Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa
File: ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa (raw, json)
Hash identifier: /YvzUT634QBIFroOedwKTgKaWTq3Q7HWlTxGaAhAMTU=
Subject key identifier: 30:27:9C:95:4E:0C:46:CD:F4:9C:BF:6E:14:90:F1:79:1A:9A:D4:2D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2401EF8AADA3BCDDF1C0E2ADF6F400F41BA6DB74
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa
Signing time: Fri 29 Sep 2023 00:00:00 +0000
ROA not before: Fri 29 Sep 2023 00:00:00 +0000
ROA not after: Fri 03 Nov 2023 23:59:59 +0000
asID: 16509
IP address blocks: 87.238.80.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 29 Sep 2023 19:20:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:01:ef:8a:ad:a3:bc:dd:f1:c0:e2:ad:f6:f4:00:f4:1b:a6:db:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 29 00:00:00 2023 GMT
Not After : Nov 3 23:59:59 2023 GMT
Subject: serialNumber=209b93dae6622fbec7734cccf25d46f55b38096fa2d9c1873ce3c65a73c428fe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:bb:5a:83:9e:9d:f4:6a:37:d6:6a:80:e5:4d:
8c:04:be:cb:b7:9a:b8:3b:b2:e1:4f:da:fd:08:53:
95:1d:94:52:45:e2:d3:09:b4:8e:bc:df:3d:b8:7c:
0a:e2:aa:3d:e6:c1:a7:3c:8a:b2:6c:14:2c:c9:16:
34:c0:ea:c7:c4:fb:bd:92:02:75:2c:38:cd:de:f7:
9a:9d:45:92:81:97:7c:87:23:12:ed:66:fd:80:dd:
10:97:63:29:0f:54:e0:e0:b3:7d:73:d4:be:6b:27:
ab:a8:30:c1:f0:7f:f3:cb:ba:e4:5b:46:8f:dd:fe:
5d:d4:ec:56:c9:30:eb:ba:08:63:cc:c9:14:11:04:
e8:f5:63:73:a1:2c:db:4d:09:ac:41:1f:2f:85:ed:
a2:69:cc:42:09:0f:c9:eb:34:69:64:9e:9d:87:49:
06:9a:d3:4e:18:b5:ed:d8:a1:d7:1c:ce:f8:f0:de:
aa:68:b7:c4:e2:4b:e2:e6:77:27:a9:76:be:e3:27:
50:9a:be:a9:4f:cb:e3:1c:07:8e:8d:d7:d9:28:17:
44:ca:d1:8b:fe:f3:f7:21:92:86:e3:48:6a:90:19:
5a:31:86:b8:70:e8:e0:e2:ed:df:1a:60:a4:7d:cc:
e1:ab:97:bd:03:d8:46:dd:04:fc:b8:cb:16:a0:65:
41:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:27:9C:95:4E:0C:46:CD:F4:9C:BF:6E:14:90:F1:79:1A:9A:D4:2D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.80.0/21
Signature Algorithm: sha256WithRSAEncryption
64:85:b5:a0:ff:4a:aa:c0:86:28:d1:c2:dc:ba:ee:55:24:9a:
de:32:cd:25:2f:28:57:0a:8f:64:c0:d9:7d:92:d8:06:4e:69:
40:ba:0f:85:b3:e9:2d:8d:a9:85:3a:de:30:57:a4:81:e0:fc:
15:17:7e:78:4b:0f:a3:49:ed:7a:93:be:66:c7:01:32:34:7b:
36:d6:8c:27:46:2e:e7:da:22:f1:f6:f2:4a:e4:7b:fb:d5:f3:
1d:4d:25:c8:34:5e:08:0e:65:a8:7a:7b:d2:9b:07:4b:5f:ba:
de:bb:fb:62:93:e1:01:43:ee:da:1f:aa:e5:27:d1:34:c3:3b:
d9:bb:4f:98:61:e9:b3:4b:15:c3:5a:5c:6d:fe:f1:13:7e:10:
59:ca:47:20:05:ba:73:e9:c2:6f:b6:80:94:e0:1b:13:88:03:
59:eb:7b:0f:ee:5b:99:43:d1:af:24:f2:d4:31:50:da:29:f4:
47:a5:c4:05:62:40:4d:27:e0:f0:7a:52:9a:c5:60:91:74:1f:
e2:20:8f:c4:60:33:31:a6:1c:ff:8f:ee:be:93:f9:d6:a9:03:
70:b1:93:f9:81:45:0c:25:a0:7d:08:d8:c0:0f:b4:7b:d3:2c:
8a:5e:60:7c:f3:8c:e9:04:76:60:20:80:aa:9a:ff:82:91:09:
5f:54:8f:d5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJAHviq2jvN3xwOKt9vQA9Bum23QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MjkwMDAwMDBaFw0yMzExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwOWI5M2RhZTY2MjJmYmVjNzczNGNjY2YyNWQ0NmY1NWIzODA5NmZhMmQ5
YzE4NzNjZTNjNjVhNzNjNDI4ZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPG7WoOenfRqN9ZqgOVNjAS+y7eauDuy4U/a/QhTlR2UUkXi0wm0jrzfPbh8
CuKqPebBpzyKsmwULMkWNMDqx8T7vZICdSw4zd73mp1FkoGXfIcjEu1m/YDdEJdj
KQ9U4OCzfXPUvmsnq6gwwfB/88u65FtGj93+XdTsVskw67oIY8zJFBEE6PVjc6Es
200JrEEfL4XtomnMQgkPyes0aWSenYdJBprTThi17dih1xzO+PDeqmi3xOJL4uZ3
J6l2vuMnUJq+qU/L4xwHjo3X2SgXRMrRi/7z9yGShuNIapAZWjGGuHDo4OLt3xpg
pH3M4auXvQPYRt0E/LjLFqBlQT8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQwJ5yV
TgxGzfScv24UkPF5GprULTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmE3MGE4OWMtNWU2Yy00MGFjLTlhNzMtZjkyYmVlMDA1ZDViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1fuUDAN
BgkqhkiG9w0BAQsFAAOCAQEAZIW1oP9KqsCGKNHC3LruVSSa3jLNJS8oVwqPZMDZ
fZLYBk5pQLoPhbPpLY2phTreMFekgeD8FRd+eEsPo0ntepO+ZscBMjR7NtaMJ0Yu
59oi8fbySuR7+9XzHU0lyDReCA5lqHp70psHS1+63rv7YpPhAUPu2h+q5SfRNMM7
2btPmGHps0sVw1pcbf7xE34QWcpHIAW6c+nCb7aAlOAbE4gDWet7D+5bmUPRryTy
1DFQ2in0R6XEBWJATSfg8HpSmsVgkXQf4iCPxGAzMaYc/4/uvpP51qkDcLGT+YFF
DCWgfQjYwA+0e9Msil5gfPOM6QR2YCCAqpr/gpEJX1SP1Q==
-----END CERTIFICATE-----
Generated at Fri Sep 29 00:27:37 2023 by rpki-client on console-fra.rpki-client.org