Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b695a6b-ec66-4d2c-9703-db1465b53dd4.roa
File: 6b695a6b-ec66-4d2c-9703-db1465b53dd4.roa (raw, json)
Hash identifier: Kx8vwe6ubxtM4qE391ivye6dqTV5/KBt8guz4uaCsPk=
Subject key identifier: 5D:BC:6B:B0:B5:A7:E7:E0:35:BB:DD:F2:51:D8:A9:81:D8:01:3A:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1347648453ECE869541859510CA4A78E71440656
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b695a6b-ec66-4d2c-9703-db1465b53dd4.roa
Signing time: Wed 04 Oct 2023 00:00:00 +0000
ROA not before: Wed 04 Oct 2023 00:00:00 +0000
ROA not after: Wed 08 Nov 2023 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Oct 2023 16:56:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:47:64:84:53:ec:e8:69:54:18:59:51:0c:a4:a7:8e:71:44:06:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 4 00:00:00 2023 GMT
Not After : Nov 8 23:59:59 2023 GMT
Subject: serialNumber=0f5cdefadd548e7d091a48480fbfd9fee805ebbdc6bb1fc87e40c568c0a4505a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:80:fb:cd:35:c1:ff:85:79:37:b5:b3:f5:c7:
c2:ca:df:16:34:a3:78:da:97:33:69:9b:21:12:33:
90:2f:1b:83:50:19:40:ef:3e:5d:cc:6d:8a:fc:7d:
13:e0:65:34:de:e3:b3:87:c6:7b:51:5f:95:79:d4:
5f:e3:79:97:8c:21:5b:07:b8:49:af:a8:04:c8:17:
47:64:c8:2d:3c:fe:a6:43:1f:08:06:cb:a0:3f:05:
f0:e8:ad:15:7d:6d:43:92:46:09:fd:4b:6f:99:e9:
d7:a9:c7:e8:da:9b:8c:75:a3:4a:de:5b:9c:69:be:
6c:0e:2c:52:ee:9d:9a:4d:f8:dc:af:b9:06:ab:67:
a1:e6:c6:79:c8:1d:0f:0e:11:a6:c1:02:9f:b2:1a:
b8:14:23:63:62:93:a7:da:98:70:12:1b:46:a9:3d:
de:c4:f9:cd:d6:d4:fc:74:30:9b:db:c2:0b:9d:94:
55:d6:1a:85:cc:2b:62:e3:7a:ef:e3:ff:04:9d:32:
1e:44:b2:e9:80:b0:b2:c7:97:c3:ea:07:b7:4c:fc:
49:f5:63:ff:8e:be:15:a1:51:ac:e1:2d:a6:00:54:
d4:93:20:66:6d:55:62:d4:d9:da:f5:2e:c5:df:d9:
60:c6:03:ad:04:ed:10:c2:88:e5:7e:79:79:36:fe:
05:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:BC:6B:B0:B5:A7:E7:E0:35:BB:DD:F2:51:D8:A9:81:D8:01:3A:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b695a6b-ec66-4d2c-9703-db1465b53dd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.128.0/17
Signature Algorithm: sha256WithRSAEncryption
a6:e4:cd:88:d7:e6:b7:d6:67:b8:e8:81:6b:c0:39:4d:c2:c5:
7e:98:63:b2:3b:99:dd:4b:2b:90:63:32:83:e8:74:87:3b:c3:
b1:6f:87:db:38:5d:a1:c2:28:0d:17:f9:22:3a:fa:c1:36:de:
85:c4:e7:c5:38:7b:4c:78:99:27:49:e1:1b:42:ce:57:f1:44:
ca:f7:be:4d:fd:1b:9c:15:07:90:4f:c3:88:7c:df:cf:07:52:
ce:b3:0b:16:78:5e:b6:32:a0:c2:b7:23:db:6d:77:b5:eb:18:
ed:2c:ed:2f:15:bd:ee:2d:96:b9:0c:cc:2c:a0:66:a4:01:e9:
1c:98:af:13:9b:7e:eb:e4:4f:76:1b:74:68:45:43:cb:00:2f:
71:28:97:57:09:a9:66:5b:4a:6b:6e:ad:c0:7b:29:20:e0:bf:
fa:ec:7b:cc:95:b5:98:89:23:4e:c4:53:76:3a:50:0d:8d:aa:
e3:7b:c6:5d:63:bb:d6:7e:fa:a3:d0:68:6a:15:e6:a4:28:d8:
9e:7a:dd:d7:e1:7c:d0:91:f4:11:4e:ee:b9:a4:2c:14:7e:c5:
73:aa:82:36:56:15:7a:55:66:9d:d1:c1:bf:51:c7:cd:73:0c:
16:e1:e8:ef:da:f5:8f:22:a7:5c:35:b3:ba:7e:41:54:b7:fc:
81:92:2e:2f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUE0dkhFPs6GlUGFlRDKSnjnFEBlYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzEwMDQwMDAwMDBaFw0yMzExMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmNWNkZWZhZGQ1NDhlN2QwOTFhNDg0ODBmYmZkOWZlZTgwNWViYmRjNmJi
MWZjODdlNDBjNTY4YzBhNDUwNWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKA+801wf+FeTe1s/XHwsrfFjSjeNqXM2mbIRIzkC8bg1AZQO8+Xcxtivx9
E+BlNN7js4fGe1FflXnUX+N5l4whWwe4Sa+oBMgXR2TILTz+pkMfCAbLoD8F8Oit
FX1tQ5JGCf1Lb5np16nH6NqbjHWjSt5bnGm+bA4sUu6dmk343K+5BqtnoebGecgd
Dw4RpsECn7IauBQjY2KTp9qYcBIbRqk93sT5zdbU/HQwm9vCC52UVdYahcwrYuN6
7+P/BJ0yHkSy6YCwsseXw+oHt0z8SfVj/46+FaFRrOEtpgBU1JMgZm1VYtTZ2vUu
xd/ZYMYDrQTtEMKI5X55eTb+BV0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRdvGuw
tafn4DW73fJR2KmB2AE6BzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmI2OTVhNmItZWM2Ni00ZDJjLTk3MDMtZGIxNDY1YjUzZGQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB7AigDAN
BgkqhkiG9w0BAQsFAAOCAQEApuTNiNfmt9ZnuOiBa8A5TcLFfphjsjuZ3UsrkGMy
g+h0hzvDsW+H2zhdocIoDRf5Ijr6wTbehcTnxTh7THiZJ0nhG0LOV/FEyve+Tf0b
nBUHkE/DiHzfzwdSzrMLFnhetjKgwrcj2213tesY7SztLxW97i2WuQzMLKBmpAHp
HJivE5t+6+RPdht0aEVDywAvcSiXVwmpZltKa26twHspIOC/+ux7zJW1mIkjTsRT
djpQDY2q43vGXWO71n76o9BoahXmpCjYnnrd1+F80JH0EU7uuaQsFH7Fc6qCNlYV
elVmndHBv1HHzXMMFuHo79r1jyKnXDWzun5BVLf8gZIuLw==
-----END CERTIFICATE-----
Generated at Wed Oct 4 00:31:03 2023 by rpki-client on console-fra.rpki-client.org