d:de:ca:a7:f3:78:66:f3:39:4e:e2:
29:5b:54:a1:27:e0:92:f6:ee:b8:15:4a:7d:8c:39:30:72:9a:
34:9d:36:fb:ec:ea:c1:6d:19:90:39:d8:c3:a8:2f:9a:b3:bd:
30:54:cf:56:d3:45:b7:7c:45:0a:ea:f1:01:ff:c0:53:07:a4:
fc:d5:b3:a7:91:2a:85:4c:69:24:39:52:1b:0c:18:82:1c:5f:
c0:5d:e1:07:25:03:2c:e7:7a:87:98:c2:39:4a:cd:02:19:36:
64:a7:df:bd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdGpQ+7NlKzJ8VQtsX1fNPjEwjVUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhMzU3MDUwZjZjZWY0NmNiMWYzNGU0YThhMmE0NTc5NzIyMmZhYmUxNGRh
MTkyYjg1NDg1MDhhOTE0MDEzYWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANB2WuLcQKt9+OStPouRd01pGEXceLJXNGfKUDPBv1yC1vdNAkT3raozjRmq
LBpFNdcpbWxXyix+2LKOXTpV0UN1sB8dqS1b/j83uQUVFixkACdg6lToAEAhRRI3
s0a2L3tBl9jGODyr13Yb7nIFBCd10OMFwMXvFyuOFoRjo00lA5QGGRqZaHD2esCd
Z9Ln91oM1bCfPAMbRdWY83519ip5SNcDsSNZVQA1L2VZYaJK30mckfaNZU/6W7Eg
6hn/VRaUQTMmFh0GuuZ3lwMqAGDcNOQBDm+mUuPpUDifIPvYK6RhzqKwPv4ASLg5
BUtNdAxxyGzDao5tVb9ogF3FSqMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTunOGk
IAdQ1QQ91s2plgkMdob4tjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI3YTQ3YWItOGZlNS00ZTRjLThlNjUtNGEzNTM2YjMzZGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiADAN
BgkqhkiG9w0BAQsFAAOCAQEAe7QrVZJLWZdcIrZHXYCbGhfSsY2izjGeebTW3QA0
L6xY7gfJigGOvNdDwRKt59khBSshMdfEDIjxlkQb1RqXOdv+lEikPaPr9eVAnFEX
5ed8KST9MSnKb55umtU6Jv7q5FrsHKs2wuJFImFNxhvP9CIZGS+qpaVlTLItpTsM
4k2ArXNkU6e7G7jauKrc3iH9REZ5BHh+xW3eyqfzeGbzOU7iKVtUoSfgkvbuuBVK
fYw5MHKaNJ02++zqwW0ZkDnYw6gvmrO9MFTPVtNFt3xFCurxAf/AUwek/NWzp5Eq
hUxpJDlSGwwYghxfwF3hByUDLOd6h5jCOUrNAhk2ZKffvQ==
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:29 2023 by rpki-client on console-fra.rpki-client.org