Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/683a15e6-2eeb-4cab-954a-3ba3a7f06f0a.roa
File: 683a15e6-2eeb-4cab-954a-3ba3a7f06f0a.roa (raw, json)
Hash identifier: EsB5R9g7Ss40fN5/nzfyUwRSy3x5fXJmY/Zf9ek8vMo=
Subject key identifier: 5A:B2:74:5D:79:C5:1E:48:EE:6C:13:5D:C2:6A:C8:BC:AE:91:3F:D8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B0755B0ABCD316EF26DA7E4D738DB1CF699B4B1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/683a15e6-2eeb-4cab-954a-3ba3a7f06f0a.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.192.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:07:55:b0:ab:cd:31:6e:f2:6d:a7:e4:d7:38:db:1c:f6:99:b4:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=460a461fd321a2b8aa800acea5076a11d8efbb09b76d01d21b18838a35d6f3e0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:01:29:e3:99:83:d7:66:c6:7f:c4:01:30:af:
2f:b3:11:67:8d:c0:c3:c9:5b:2a:43:82:fa:97:3b:
88:14:68:6e:57:20:77:f7:78:e8:b3:d7:18:f2:c9:
bb:fe:ae:a7:64:1d:47:92:f2:86:d5:37:b3:f7:a0:
e1:b2:55:1a:0f:05:4a:05:fd:db:c2:42:b7:90:7b:
5c:ac:8b:3a:65:b2:37:ef:d6:16:ea:1d:83:5e:04:
e3:e9:53:c4:b8:08:3f:6d:3b:e5:6d:17:fc:ed:bc:
0c:d8:31:bd:17:bd:b7:f5:3b:9c:ee:0e:f2:99:9c:
fe:a8:32:79:70:d2:e0:12:9b:cb:0d:70:83:5e:4b:
99:a9:f0:57:b4:59:f0:74:3c:bc:9f:9f:5b:9f:e0:
48:38:db:90:a5:33:ea:22:e4:f7:66:ef:fa:91:ea:
a5:9b:ba:b9:6e:84:57:69:d5:a1:12:01:b7:0e:c1:
fd:3f:51:21:b7:0e:5d:2f:1a:25:c0:fd:8d:21:44:
69:1a:c1:f1:0a:81:7a:1d:8f:dc:f9:af:8b:94:21:
1a:81:6d:4b:c6:d8:f0:4e:81:63:6e:e1:a6:29:bf:
09:1c:ac:f3:86:9c:66:0a:de:1a:aa:92:8a:9b:68:
fd:0a:61:02:f7:54:54:f1:02:1a:9c:a9:b3:49:c0:
9c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:B2:74:5D:79:C5:1E:48:EE:6C:13:5D:C2:6A:C8:BC:AE:91:3F:D8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/683a15e6-2eeb-4cab-954a-3ba3a7f06f0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.192.0/20
Signature Algorithm: sha256WithRSAEncryption
b2:f6:c1:ad:1c:64:a6:94:87:b9:8b:cf:c3:e8:fd:dc:ec:89:
f5:24:07:5a:8f:7e:1a:ad:f5:c0:08:5c:cb:3a:dd:e4:c7:8f:
c2:05:74:95:08:fb:3b:c1:f3:f7:2c:21:4e:b4:19:3d:e3:4b:
a8:ca:55:cb:51:13:39:02:61:60:89:04:a7:f7:b2:05:38:bd:
b8:0d:32:16:eb:16:bd:14:04:2a:66:5e:76:62:95:0a:7f:34:
fc:81:50:a8:73:d5:f5:61:b2:c9:f0:3d:61:ca:eb:96:3f:b0:
81:32:62:95:0f:bb:9e:46:fc:37:a2:85:9c:f7:34:6a:a7:b5:
6a:ab:28:35:9c:80:8f:81:23:08:7c:bb:1f:91:de:a7:a5:4f:
d0:05:80:c9:c6:e1:38:9c:1d:51:f1:0c:f3:47:bc:25:03:1a:
cd:41:92:4c:4e:cf:37:38:aa:57:5a:0d:7c:ba:3b:46:46:db:
7f:93:1b:93:67:ab:bc:7f:7d:cc:bf:0c:11:1d:06:13:a0:f3:
99:6c:c3:1c:3d:c8:87:45:92:7c:8f:8a:f5:68:1d:d4:da:87:
30:0d:9e:0c:c7:14:f1:77:c4:6a:65:97:a2:36:aa:ef:a1:7e:
8f:78:db:13:d2:f0:ef:17:53:90:59:fb:f6:f9:66:f4:28:72:
0e:d7:93:b1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGwdVsKvNMW7ybafk1zjbHPaZtLEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2MGE0NjFmZDMyMWEyYjhhYTgwMGFjZWE1MDc2YTExZDhlZmJiMDliNzZk
MDFkMjFiMTg4MzhhMzVkNmYzZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKwBKeOZg9dmxn/EATCvL7MRZ43Aw8lbKkOC+pc7iBRoblcgd/d46LPXGPLJ
u/6up2QdR5LyhtU3s/eg4bJVGg8FSgX928JCt5B7XKyLOmWyN+/WFuodg14E4+lT
xLgIP2075W0X/O28DNgxvRe9t/U7nO4O8pmc/qgyeXDS4BKbyw1wg15LmanwV7RZ
8HQ8vJ+fW5/gSDjbkKUz6iLk92bv+pHqpZu6uW6EV2nVoRIBtw7B/T9RIbcOXS8a
JcD9jSFEaRrB8QqBeh2P3Pmvi5QhGoFtS8bY8E6BY27hpim/CRys84acZgreGqqS
ipto/QphAvdUVPECGpyps0nAnKkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRasnRd
ecUeSO5sE13Casi8rpE/2DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjgzYTE1ZTYtMmVlYi00Y2FiLTk1NGEtM2JhM2E3ZjA2ZjBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC4zwDAN
BgkqhkiG9w0BAQsFAAOCAQEAsvbBrRxkppSHuYvPw+j93OyJ9SQHWo9+Gq31wAhc
yzrd5MePwgV0lQj7O8Hz9ywhTrQZPeNLqMpVy1ETOQJhYIkEp/eyBTi9uA0yFusW
vRQEKmZedmKVCn80/IFQqHPV9WGyyfA9Ycrrlj+wgTJilQ+7nkb8N6KFnPc0aqe1
aqsoNZyAj4EjCHy7H5Hep6VP0AWAycbhOJwdUfEM80e8JQMazUGSTE7PNziqV1oN
fLo7Rkbbf5Mbk2ervH99zL8MER0GE6DzmWzDHD3Ih0WSfI+K9Wgd1NqHMA2eDMcU
8XfEamWXojaq76F+j3jbE9Lw7xdTkFn79vlm9ChyDteTsQ==
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:30 2023 by rpki-client on console-fra.rpki-client.org