Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2cb3d7-ba4b-4b69-8603-f7aa5683c7ba.roa
File: 9d2cb3d7-ba4b-4b69-8603-f7aa5683c7ba.roa (raw, json)
Hash identifier: OAdm7rDNhmBVGG77NMfwhxrVUF8c82+U3EzoAJASz2s=
Subject key identifier: 98:32:90:41:69:78:C1:1C:F1:7C:65:4E:46:B7:E0:8E:88:FF:76:52
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3AC162DE015D1CABA3AB46E9F417F993F2CE0811
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2cb3d7-ba4b-4b69-8603-f7aa5683c7ba.roa
Signing time: Fri 29 Sep 2023 00:00:00 +0000
ROA not before: Fri 29 Sep 2023 00:00:00 +0000
ROA not after: Fri 03 Nov 2023 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 29 Sep 2023 19:20:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:c1:62:de:01:5d:1c:ab:a3:ab:46:e9:f4:17:f9:93:f2:ce:08:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 29 00:00:00 2023 GMT
Not After : Nov 3 23:59:59 2023 GMT
Subject: serialNumber=94c6737d8ae5bfcc1dd54b1ecd8d91e489d856b4a86e0bc26268629853e72d97, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a2:82:cf:79:df:47:67:f0:5f:d9:31:e7:4e:
89:83:d4:0e:5d:e9:ad:6d:a2:d2:e1:b1:57:f8:d3:
60:10:ef:b0:de:e5:f5:a0:12:79:d8:fa:b6:0e:03:
1e:85:fd:60:41:35:af:f4:d4:21:5f:ad:29:41:78:
3a:4c:cd:5c:c9:ac:45:3d:e5:29:ff:fa:6b:14:ae:
12:97:2a:ab:b9:f5:85:20:c1:e2:86:b2:07:8f:3c:
f7:70:01:51:cd:b2:ee:32:3a:5c:63:21:da:e3:ef:
09:03:82:64:c0:cb:e5:45:a0:b8:6d:e8:47:15:5f:
2d:f0:bf:6f:c6:4e:f7:d3:56:76:7b:fc:28:34:9c:
79:d5:eb:4d:77:a4:6e:91:ba:8e:cb:80:4f:58:6c:
38:b8:0b:b2:e3:10:8e:32:d7:d2:60:8f:8b:0a:23:
28:f2:65:de:85:0f:d2:6d:54:5c:42:6f:ac:d9:fd:
b9:7a:15:93:49:2a:8c:dd:7e:bf:d9:d2:50:99:ce:
10:34:54:b8:ec:4b:f0:51:df:06:bb:41:4e:bd:56:
cb:51:b0:02:92:be:a8:59:8b:cd:05:22:20:5b:53:
11:55:5f:49:c3:e9:9b:51:83:be:f0:15:25:25:0b:
8f:84:5d:e1:2d:00:c9:af:38:26:88:49:07:77:15:
de:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:32:90:41:69:78:C1:1C:F1:7C:65:4E:46:B7:E0:8E:88:FF:76:52
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2cb3d7-ba4b-4b69-8603-f7aa5683c7ba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b8:28:a4:b9:de:e1:5e:7e:61:f9:d6:8b:16:cc:e0:8f:19:11:
ff:c7:6b:92:16:ab:56:a1:20:bb:d0:96:99:61:b3:33:b7:02:
6e:99:cd:4d:dd:a7:cf:e8:8d:93:d5:87:f2:31:2b:d7:f2:09:
cc:82:ec:de:38:fd:31:35:89:0d:36:9b:79:24:fd:27:d9:bf:
34:07:bf:79:74:08:0d:32:6e:53:e4:e2:54:38:21:86:67:ff:
04:d2:76:8b:0c:42:4c:b7:68:80:c4:05:28:59:7a:c2:a2:0b:
2d:b7:02:a9:af:29:0c:36:0f:93:23:15:9c:92:d2:eb:2a:6f:
1e:d0:c6:8c:c3:d0:e7:08:c6:69:f4:e2:10:af:c7:d3:23:db:
1c:1d:b1:67:80:73:e3:26:60:3a:86:95:f4:14:61:c4:de:2f:
8d:c3:8a:7e:44:a3:5b:76:b7:1e:40:9e:97:6f:b9:ff:85:d7:
f9:8b:99:e2:76:ee:21:c9:16:fe:c8:df:c1:7c:ad:20:f0:55:
a2:72:28:e2:15:2b:d4:00:f6:43:19:86:80:98:c9:48:c5:d6:
0f:2a:bf:13:ba:ea:0e:2c:c5:18:06:cf:3b:46:e2:ca:c0:2c:
0d:80:9d:fc:98:92:89:51:90:13:5b:9d:52:62:57:b3:7f:07:
f3:45:df:2c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOsFi3gFdHKujq0bp9Bf5k/LOCBEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MjkwMDAwMDBaFw0yMzExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDk0YzY3MzdkOGFlNWJmY2MxZGQ1NGIxZWNkOGQ5MWU0ODlkODU2YjRhODZl
MGJjMjYyNjg2Mjk4NTNlNzJkOTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKaigs9530dn8F/ZMedOiYPUDl3prW2i0uGxV/jTYBDvsN7l9aASedj6tg4D
HoX9YEE1r/TUIV+tKUF4OkzNXMmsRT3lKf/6axSuEpcqq7n1hSDB4oayB48893AB
Uc2y7jI6XGMh2uPvCQOCZMDL5UWguG3oRxVfLfC/b8ZO99NWdnv8KDScedXrTXek
bpG6jsuAT1hsOLgLsuMQjjLX0mCPiwojKPJl3oUP0m1UXEJvrNn9uXoVk0kqjN1+
v9nSUJnOEDRUuOxL8FHfBrtBTr1Wy1GwApK+qFmLzQUiIFtTEVVfScPpm1GDvvAV
JSULj4Rd4S0Aya84JohJB3cV3jkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSYMpBB
aXjBHPF8ZU5Gt+COiP92UjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWQyY2IzZDctYmE0Yi00YjY5LTg2MDMtZjdhYTU2ODNjN2JhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBrAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAuCikud7hXn5h+daLFszgjxkR/8drkharVqEgu9CW
mWGzM7cCbpnNTd2nz+iNk9WH8jEr1/IJzILs3jj9MTWJDTabeST9J9m/NAe/eXQI
DTJuU+TiVDghhmf/BNJ2iwxCTLdogMQFKFl6wqILLbcCqa8pDDYPkyMVnJLS6ypv
HtDGjMPQ5wjGafTiEK/H0yPbHB2xZ4Bz4yZgOoaV9BRhxN4vjcOKfkSjW3a3HkCe
l2+5/4XX+YuZ4nbuIckW/sjfwXytIPBVonIo4hUr1AD2QxmGgJjJSMXWDyq/E7rq
DizFGAbPO0biysAsDYCd/JiSiVGQE1udUmJXs38H80XfLA==
-----END CERTIFICATE-----
Generated at Fri Sep 29 00:42:19 2023 by rpki-client on console-ams.rpki-client.org