Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/683a15e6-2eeb-4cab-954a-3ba3a7f06f0a.roa
File: 683a15e6-2eeb-4cab-954a-3ba3a7f06f0a.roa (raw, json)
Hash identifier: nW6d4owDRXZZcYAzlLa4KskRkzaAgIpT0tZRzbxz014=
Subject key identifier: 18:6F:CB:A5:86:D3:0F:05:03:F1:28:9A:FB:CD:4F:FC:70:92:96:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 22FA93C48025F6DEAE2BB642F4A838DC07F05E4B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/683a15e6-2eeb-4cab-954a-3ba3a7f06f0a.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.192.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:fa:93:c4:80:25:f6:de:ae:2b:b6:42:f4:a8:38:dc:07:f0:5e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=529c9e519d2b4b6ada04d18bb9eaf7b79807d17f5cbaa70b69ecb8a20796be5d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b6:7d:5b:89:55:d6:dc:36:62:a3:e0:fa:fb:
83:92:bd:17:40:ed:78:ab:80:ee:0a:af:b5:83:49:
03:27:8d:f2:1d:c7:d7:12:e8:5b:54:c4:6e:e3:9c:
a8:a5:50:fc:37:42:a0:c8:ba:aa:3a:6a:c1:e6:59:
65:b3:aa:fd:51:e7:91:31:73:74:2d:7e:ba:36:cd:
1c:5a:03:ed:03:04:7a:cc:fa:45:4b:e7:51:1e:a4:
5d:a5:4f:0b:cb:fc:16:36:a3:db:0f:1e:d1:7b:29:
08:bc:b5:cd:22:7e:b7:81:d7:de:c3:bf:73:a2:0c:
1e:84:13:f0:8a:a3:c3:aa:d0:fb:c9:0d:93:6c:af:
15:93:47:06:e7:9e:1e:b6:cf:65:e7:1c:35:7a:64:
fa:61:a2:e9:80:22:e9:5a:69:ff:1c:d1:61:4b:11:
ad:64:c0:95:a6:bd:8e:fb:2b:47:82:27:b7:01:1b:
5d:ba:b2:2a:3f:1d:7a:b1:bb:00:2d:d3:79:bc:3a:
37:39:d2:df:16:be:2e:c1:22:7e:34:2d:0c:43:64:
f1:ba:ed:07:cf:06:58:45:91:54:52:3c:9f:04:21:
9e:2a:fb:34:4f:77:41:16:86:8b:79:ac:54:42:79:
95:3d:73:6e:cd:fa:bc:ec:94:45:34:02:fd:5c:00:
2f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:6F:CB:A5:86:D3:0F:05:03:F1:28:9A:FB:CD:4F:FC:70:92:96:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/683a15e6-2eeb-4cab-954a-3ba3a7f06f0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.192.0/20
Signature Algorithm: sha256WithRSAEncryption
98:4f:ec:8a:3c:7e:02:a6:0e:13:78:31:21:5f:02:b4:e0:4b:
16:83:2f:76:cb:7c:41:09:2a:28:bb:03:83:96:0d:b6:76:4d:
b0:9e:c3:dd:a2:67:43:2e:27:53:e4:95:7e:01:b6:1e:4a:20:
3a:ae:ae:76:d6:92:36:15:e4:cb:97:b6:68:33:94:06:fb:8d:
17:6b:4a:06:d0:a8:bc:ef:c5:35:5f:e4:18:4a:fa:59:9f:6a:
85:c8:3a:99:1f:df:ed:b0:3c:c8:8e:fe:f5:88:81:d4:7b:59:
02:f2:58:e4:6f:ad:28:27:67:a4:69:b4:b6:f6:60:1e:1c:06:
70:ed:7a:90:fd:5b:8e:ee:8d:04:9e:17:cb:52:9c:c1:a5:b5:
99:d4:5c:57:1a:a9:5d:3a:2c:96:f9:48:2e:49:58:da:1c:94:
ae:61:8e:af:19:fb:3d:fa:8b:e9:62:c3:d1:3a:36:72:3a:dc:
79:9c:88:b6:58:73:27:00:70:b0:49:80:ff:52:50:4e:d2:d4:
57:b3:ab:a4:58:1b:e0:ee:bb:3b:cd:a6:a0:8c:95:e8:8b:43:
5d:fc:5f:40:7d:e2:2b:f6:bb:cf:aa:ed:e9:6c:e2:54:60:c5:
19:ac:a5:3f:0f:5a:23:ba:35:9f:e9:f4:75:68:32:19:5f:2b:
ac:66:cb:18
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIvqTxIAl9t6uK7ZC9Kg43AfwXkswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyOWM5ZTUxOWQyYjRiNmFkYTA0ZDE4YmI5ZWFmN2I3OTgwN2QxN2Y1Y2Jh
YTcwYjY5ZWNiOGEyMDc5NmJlNWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJi2fVuJVdbcNmKj4Pr7g5K9F0DteKuA7gqvtYNJAyeN8h3H1xLoW1TEbuOc
qKVQ/DdCoMi6qjpqweZZZbOq/VHnkTFzdC1+ujbNHFoD7QMEesz6RUvnUR6kXaVP
C8v8Fjaj2w8e0XspCLy1zSJ+t4HX3sO/c6IMHoQT8Iqjw6rQ+8kNk2yvFZNHBuee
HrbPZeccNXpk+mGi6YAi6Vpp/xzRYUsRrWTAlaa9jvsrR4IntwEbXbqyKj8derG7
AC3Tebw6NznS3xa+LsEifjQtDENk8brtB88GWEWRVFI8nwQhnir7NE93QRaGi3ms
VEJ5lT1zbs36vOyURTQC/VwALysCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQYb8ul
htMPBQPxKJr7zU/8cJKWkDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjgzYTE1ZTYtMmVlYi00Y2FiLTk1NGEtM2JhM2E3ZjA2ZjBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC4zwDAN
BgkqhkiG9w0BAQsFAAOCAQEAmE/sijx+AqYOE3gxIV8CtOBLFoMvdst8QQkqKLsD
g5YNtnZNsJ7D3aJnQy4nU+SVfgG2HkogOq6udtaSNhXky5e2aDOUBvuNF2tKBtCo
vO/FNV/kGEr6WZ9qhcg6mR/f7bA8yI7+9YiB1HtZAvJY5G+tKCdnpGm0tvZgHhwG
cO16kP1bju6NBJ4Xy1KcwaW1mdRcVxqpXToslvlILklY2hyUrmGOrxn7PfqL6WLD
0To2cjrceZyItlhzJwBwsEmA/1JQTtLUV7OrpFgb4O67O82moIyV6ItDXfxfQH3i
K/a7z6rt6WziVGDFGaylPw9aI7o1n+n0dWgyGV8rrGbLGA==
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:11 2024 by rpki-client on console-fra.rpki-client.org