Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c1a0d893-d091-4e78-abe8-b838de0acdb4.roa
File: c1a0d893-d091-4e78-abe8-b838de0acdb4.roa (raw, json)
Hash identifier: 4P6ARVjMZuNn9+x7gyIh1d+LGTxaFXJfLv0H6p4hN9A=
Subject key identifier: 51:AB:42:D4:D7:67:DF:A5:88:D2:13:5D:04:A9:40:C1:E2:96:79:B8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 736EA72FE1BFB136DB7B33596BC1340E481BAA87
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c1a0d893-d091-4e78-abe8-b838de0acdb4.roa
Signing time: Wed 17 Apr 2024 00:00:00 +0000
ROA not before: Wed 17 Apr 2024 00:00:00 +0000
ROA not after: Wed 22 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 79.125.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:6e:a7:2f:e1:bf:b1:36:db:7b:33:59:6b:c1:34:0e:48:1b:aa:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 00:00:00 2024 GMT
Not After : May 22 23:59:59 2024 GMT
Subject: serialNumber=a3f9321ba3e8e95d83de37805d1613e136e6b10faf3f1c4bafdb609680393fed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:54:7e:91:e7:60:bf:fa:27:9d:ae:93:ff:21:
c9:4f:df:dc:9e:14:0f:cd:2d:d7:e3:ea:45:36:7e:
a9:91:1b:a7:d0:11:55:a5:9b:34:0e:3d:82:fe:b4:
86:81:f1:8e:fc:8a:4e:d7:2c:10:51:88:17:15:48:
94:db:74:8c:5d:63:65:09:55:33:33:8b:6c:e0:5a:
2e:73:05:98:1e:c4:ec:79:d2:22:90:62:03:8d:12:
69:c0:8e:b7:ae:50:62:39:9c:10:29:9c:11:e5:29:
d0:37:e1:44:d8:65:76:d5:6c:59:da:57:ef:91:43:
51:dd:1d:54:6e:ad:89:c7:39:e0:2b:ba:ed:64:5c:
26:cf:5d:90:80:a1:c1:c1:b7:42:21:57:54:50:27:
26:9e:e4:1e:25:6a:c1:b3:5c:87:61:ac:ed:91:3c:
b2:78:15:8e:7c:2b:e6:fd:e2:39:a0:68:4e:bf:cc:
62:f0:77:af:ce:ea:2d:1d:05:68:10:dd:17:6f:3f:
8c:6d:52:f4:45:bf:d6:18:a2:95:45:f0:05:6b:23:
56:e4:17:ed:98:13:05:c8:1f:9a:9b:06:76:f0:bc:
a3:01:c8:8d:32:e1:f4:4f:1e:6e:8b:fb:fa:dd:b8:
98:a2:c9:b7:43:07:e9:35:85:cf:66:47:36:a2:41:
d9:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:AB:42:D4:D7:67:DF:A5:88:D2:13:5D:04:A9:40:C1:E2:96:79:B8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c1a0d893-d091-4e78-abe8-b838de0acdb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.0.0/17
Signature Algorithm: sha256WithRSAEncryption
3a:f8:00:51:64:12:91:05:2e:95:04:8a:91:7d:24:a0:d4:69:
6b:b8:b4:f0:73:c6:07:01:13:60:d3:b4:ff:48:ac:bb:75:98:
fc:f9:a5:2d:33:3a:12:c0:fe:a3:42:ba:7f:a8:95:ec:31:63:
1f:e2:9b:da:22:68:e2:38:b4:ab:5e:3a:0f:fc:d0:fa:5f:e6:
16:69:51:fd:93:a7:67:d2:24:6d:cc:49:2b:14:b4:93:0f:d7:
a1:58:ed:c4:1c:e7:83:6b:6e:5b:e0:24:09:e1:f8:8a:cf:83:
46:89:22:df:87:2e:46:84:e4:c9:9f:09:52:f6:58:cb:31:d5:
5b:fd:00:2a:df:a4:40:28:5d:97:37:98:ed:d0:f7:44:91:7d:
d1:3e:ee:14:a2:20:61:b2:a2:86:6f:a5:27:20:12:01:c8:78:
03:a5:50:a7:09:d4:05:d5:b9:64:93:b6:c3:b2:4e:e4:45:27:
11:e2:64:7a:ce:76:ad:d8:a8:f5:7d:23:cb:9f:e7:8d:5a:34:
93:66:bc:f3:a1:7a:88:fa:82:9c:1b:49:c4:a2:79:60:69:ac:
de:de:c1:61:10:c8:15:98:d0:1b:d0:db:c1:4b:73:4d:f7:6a:
82:62:c4:52:d9:03:e3:f9:24:a5:ff:6a:45:80:5d:bc:65:4b:
17:3e:20:3d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUc26nL+G/sTbbezNZa8E0DkgbqocwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MTcwMDAwMDBaFw0yNDA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzZjkzMjFiYTNlOGU5NWQ4M2RlMzc4MDVkMTYxM2UxMzZlNmIxMGZhZjNm
MWM0YmFmZGI2MDk2ODAzOTNmZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJdUfpHnYL/6J52uk/8hyU/f3J4UD80t1+PqRTZ+qZEbp9ARVaWbNA49gv60
hoHxjvyKTtcsEFGIFxVIlNt0jF1jZQlVMzOLbOBaLnMFmB7E7HnSIpBiA40SacCO
t65QYjmcECmcEeUp0DfhRNhldtVsWdpX75FDUd0dVG6ticc54Cu67WRcJs9dkICh
wcG3QiFXVFAnJp7kHiVqwbNch2Gs7ZE8sngVjnwr5v3iOaBoTr/MYvB3r87qLR0F
aBDdF28/jG1S9EW/1hiilUXwBWsjVuQX7ZgTBcgfmpsGdvC8owHIjTLh9E8ebov7
+t24mKLJt0MH6TWFz2ZHNqJB2bECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRRq0LU
12ffpYjSE10EqUDB4pZ5uDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzFhMGQ4OTMtZDA5MS00ZTc4LWFiZTgtYjgzOGRlMGFjZGI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB099ADAN
BgkqhkiG9w0BAQsFAAOCAQEAOvgAUWQSkQUulQSKkX0koNRpa7i08HPGBwETYNO0
/0isu3WY/PmlLTM6EsD+o0K6f6iV7DFjH+Kb2iJo4ji0q146D/zQ+l/mFmlR/ZOn
Z9IkbcxJKxS0kw/XoVjtxBzng2tuW+AkCeH4is+DRoki34cuRoTkyZ8JUvZYyzHV
W/0AKt+kQChdlzeY7dD3RJF90T7uFKIgYbKihm+lJyASAch4A6VQpwnUBdW5ZJO2
w7JO5EUnEeJkes52rdio9X0jy5/njVo0k2a886F6iPqCnBtJxKJ5YGms3t7BYRDI
FZjQG9DbwUtzTfdqgmLEUtkD4/kkpf9qRYBdvGVLFz4gPQ==
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:23 2024 by rpki-client on console-ams.rpki-client.org