Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ac6fa2-24c1-44ea-9f18-30991eb06d32.roa
File: 55ac6fa2-24c1-44ea-9f18-30991eb06d32.roa (raw, json)
Hash identifier: 5rdvWsXGowq24+aVfkDD1Ef6O+4DT2OpaLcyY3TIzMM=
Subject key identifier: D2:89:BB:BD:CD:53:65:2C:D6:37:B6:5D:12:B0:BC:C1:A8:90:EE:4B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C9755BDB1A34D784CEB2FE933B56FB29FEC47A5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ac6fa2-24c1-44ea-9f18-30991eb06d32.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:97:55:bd:b1:a3:4d:78:4c:eb:2f:e9:33:b5:6f:b2:9f:ec:47:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=af04b7d6f9a1cb36aecbd1e9a56c617b39ff294d9cb700adb01f874bc73021fb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ac:3d:8f:b1:4e:d3:20:38:01:99:63:b4:00:
c5:32:97:5b:1f:95:81:c7:0e:28:fb:80:d0:01:73:
95:b1:53:fa:be:cf:a4:af:be:ce:8d:63:da:5c:09:
bf:45:4e:03:be:9d:c9:e9:fd:ed:85:4f:cd:a7:1a:
d1:58:3b:18:03:34:10:d0:dc:5d:5f:6a:62:fc:3c:
b9:2b:95:c5:2e:34:44:6a:1e:15:27:68:dc:41:69:
47:5f:cd:e2:b3:13:43:dc:09:27:25:da:61:ba:3f:
a6:a1:6b:44:02:2f:36:f1:b0:f4:d1:47:1c:11:eb:
6d:98:98:7b:8f:1d:d1:15:e3:f4:9c:d0:7d:5d:63:
df:82:88:27:14:78:ff:14:e4:87:de:bf:c5:54:55:
5b:69:17:c2:7b:7d:0d:6c:98:19:41:a4:b9:34:ca:
7c:0f:dd:5d:97:c5:59:03:1d:b5:a5:79:a7:8a:24:
83:57:e9:28:57:1f:2f:62:11:a6:8f:0c:c6:b8:01:
1f:ef:58:72:77:85:ff:fc:52:c8:7a:d2:55:d1:6c:
52:b0:7c:4a:fb:1f:ca:2a:a6:33:53:95:b3:c3:0f:
42:6a:f7:b9:43:53:40:a7:63:c0:44:87:2b:ce:c6:
ee:24:bc:9a:5b:e9:cc:40:70:38:58:72:33:c9:0a:
16:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:89:BB:BD:CD:53:65:2C:D6:37:B6:5D:12:B0:BC:C1:A8:90:EE:4B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ac6fa2-24c1-44ea-9f18-30991eb06d32.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.192.0/19
Signature Algorithm: sha256WithRSAEncryption
81:ae:0d:d9:77:d9:d7:0a:d4:67:23:da:a4:f2:e4:43:2e:3b:
b2:f6:9a:49:3c:8b:43:12:d1:04:a5:d2:55:41:1d:6f:ec:0e:
c8:f0:e0:78:37:00:7f:a1:3d:24:bf:ef:f0:bc:3c:12:3b:ce:
55:f1:1c:d4:4c:91:39:55:bb:60:93:d4:63:7d:73:91:f3:d7:
c1:ab:03:62:7a:eb:36:d9:30:75:fa:6b:e8:33:49:b1:84:82:
f9:d5:9c:f4:cd:bc:f9:b5:f8:56:2c:f9:5d:db:31:dd:98:81:
70:9d:fc:42:1f:82:42:a7:f5:65:6c:da:42:e2:ca:4a:e1:d8:
3d:f3:a9:f0:70:0d:1d:85:2c:6a:b3:7b:e7:a3:e9:16:3c:56:
2c:f7:9a:d4:76:60:f4:00:2a:87:d5:ec:82:58:c4:58:d4:87:
1d:d4:51:a6:79:a2:1d:7f:88:ae:db:e7:78:c6:cd:01:d1:89:
75:aa:f5:2e:85:82:65:5b:d3:bf:19:d9:bd:cb:5c:d5:78:b8:
e4:7d:db:70:51:6e:aa:26:e5:2a:49:48:60:fb:c5:7b:86:d2:
5f:5a:ae:19:08:ea:e1:5e:04:35:85:90:39:cc:2a:2a:5c:df:
14:72:99:cf:c8:97:b7:c7:6b:85:66:7a:82:7b:db:f4:a0:30:
4a:c1:79:fb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXJdVvbGjTXhM6y/pM7Vvsp/sR6UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmMDRiN2Q2ZjlhMWNiMzZhZWNiZDFlOWE1NmM2MTdiMzlmZjI5NGQ5Y2I3
MDBhZGIwMWY4NzRiYzczMDIxZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCsPY+xTtMgOAGZY7QAxTKXWx+VgccOKPuA0AFzlbFT+r7PpK++zo1j2lwJ
v0VOA76dyen97YVPzaca0Vg7GAM0ENDcXV9qYvw8uSuVxS40RGoeFSdo3EFpR1/N
4rMTQ9wJJyXaYbo/pqFrRAIvNvGw9NFHHBHrbZiYe48d0RXj9JzQfV1j34KIJxR4
/xTkh96/xVRVW2kXwnt9DWyYGUGkuTTKfA/dXZfFWQMdtaV5p4okg1fpKFcfL2IR
po8MxrgBH+9YcneF//xSyHrSVdFsUrB8SvsfyiqmM1OVs8MPQmr3uUNTQKdjwESH
K87G7iS8mlvpzEBwOFhyM8kKFhcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTSibu9
zVNlLNY3tl0SsLzBqJDuSzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTVhYzZmYTItMjRjMS00NGVhLTlmMTgtMzA5OTFlYjA2ZDMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6JwDAN
BgkqhkiG9w0BAQsFAAOCAQEAga4N2XfZ1wrUZyPapPLkQy47svaaSTyLQxLRBKXS
VUEdb+wOyPDgeDcAf6E9JL/v8Lw8EjvOVfEc1EyROVW7YJPUY31zkfPXwasDYnrr
Ntkwdfpr6DNJsYSC+dWc9M28+bX4Viz5Xdsx3ZiBcJ38Qh+CQqf1ZWzaQuLKSuHY
PfOp8HANHYUsarN756PpFjxWLPea1HZg9AAqh9XsgljEWNSHHdRRpnmiHX+Irtvn
eMbNAdGJdar1LoWCZVvTvxnZvctc1Xi45H3bcFFuqiblKklIYPvFe4bSX1quGQjq
4V4ENYWQOcwqKlzfFHKZz8iXt8drhWZ6gnvb9KAwSsF5+w==
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:02:32 2024 by rpki-client on console-fra.rpki-client.org