Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868bb3c8-7825-4e79-8a14-42d9fac4e917.roa
File: 868bb3c8-7825-4e79-8a14-42d9fac4e917.roa (raw, json)
Hash identifier: gZEgJwDUuvH3XHEevV/RZiEe+Yck/7iBw5Pzdh33bNo=
Subject key identifier: 08:44:D1:4B:FD:49:52:F8:6B:9E:AA:1F:B7:28:D5:D0:AB:2A:9E:BC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3E746214983F6CC6AC2D932DC45CE89CFF63F118
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868bb3c8-7825-4e79-8a14-42d9fac4e917.roa
Signing time: Wed 17 Apr 2024 00:00:00 +0000
ROA not before: Wed 17 Apr 2024 00:00:00 +0000
ROA not after: Wed 22 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:74:62:14:98:3f:6c:c6:ac:2d:93:2d:c4:5c:e8:9c:ff:63:f1:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 00:00:00 2024 GMT
Not After : May 22 23:59:59 2024 GMT
Subject: serialNumber=a525be2e3bc0b4fa9119032a4efd0c4858171780ab08d9b945e7daf657f5a57b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0c:21:1f:02:79:74:72:be:5f:79:03:41:81:
5b:25:78:b8:10:d1:75:97:43:a5:c5:af:ff:6f:5b:
2e:ac:23:5f:f5:6e:2a:3b:0d:40:b1:06:3d:b4:d3:
ca:18:12:e5:59:ac:c1:62:81:33:96:0a:9c:82:0e:
1a:b1:fc:39:b6:94:86:37:62:6e:7e:08:98:d5:01:
2b:5e:32:5c:2f:47:81:69:a8:b6:11:a7:f0:94:2b:
43:8a:df:0b:f1:21:80:59:66:78:72:44:00:00:d7:
79:9b:ea:e3:45:f1:28:74:40:6c:e6:78:3b:46:0a:
35:17:32:bf:fc:c9:12:da:a3:d6:d4:cc:e1:fc:80:
44:f6:08:58:97:5f:7c:7a:c3:60:bb:39:19:ea:63:
05:4e:cf:23:c9:e3:f4:4f:ea:9d:3d:8e:4d:4a:08:
ac:bc:69:86:f5:4e:54:77:97:11:50:43:2a:18:51:
c8:1e:f4:11:7f:53:59:0c:c9:1e:85:c6:e5:33:1d:
bd:7d:99:11:59:30:99:b9:84:8e:c9:8e:ae:6f:c5:
ab:55:09:0d:1c:02:64:61:4e:a2:1b:cb:13:57:68:
24:d3:6d:31:71:1a:07:19:c1:f6:62:b9:68:80:a6:
d9:40:51:12:75:b3:77:76:fd:ae:05:5b:9b:f1:65:
4b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:44:D1:4B:FD:49:52:F8:6B:9E:AA:1F:B7:28:D5:D0:AB:2A:9E:BC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868bb3c8-7825-4e79-8a14-42d9fac4e917.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.0.0/17
Signature Algorithm: sha256WithRSAEncryption
0b:3f:36:06:78:bc:bb:a1:4d:03:dd:c4:f6:d5:85:dc:ae:5f:
e4:26:c6:72:41:a4:3e:7f:b4:a0:ef:b6:73:f4:92:eb:c0:cc:
f3:0c:be:1c:2a:54:07:9b:8c:66:96:3a:ca:df:82:61:bf:07:
6e:6d:f6:54:c0:40:64:ee:e2:91:98:79:e9:20:d2:e7:c1:8f:
58:43:00:05:dd:9f:ed:ba:a0:0d:f8:cf:25:28:dd:e8:b5:ce:
18:c5:2d:54:a8:c5:f1:5a:f9:d6:20:fe:8b:7d:01:c9:ef:1a:
43:41:6e:b7:04:5a:70:f4:2b:88:ec:15:24:48:3a:85:1e:90:
b9:8d:ca:ff:5f:b5:34:da:af:14:38:0d:be:fc:53:24:30:10:
69:0d:9f:ba:a8:fe:9b:25:ff:ad:f3:3b:5a:80:c5:99:c7:41:
20:0b:4d:b2:38:ca:be:74:07:a4:a7:21:6b:dd:f0:b2:9e:e5:
b4:be:d4:29:45:bb:2a:9d:64:f0:66:bc:3c:3e:bf:0b:71:74:
75:6c:c3:8a:70:0f:bc:23:a1:0f:d8:40:76:18:1e:0f:1e:73:
38:17:7a:76:1a:a5:27:54:62:ba:be:b9:1d:7d:cd:57:e4:2d:
69:f8:3a:9e:33:cc:d2:09:fb:c8:42:e4:fd:44:f7:d6:bd:0c:
db:24:a3:b3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPnRiFJg/bMasLZMtxFzonP9j8RgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MTcwMDAwMDBaFw0yNDA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1MjViZTJlM2JjMGI0ZmE5MTE5MDMyYTRlZmQwYzQ4NTgxNzE3ODBhYjA4
ZDliOTQ1ZTdkYWY2NTdmNWE1N2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIwMIR8CeXRyvl95A0GBWyV4uBDRdZdDpcWv/29bLqwjX/VuKjsNQLEGPbTT
yhgS5VmswWKBM5YKnIIOGrH8ObaUhjdibn4ImNUBK14yXC9HgWmothGn8JQrQ4rf
C/EhgFlmeHJEAADXeZvq40XxKHRAbOZ4O0YKNRcyv/zJEtqj1tTM4fyARPYIWJdf
fHrDYLs5GepjBU7PI8nj9E/qnT2OTUoIrLxphvVOVHeXEVBDKhhRyB70EX9TWQzJ
HoXG5TMdvX2ZEVkwmbmEjsmOrm/Fq1UJDRwCZGFOohvLE1doJNNtMXEaBxnB9mK5
aICm2UBREnWzd3b9rgVbm/FlS5UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQIRNFL
/UlS+Gueqh+3KNXQqyqevDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODY4YmIzYzgtNzgyNS00ZTc5LThhMTQtNDJkOWZhYzRlOTE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB099ADAN
BgkqhkiG9w0BAQsFAAOCAQEACz82Bni8u6FNA93E9tWF3K5f5CbGckGkPn+0oO+2
c/SS68DM8wy+HCpUB5uMZpY6yt+CYb8Hbm32VMBAZO7ikZh56SDS58GPWEMABd2f
7bqgDfjPJSjd6LXOGMUtVKjF8Vr51iD+i30Bye8aQ0FutwRacPQriOwVJEg6hR6Q
uY3K/1+1NNqvFDgNvvxTJDAQaQ2fuqj+myX/rfM7WoDFmcdBIAtNsjjKvnQHpKch
a93wsp7ltL7UKUW7Kp1k8Ga8PD6/C3F0dWzDinAPvCOhD9hAdhgeDx5zOBd6dhql
J1Riur65HX3NV+Qtafg6njPM0gn7yELk/UT31r0M2ySjsw==
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:11 2024 by rpki-client on console-fra.rpki-client.org