Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b695a6b-ec66-4d2c-9703-db1465b53dd4.roa
File: 6b695a6b-ec66-4d2c-9703-db1465b53dd4.roa (raw, json)
Hash identifier: aLkOlFfxDqKAODdHnyTYnyk5eO+yblzuJNwRzlh9PUI=
Subject key identifier: 15:B3:4E:8B:AC:74:38:26:DF:75:16:38:D7:97:FC:8F:9D:EF:25:52
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 351A8C068C32962ED8FE30951619548F8FA31093
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b695a6b-ec66-4d2c-9703-db1465b53dd4.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:1a:8c:06:8c:32:96:2e:d8:fe:30:95:16:19:54:8f:8f:a3:10:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=0deff5a72a6052561e5e2d93da1669f669ff4ab04093d136fcdb2b7ba76b9271, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:04:4a:d7:6a:41:3d:48:2b:20:15:69:6b:4f:
5b:cd:08:2e:43:4d:1c:ad:90:80:fd:cd:46:15:72:
e1:93:f1:40:65:a1:8d:5e:13:8b:18:8f:13:86:d8:
4e:3d:be:71:ee:5b:4c:6e:88:5f:6a:f2:d3:a0:8c:
9a:a0:02:7e:09:17:5a:13:84:81:09:b0:9c:4a:76:
11:78:a9:c0:29:7b:4a:84:0c:d8:8f:66:a8:98:f1:
20:11:39:e8:97:f3:e9:27:3d:c2:df:57:0e:ac:5b:
8a:b4:36:ae:21:fb:42:12:1f:41:b1:fc:92:c4:a5:
ac:b0:ed:57:ae:2c:a7:b8:22:2b:2b:dc:09:3a:c7:
f2:f0:1e:25:c2:a4:b0:8f:87:26:62:19:08:d6:44:
35:da:06:2d:15:ed:4c:b6:4a:16:1c:e5:12:48:c2:
2f:b6:b5:09:2a:87:2f:86:c1:33:72:14:48:18:dc:
c8:e3:a8:1d:e4:cd:38:2a:5c:fc:54:fa:48:85:df:
a4:3d:2e:15:70:b9:8b:e7:0b:03:26:7d:85:65:62:
3e:65:ba:61:de:01:ab:18:73:fb:bf:d2:80:f1:64:
bf:69:51:8e:fe:d0:7d:d7:b5:f7:9b:58:41:84:0f:
37:ca:e0:e3:5e:21:da:bf:9f:8c:63:8f:4a:f2:51:
ce:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:B3:4E:8B:AC:74:38:26:DF:75:16:38:D7:97:FC:8F:9D:EF:25:52
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b695a6b-ec66-4d2c-9703-db1465b53dd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.128.0/17
Signature Algorithm: sha256WithRSAEncryption
88:96:9d:16:b0:0d:76:6c:f6:7d:42:ed:11:7a:bc:03:1c:04:
91:f1:07:4b:55:45:bf:8d:ea:91:88:c9:40:a4:34:24:53:cc:
c1:04:d5:10:6c:ae:50:48:00:2f:cf:52:a3:36:04:b1:d8:4b:
d0:11:67:14:17:46:13:f2:33:7a:f3:38:fc:94:f1:38:15:95:
8f:1e:a7:75:8f:dd:b1:f2:b7:15:e5:44:84:ab:0a:a9:45:ad:
4d:37:fd:ff:0d:c5:57:2b:59:54:b0:ee:93:e3:49:7e:72:6b:
64:38:a0:42:51:7a:ca:15:02:ea:a7:9e:97:8e:c1:15:5b:6f:
34:3d:72:c1:b8:92:66:4f:0e:2e:0d:7f:c2:af:d7:4b:49:a6:
41:b2:8b:77:cc:d9:2c:87:ca:3f:36:cb:df:1b:b7:81:92:a7:
9f:9c:8a:4d:c9:91:f0:1f:42:eb:93:61:f5:c8:9e:23:15:5f:
fe:31:40:cc:f6:25:a1:28:41:59:18:24:ba:54:91:0b:69:31:
41:a4:51:07:62:be:41:93:f5:c6:5f:fb:fe:88:57:98:19:19:
88:cd:db:9b:be:fa:8f:bd:6e:58:5a:8a:42:92:57:83:48:51:
65:d1:e5:c2:0d:ad:5c:10:da:33:14:c8:da:fc:02:e4:ae:17:
3c:a9:31:ac
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNRqMBowyli7Y/jCVFhlUj4+jEJMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDBkZWZmNWE3MmE2MDUyNTYxZTVlMmQ5M2RhMTY2OWY2NjlmZjRhYjA0MDkz
ZDEzNmZjZGIyYjdiYTc2YjkyNzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKcEStdqQT1IKyAVaWtPW80ILkNNHK2QgP3NRhVy4ZPxQGWhjV4TixiPE4bY
Tj2+ce5bTG6IX2ry06CMmqACfgkXWhOEgQmwnEp2EXipwCl7SoQM2I9mqJjxIBE5
6Jfz6Sc9wt9XDqxbirQ2riH7QhIfQbH8ksSlrLDtV64sp7giKyvcCTrH8vAeJcKk
sI+HJmIZCNZENdoGLRXtTLZKFhzlEkjCL7a1CSqHL4bBM3IUSBjcyOOoHeTNOCpc
/FT6SIXfpD0uFXC5i+cLAyZ9hWViPmW6Yd4Bqxhz+7/SgPFkv2lRjv7Qfde195tY
QYQPN8rg414h2r+fjGOPSvJRzosCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQVs06L
rHQ4Jt91FjjXl/yPne8lUjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmI2OTVhNmItZWM2Ni00ZDJjLTk3MDMtZGIxNDY1YjUzZGQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB7AigDAN
BgkqhkiG9w0BAQsFAAOCAQEAiJadFrANdmz2fULtEXq8AxwEkfEHS1VFv43qkYjJ
QKQ0JFPMwQTVEGyuUEgAL89SozYEsdhL0BFnFBdGE/IzevM4/JTxOBWVjx6ndY/d
sfK3FeVEhKsKqUWtTTf9/w3FVytZVLDuk+NJfnJrZDigQlF6yhUC6qeel47BFVtv
ND1ywbiSZk8OLg1/wq/XS0mmQbKLd8zZLIfKPzbL3xu3gZKnn5yKTcmR8B9C65Nh
9cieIxVf/jFAzPYloShBWRgkulSRC2kxQaRRB2K+QZP1xl/7/ohXmBkZiM3bm776
j71uWFqKQpJXg0hRZdHlwg2tXBDaMxTI2vwC5K4XPKkxrA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:32 2024 by rpki-client on console-ams.rpki-client.org