Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/683a15e6-2eeb-4cab-954a-3ba3a7f06f0a.roa
File: 683a15e6-2eeb-4cab-954a-3ba3a7f06f0a.roa (raw, json)
Hash identifier: 3ctU8CZnzKbx3PaNkyucPfUZQale4lPvOPi7TxiiCMQ=
Subject key identifier: 1B:03:A6:3C:0F:2C:9B:7D:C9:B7:07:40:20:59:00:84:76:B8:96:3A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69F87AC846B5AC6995C09501AFB69565A611B9FF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/683a15e6-2eeb-4cab-954a-3ba3a7f06f0a.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.192.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:f8:7a:c8:46:b5:ac:69:95:c0:95:01:af:b6:95:65:a6:11:b9:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=3715565a0c79bd6df77735b9652baf0c6578cf5d4fcff2186c3e5a11da15ea96, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e1:c0:c3:ed:b9:40:9b:ee:e3:9a:33:4b:65:
59:cd:0c:9f:47:84:aa:5f:62:1a:e4:e6:23:b2:25:
43:20:5e:25:f1:42:10:e1:34:4d:18:59:ba:23:9d:
42:69:ae:26:da:ca:6e:32:8d:8c:f0:9b:cc:fe:32:
4a:3d:52:51:be:aa:b9:0f:45:ff:0b:ee:cb:c2:d1:
9a:ce:fb:60:4c:d0:7d:1f:de:1a:2f:fa:4a:77:93:
61:16:f7:1b:a8:7d:d4:f0:d5:36:b0:a5:9f:ca:04:
71:df:05:ce:02:b4:6b:51:a8:07:e1:0c:04:6a:c6:
11:65:7d:8b:ab:99:83:e8:8d:7c:a5:73:99:f3:3e:
36:89:1d:6a:5f:59:ba:eb:0c:68:2e:3e:f9:e9:4a:
94:bb:4c:4c:1f:dc:0d:46:bf:b8:f3:be:f8:85:00:
00:7c:25:d8:69:59:82:ae:b9:d5:f9:22:80:16:9c:
8c:0d:2c:98:78:2c:bc:b0:b6:59:a5:6a:10:26:b1:
a9:4d:4e:45:f5:fe:e5:ed:11:81:3b:f9:c3:c0:93:
dc:3c:a8:74:52:39:ab:17:f7:ce:33:84:60:04:13:
4e:74:b2:64:80:90:e5:43:36:48:90:1c:20:64:49:
a4:db:c7:43:ea:55:76:98:b8:19:c1:be:9e:5c:b6:
e1:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:03:A6:3C:0F:2C:9B:7D:C9:B7:07:40:20:59:00:84:76:B8:96:3A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/683a15e6-2eeb-4cab-954a-3ba3a7f06f0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.192.0/20
Signature Algorithm: sha256WithRSAEncryption
6f:64:ca:91:d2:d6:01:0e:4a:e4:e9:b8:42:58:c7:c7:03:51:
4f:42:9d:b5:49:31:26:d8:8e:5c:48:a7:5a:a7:f3:3a:f5:73:
7a:29:26:d9:74:eb:be:dd:81:88:5a:97:08:f7:51:bf:8f:10:
0d:52:08:8d:92:61:e7:bc:e0:18:f5:13:3c:89:c0:45:12:e5:
f1:52:8c:33:cf:c7:98:d9:93:70:26:5d:7e:47:15:b8:a9:b1:
fa:c2:52:71:c5:28:8b:d9:93:42:27:9a:0d:00:0f:95:25:c2:
f1:05:86:ca:de:92:b0:47:95:3a:e3:b6:6f:72:5e:8e:ab:2d:
a5:f0:03:a6:79:ab:97:d4:2d:b5:32:44:8c:f1:70:f7:b5:28:
83:ab:4d:89:7e:2d:19:ae:05:d6:d6:6f:8c:f4:4f:b5:35:e3:
fe:c7:e0:49:d4:02:08:d2:2d:3a:75:2a:3a:60:62:a0:a1:ec:
70:9f:18:e9:3c:99:1a:7b:ba:12:a6:0f:f6:3d:8a:84:0f:3f:
fc:7c:88:da:6f:9f:54:66:fe:a1:94:60:58:a6:db:67:39:f4:
e7:19:bf:a2:49:5a:a5:41:d1:a7:1a:0a:44:1d:2b:a3:53:2a:
64:d6:88:43:8b:d4:f2:1b:b3:c4:80:bc:1e:3f:ae:c8:2e:e4:
89:2e:69:e3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUafh6yEa1rGmVwJUBr7aVZaYRuf8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3MTU1NjVhMGM3OWJkNmRmNzc3MzViOTY1MmJhZjBjNjU3OGNmNWQ0ZmNm
ZjIxODZjM2U1YTExZGExNWVhOTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIXhwMPtuUCb7uOaM0tlWc0Mn0eEql9iGuTmI7IlQyBeJfFCEOE0TRhZuiOd
QmmuJtrKbjKNjPCbzP4ySj1SUb6quQ9F/wvuy8LRms77YEzQfR/eGi/6SneTYRb3
G6h91PDVNrCln8oEcd8FzgK0a1GoB+EMBGrGEWV9i6uZg+iNfKVzmfM+Nokdal9Z
uusMaC4++elKlLtMTB/cDUa/uPO++IUAAHwl2GlZgq651fkigBacjA0smHgsvLC2
WaVqECaxqU1ORfX+5e0RgTv5w8CT3DyodFI5qxf3zjOEYAQTTnSyZICQ5UM2SJAc
IGRJpNvHQ+pVdpi4GcG+nly24Z8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQbA6Y8
Dyybfcm3B0AgWQCEdriWOjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjgzYTE1ZTYtMmVlYi00Y2FiLTk1NGEtM2JhM2E3ZjA2ZjBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC4zwDAN
BgkqhkiG9w0BAQsFAAOCAQEAb2TKkdLWAQ5K5Om4QljHxwNRT0KdtUkxJtiOXEin
WqfzOvVzeikm2XTrvt2BiFqXCPdRv48QDVIIjZJh57zgGPUTPInARRLl8VKMM8/H
mNmTcCZdfkcVuKmx+sJSccUoi9mTQieaDQAPlSXC8QWGyt6SsEeVOuO2b3Jejqst
pfADpnmrl9QttTJEjPFw97Uog6tNiX4tGa4F1tZvjPRPtTXj/sfgSdQCCNItOnUq
OmBioKHscJ8Y6TyZGnu6EqYP9j2KhA8//HyI2m+fVGb+oZRgWKbbZzn05xm/okla
pUHRpxoKRB0ro1MqZNaIQ4vU8huzxIC8Hj+uyC7kiS5p4w==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:32 2024 by rpki-client on console-ams.rpki-client.org