Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ac6fa2-24c1-44ea-9f18-30991eb06d32.roa
File: 55ac6fa2-24c1-44ea-9f18-30991eb06d32.roa (raw, json)
Hash identifier: h6YURDqdG6NQYvKstcDNZI4RXeckz9AgRkUYZu9aeIg=
Subject key identifier: A9:F4:DC:2A:23:59:69:60:E8:5D:7D:BB:B7:48:1A:F8:FB:56:E8:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4E55B65B859D6B1216F2503A2AD958D7D57B2CE8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ac6fa2-24c1-44ea-9f18-30991eb06d32.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:55:b6:5b:85:9d:6b:12:16:f2:50:3a:2a:d9:58:d7:d5:7b:2c:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=e84fec2fe7aba5ccaa4296611acd0354bbc2f2d6ce985def6312f86f1b4332ea, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e2:94:2d:20:d4:02:99:43:80:c4:97:b0:c7:
09:ff:3f:65:e8:97:b2:9b:cc:2e:5a:db:dc:aa:a3:
19:96:d2:cd:51:ee:a0:00:d8:a2:13:7b:a4:41:20:
3b:5a:1f:ba:ee:43:44:ec:4c:f2:2e:44:e8:29:d3:
93:3b:38:f3:4c:b7:b2:2f:2a:7c:d5:2a:07:f9:2b:
60:14:02:98:65:9b:58:66:21:79:bf:20:7b:9c:e5:
23:8b:31:1a:61:4f:5a:f3:fb:61:dd:e0:70:fa:a4:
c9:78:28:59:25:2f:cd:ee:4d:6a:8a:bc:8f:bd:87:
ed:d2:6e:bd:02:d2:dc:ce:ac:52:9b:7a:db:28:6f:
d1:c7:e4:60:69:37:79:43:ea:ce:d8:46:c7:37:1a:
17:fe:b2:69:3c:1e:6e:a5:52:91:fc:74:35:16:f8:
16:0e:1d:60:1c:7d:0f:44:eb:14:84:f9:99:ba:0b:
da:2f:0a:0e:79:31:bf:d5:57:12:2f:de:6b:6c:e8:
0c:4a:1f:8f:34:21:e4:5d:ac:b5:cd:3f:41:0b:91:
b6:7c:4a:9a:83:4f:22:93:31:26:68:2d:70:ad:bc:
80:30:49:24:2c:9c:74:25:55:90:b8:a2:3d:e3:8e:
aa:f2:1d:e4:0f:f9:c1:1a:2e:f9:20:1d:f1:ba:c5:
83:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:F4:DC:2A:23:59:69:60:E8:5D:7D:BB:B7:48:1A:F8:FB:56:E8:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ac6fa2-24c1-44ea-9f18-30991eb06d32.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.192.0/19
Signature Algorithm: sha256WithRSAEncryption
60:e3:33:92:43:2a:3a:d5:49:97:99:6c:b6:72:43:0d:c2:fa:
a1:22:84:97:93:84:a9:6c:83:b2:29:2a:8f:8a:e2:53:50:c0:
0a:0a:f5:f0:88:e4:6e:70:50:13:04:a3:a7:76:b3:1a:d7:9e:
bd:d3:3c:48:1d:33:9a:8b:ad:8c:e6:79:bd:0c:31:a2:70:5d:
4b:ad:48:e1:ee:7c:09:35:ce:fc:8b:32:6b:3c:2f:d5:91:65:
bc:68:0f:0f:e9:31:31:2e:f7:72:a5:63:f3:40:5b:2f:2e:2a:
e8:9d:13:4f:26:78:8e:6a:34:93:8d:3b:5d:85:6a:5e:67:2f:
92:25:52:16:60:f2:74:e1:90:38:eb:c7:5f:dc:1d:ab:b9:09:
39:38:d2:5b:bb:a5:fb:f6:35:f1:9b:a5:40:09:93:69:ff:c4:
74:ff:ae:bd:cf:de:65:bf:4b:4e:ed:de:dd:e3:25:fe:eb:cc:
18:2b:19:54:c7:b6:b3:ff:71:86:93:a9:99:b8:29:98:43:12:
f5:4c:66:30:44:be:01:6b:70:d3:77:f0:6f:ce:62:46:aa:75:
c3:63:f7:01:2e:23:da:a1:e8:e6:79:97:79:4e:c8:fe:e6:5b:
42:96:5a:31:d3:8c:db:22:3b:a8:3d:33:5f:ba:95:9f:e0:64:
13:24:79:3c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTlW2W4WdaxIW8lA6KtlY19V7LOgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4NGZlYzJmZTdhYmE1Y2NhYTQyOTY2MTFhY2QwMzU0YmJjMmYyZDZjZTk4
NWRlZjYzMTJmODZmMWI0MzMyZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMHilC0g1AKZQ4DEl7DHCf8/ZeiXspvMLlrb3KqjGZbSzVHuoADYohN7pEEg
O1ofuu5DROxM8i5E6CnTkzs480y3si8qfNUqB/krYBQCmGWbWGYheb8ge5zlI4sx
GmFPWvP7Yd3gcPqkyXgoWSUvze5Naoq8j72H7dJuvQLS3M6sUpt62yhv0cfkYGk3
eUPqzthGxzcaF/6yaTwebqVSkfx0NRb4Fg4dYBx9D0TrFIT5mboL2i8KDnkxv9VX
Ei/ea2zoDEofjzQh5F2stc0/QQuRtnxKmoNPIpMxJmgtcK28gDBJJCycdCVVkLii
PeOOqvId5A/5wRou+SAd8brFgyECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSp9Nwq
I1lpYOhdfbu3SBr4+1boXzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTVhYzZmYTItMjRjMS00NGVhLTlmMTgtMzA5OTFlYjA2ZDMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6JwDAN
BgkqhkiG9w0BAQsFAAOCAQEAYOMzkkMqOtVJl5lstnJDDcL6oSKEl5OEqWyDsikq
j4riU1DACgr18IjkbnBQEwSjp3azGteevdM8SB0zmoutjOZ5vQwxonBdS61I4e58
CTXO/Isyazwv1ZFlvGgPD+kxMS73cqVj80BbLy4q6J0TTyZ4jmo0k407XYVqXmcv
kiVSFmDydOGQOOvHX9wdq7kJOTjSW7ul+/Y18ZulQAmTaf/EdP+uvc/eZb9LTu3e
3eMl/uvMGCsZVMe2s/9xhpOpmbgpmEMS9UxmMES+AWtw03fwb85iRqp1w2P3AS4j
2qHo5nmXeU7I/uZbQpZaMdOM2yI7qD0zX7qVn+BkEyR5PA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:31 2024 by rpki-client on console-fra.rpki-client.org