Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa
File: ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa (raw, json)
Hash identifier: SWuCnjqHNU8CdtFn99ZQpLWVLvbJ0ZjGklmWEMEn9Nw=
Subject key identifier: DA:26:90:48:96:D9:63:C7:B5:9C:85:A8:83:06:68:06:72:99:E2:B5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2F4A4EC452D1563D5A0791128AA61B5A020E5B49
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa
Signing time: Wed 17 Apr 2024 00:00:00 +0000
ROA not before: Wed 17 Apr 2024 00:00:00 +0000
ROA not after: Wed 22 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 87.238.80.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:4a:4e:c4:52:d1:56:3d:5a:07:91:12:8a:a6:1b:5a:02:0e:5b:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 00:00:00 2024 GMT
Not After : May 22 23:59:59 2024 GMT
Subject: serialNumber=050840f744a72d1a187e7053fdb973006bb2c0b5fe39cca6fc60b4a0c61e807d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4a:36:6f:0d:eb:c5:39:72:3a:4f:87:2f:7b:
ee:88:a3:68:ef:6b:7e:6b:d6:00:0b:ee:8f:95:29:
bf:63:eb:64:da:5a:d6:10:db:36:10:6b:33:2c:d6:
54:8c:b9:63:7a:38:ed:d1:22:9c:a7:99:72:ec:69:
89:30:b3:23:03:d4:da:03:08:e3:4b:0b:f6:56:8f:
4a:fa:c0:ad:0c:54:f1:ee:22:6a:4a:d5:a1:5c:30:
44:da:f9:71:fa:d0:24:b3:6e:00:09:b2:30:ff:8b:
9d:1f:c2:ea:e8:76:c7:a6:76:69:30:89:e2:6c:4b:
73:43:96:60:75:2c:f2:26:08:43:9b:77:dd:da:77:
9f:7f:33:49:92:3d:55:e0:05:d5:ff:80:47:c9:45:
a0:c0:e1:b2:87:fc:8e:bf:b1:6e:82:a5:e1:c5:41:
12:8a:0f:d0:21:fc:4d:d7:10:01:02:e5:07:49:87:
ae:bf:89:b6:d1:65:83:0b:ea:4b:50:0c:a4:72:ae:
4f:e7:7a:af:90:33:a5:40:5b:35:31:dc:5e:bf:de:
94:3b:b7:11:3c:73:5c:50:22:20:87:7a:c5:69:c3:
47:34:9a:bb:90:33:c2:1e:13:9c:92:f4:7f:df:32:
56:e3:bf:e0:50:1f:c2:5c:94:67:d1:f6:53:87:8e:
7e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:26:90:48:96:D9:63:C7:B5:9C:85:A8:83:06:68:06:72:99:E2:B5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.80.0/21
Signature Algorithm: sha256WithRSAEncryption
94:d7:9f:9c:be:57:1d:73:c4:da:1b:10:ed:03:95:ab:bd:cc:
cc:be:ad:7a:fb:b1:dc:f9:e9:56:6f:47:19:e0:32:99:62:2d:
d9:f9:8a:b6:0b:cc:18:85:75:9c:60:47:a8:56:c3:60:aa:a2:
cc:0b:c3:3a:f6:4d:b5:7b:af:66:47:eb:a9:95:e4:50:b3:bc:
d0:b5:fd:4d:17:a2:6e:50:df:bd:2d:6c:d8:50:1e:f2:4d:0f:
d0:e2:a5:9c:f7:12:73:e7:12:28:88:84:cb:2f:06:48:47:46:
48:fc:68:e2:11:cc:39:c0:9d:29:36:1e:70:c5:23:7b:53:ba:
6a:73:17:c0:dd:c4:1b:b7:6b:d5:5d:8a:55:a9:e0:cf:02:73:
fe:86:fe:02:b9:77:f1:91:e1:3c:6d:cf:4d:4a:8d:a1:1c:30:
d0:ab:20:ee:d7:09:83:ef:4c:16:0d:cb:c1:48:6d:a2:2f:ba:
1a:a0:a8:73:7d:f8:2c:61:7b:4a:ea:4b:e9:f6:5e:8b:69:45:
c8:af:e1:71:03:13:93:24:e1:48:16:e0:c9:ef:8f:b6:16:2b:
10:0f:16:ea:38:13:39:ad:5b:a1:eb:ba:5c:fc:44:4d:bb:7b:
44:66:a5:0e:b9:e4:6a:06:26:04:8b:60:48:67:e6:af:50:cd:
0a:cc:4d:2d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUL0pOxFLRVj1aB5ESiqYbWgIOW0kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MTcwMDAwMDBaFw0yNDA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1MDg0MGY3NDRhNzJkMWExODdlNzA1M2ZkYjk3MzAwNmJiMmMwYjVmZTM5
Y2NhNmZjNjBiNGEwYzYxZTgwN2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1KNm8N68U5cjpPhy977oijaO9rfmvWAAvuj5Upv2PrZNpa1hDbNhBrMyzW
VIy5Y3o47dEinKeZcuxpiTCzIwPU2gMI40sL9laPSvrArQxU8e4iakrVoVwwRNr5
cfrQJLNuAAmyMP+LnR/C6uh2x6Z2aTCJ4mxLc0OWYHUs8iYIQ5t33dp3n38zSZI9
VeAF1f+AR8lFoMDhsof8jr+xboKl4cVBEooP0CH8TdcQAQLlB0mHrr+JttFlgwvq
S1AMpHKuT+d6r5AzpUBbNTHcXr/elDu3ETxzXFAiIId6xWnDRzSau5Azwh4TnJL0
f98yVuO/4FAfwlyUZ9H2U4eOfpcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTaJpBI
ltljx7WchaiDBmgGcpnitTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmE3MGE4OWMtNWU2Yy00MGFjLTlhNzMtZjkyYmVlMDA1ZDViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1fuUDAN
BgkqhkiG9w0BAQsFAAOCAQEAlNefnL5XHXPE2hsQ7QOVq73MzL6tevux3PnpVm9H
GeAymWIt2fmKtgvMGIV1nGBHqFbDYKqizAvDOvZNtXuvZkfrqZXkULO80LX9TRei
blDfvS1s2FAe8k0P0OKlnPcSc+cSKIiEyy8GSEdGSPxo4hHMOcCdKTYecMUje1O6
anMXwN3EG7dr1V2KVangzwJz/ob+Arl38ZHhPG3PTUqNoRww0Ksg7tcJg+9MFg3L
wUhtoi+6GqCoc334LGF7SupL6fZei2lFyK/hcQMTkyThSBbgye+PthYrEA8W6jgT
Oa1boeu6XPxETbt7RGalDrnkagYmBItgSGfmr1DNCsxNLQ==
-----END CERTIFICATE-----
Generated at Fri Apr 19 01:16:39 2024 by rpki-client on console-fra.rpki-client.org