Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2f218f6-1edd-4d3d-a03c-7d9a289fe4a8.roa
File: c2f218f6-1edd-4d3d-a03c-7d9a289fe4a8.roa (raw, json)
Hash identifier: K5MW+QJ6hXeMCjEsqnsVVX/ocfS9TXt6epuZdokD7UA=
Subject key identifier: 31:99:CF:E3:4C:F5:06:6D:76:5E:4E:E9:67:EE:DB:D8:B3:73:2F:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4C9AC0CD0CE1BD314CFAC4FC07081E8548834E32
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2f218f6-1edd-4d3d-a03c-7d9a289fe4a8.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Dec 2024 15:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:9a:c0:cd:0c:e1:bd:31:4c:fa:c4:fc:07:08:1e:85:48:83:4e:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=35aa7363a064d34f4e35450c6139099309c2edb4feaccaed4645ef4608959603, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c5:2e:73:d8:18:cc:91:a4:e2:82:29:0e:e7:
38:9f:9e:d1:e3:28:60:fd:f8:d5:1f:14:6c:a0:5a:
e6:68:07:fc:d6:41:d9:85:a0:d8:26:96:5d:93:f6:
83:21:d0:52:1f:5a:0d:ee:3d:47:88:7b:36:56:17:
4b:c4:bb:e3:fe:12:85:2f:30:b7:04:40:90:19:8d:
2b:36:fe:5e:64:39:56:45:53:37:5d:a3:36:2e:5d:
d8:da:41:ad:05:d2:18:d7:77:e9:1d:2a:f3:87:48:
36:80:b2:91:64:62:25:02:2c:9c:c8:76:01:62:7a:
81:2f:10:e1:67:53:18:fb:ec:91:6b:5a:34:6f:d4:
50:c2:0d:0a:48:d8:48:2c:db:0f:fd:f8:c3:07:dc:
bc:b9:f0:94:29:8c:3d:07:20:68:09:b0:fc:f5:ea:
5a:c5:76:4b:8a:a1:1e:2d:9d:4d:01:6d:81:10:1d:
35:4c:bd:91:6c:48:69:40:1d:c1:83:49:2e:4d:a8:
5e:c5:c8:12:90:6e:6a:d8:19:a3:1c:ef:7e:5d:82:
99:92:fb:c7:4d:f7:fb:db:3a:9d:55:79:30:ba:ef:
02:27:47:50:c3:22:86:52:d6:83:a4:7b:f9:08:e9:
22:50:fa:3c:0c:95:76:ad:90:e3:90:82:1f:e1:9b:
ce:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:99:CF:E3:4C:F5:06:6D:76:5E:4E:E9:67:EE:DB:D8:B3:73:2F:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2f218f6-1edd-4d3d-a03c-7d9a289fe4a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
95:fa:53:e6:a4:97:56:4c:53:22:22:f9:0e:18:b4:ec:07:66:
c8:90:cd:41:d6:89:ca:15:5a:ab:38:a9:1b:0f:b6:ac:74:5f:
93:c8:52:0d:7e:9c:70:47:29:e8:77:84:0c:1c:28:23:fa:4b:
cb:19:e1:07:3c:36:a2:24:4b:74:2b:f3:d4:83:66:29:13:c9:
db:4b:ac:44:ff:c4:96:99:8c:ff:4d:a9:0d:cf:e1:bf:ec:45:
6a:8d:20:1a:42:0f:86:9c:b9:58:a5:7c:cc:92:40:95:34:b4:
ea:ec:f5:ae:d8:cb:87:f9:e4:99:69:75:b8:d6:98:03:aa:80:
34:59:d0:c0:49:93:8a:f2:5e:54:4f:2f:2f:20:51:80:ce:2e:
42:cc:0a:00:a6:1e:9d:59:bf:9b:e6:4c:aa:6d:33:15:41:c4:
af:43:41:21:7b:15:3c:c6:1f:6a:e3:cf:8b:bc:6f:f8:6e:61:
12:f2:55:cf:48:7c:8a:0f:75:a4:d3:4c:ef:b9:66:04:15:a5:
0e:39:ca:17:7c:9d:a9:aa:d4:ef:77:44:24:28:8e:26:07:59:
32:3c:8e:8b:cd:9e:42:af:6d:87:fa:c2:fa:4b:08:23:b8:b2:
9e:a2:fe:b8:a9:b7:4e:ce:d7:87:a5:5d:44:c0:4e:94:87:b6:
dd:c2:04:ef
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTJrAzQzhvTFM+sT8BwgehUiDTjIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1YWE3MzYzYTA2NGQzNGY0ZTM1NDUwYzYxMzkwOTkzMDljMmVkYjRmZWFj
Y2FlZDQ2NDVlZjQ2MDg5NTk2MDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN/FLnPYGMyRpOKCKQ7nOJ+e0eMoYP341R8UbKBa5mgH/NZB2YWg2CaWXZP2
gyHQUh9aDe49R4h7NlYXS8S74/4ShS8wtwRAkBmNKzb+XmQ5VkVTN12jNi5d2NpB
rQXSGNd36R0q84dINoCykWRiJQIsnMh2AWJ6gS8Q4WdTGPvskWtaNG/UUMINCkjY
SCzbD/34wwfcvLnwlCmMPQcgaAmw/PXqWsV2S4qhHi2dTQFtgRAdNUy9kWxIaUAd
wYNJLk2oXsXIEpBuatgZoxzvfl2CmZL7x033+9s6nVV5MLrvAidHUMMihlLWg6R7
+QjpIlD6PAyVdq2Q45CCH+GbzlsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQxmc/j
TPUGbXZeTuln7tvYs3MvGzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzJmMjE4ZjYtMWVkZC00ZDNkLWEwM2MtN2Q5YTI4OWZlNGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDALAiMA0G
CSqGSIb3DQEBCwUAA4IBAQCV+lPmpJdWTFMiIvkOGLTsB2bIkM1B1onKFVqrOKkb
D7asdF+TyFINfpxwRynod4QMHCgj+kvLGeEHPDaiJEt0K/PUg2YpE8nbS6xE/8SW
mYz/TakNz+G/7EVqjSAaQg+GnLlYpXzMkkCVNLTq7PWu2MuH+eSZaXW41pgDqoA0
WdDASZOK8l5UTy8vIFGAzi5CzAoAph6dWb+b5kyqbTMVQcSvQ0EhexU8xh9q48+L
vG/4bmES8lXPSHyKD3Wk00zvuWYEFaUOOcoXfJ2pqtTvd0QkKI4mB1kyPI6LzZ5C
r22H+sL6SwgjuLKeov64qbdOzteHpV1EwE6Uh7bdwgTv
-----END CERTIFICATE-----
Generated at Wed Dec 4 22:56:28 2024 by rpki-client on console-ams.rpki-client.org