Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2f218f6-1edd-4d3d-a03c-7d9a289fe4a8.roa
File: c2f218f6-1edd-4d3d-a03c-7d9a289fe4a8.roa (raw, json)
Hash identifier: t2c0Ok501TLAYU4Yxd9fi/Uw2y1Mc6qitKJU0PbwO1o=
Subject key identifier: F1:34:8C:6D:58:AE:0A:B3:43:8D:79:4F:E7:70:23:B2:BF:E3:05:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 118AEAFEEBE32566D6C5E326C12066C1E1CDAEEA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2f218f6-1edd-4d3d-a03c-7d9a289fe4a8.roa
Signing time: Mon 04 Sep 2023 00:00:00 +0000
ROA not before: Mon 04 Sep 2023 00:00:00 +0000
ROA not after: Mon 09 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Sep 2023 14:44:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:8a:ea:fe:eb:e3:25:66:d6:c5:e3:26:c1:20:66:c1:e1:cd:ae:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 4 00:00:00 2023 GMT
Not After : Oct 9 23:59:59 2023 GMT
Subject: serialNumber=4a84c0213b3939cbcc466ffec09bf5949647ac196f2d304dcd04ff00a9f748c0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a9:ac:6c:91:8e:64:14:14:83:15:70:c0:b5:
a7:e9:6a:7e:d0:fb:9a:e1:7f:28:e9:cf:0f:10:1d:
26:95:e9:c2:90:98:60:10:37:d5:87:b8:1b:b5:53:
cd:b9:f0:03:e6:2b:44:4e:fe:51:23:20:6d:49:84:
c3:45:e5:b5:d7:10:df:ef:64:bf:01:fe:b3:84:c8:
d2:95:19:9f:eb:d2:41:12:e0:54:1c:ec:9b:ed:93:
2d:50:79:4a:04:2a:c6:5c:c5:2e:da:85:8a:49:71:
df:9e:7e:ad:f2:5e:eb:c4:da:a7:cf:bf:48:63:99:
b4:64:49:1a:7c:99:fe:d9:6b:69:27:8b:db:86:ee:
75:c5:95:6b:ba:9c:e2:12:d8:cd:09:9f:47:d4:b4:
9c:ed:24:2c:18:cc:fe:c4:21:4f:99:2e:27:4b:f9:
4a:b8:7c:57:f3:b8:61:a4:40:be:ec:37:b7:a3:ee:
02:b7:ef:2f:3c:4c:62:30:eb:d0:3f:69:28:c5:11:
00:0e:b3:f6:b4:cd:1b:b1:ea:7b:95:50:43:8b:04:
92:4d:01:96:9d:6d:fd:fe:98:c5:23:a1:c3:45:62:
63:48:8b:2b:c3:e0:3f:d0:f7:4d:32:80:31:f7:71:
84:bb:69:bd:9e:64:50:a9:87:45:9a:f5:ce:b3:9c:
db:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:34:8C:6D:58:AE:0A:B3:43:8D:79:4F:E7:70:23:B2:BF:E3:05:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2f218f6-1edd-4d3d-a03c-7d9a289fe4a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5a:09:e0:03:e3:f4:b2:65:8c:43:5a:06:fc:a5:d9:ab:24:7a:
d6:d0:22:71:cf:fc:9e:d9:60:a4:4d:27:f1:44:da:a8:97:2d:
59:85:a2:34:60:83:c6:12:8a:7b:3a:10:31:af:4c:8f:9e:4b:
5f:59:45:01:1d:ff:71:dd:6b:fb:6b:f6:80:ea:fd:de:30:b9:
b1:97:45:b0:35:49:11:1b:74:a9:47:98:22:0c:97:33:2b:8c:
57:6a:4b:9e:4d:d4:af:3b:32:67:9a:ea:be:9d:05:62:d7:40:
f6:1e:58:59:2c:a9:94:95:ed:51:47:f9:e9:c5:00:d9:30:36:
e0:ca:da:b0:00:2a:af:18:6b:84:ba:e3:15:f0:12:3d:5b:09:
4a:0c:20:c7:f2:23:9a:2c:08:8b:25:a8:d2:99:a3:ed:1d:ff:
9b:95:0c:af:9c:29:0b:5a:5c:9b:e8:4a:78:5c:c3:12:31:0c:
bc:57:ab:e9:c0:53:6b:de:5b:43:03:3e:c5:5f:eb:67:b6:48:
e3:49:bc:17:56:c0:06:2c:18:46:89:fe:94:79:8d:c4:8d:bd:
a4:eb:e9:98:d3:90:aa:f4:a5:46:d1:bd:b9:6d:63:87:98:0d:
54:0a:ac:1f:cd:73:15:8e:1f:f2:99:77:f0:d9:2c:cb:81:e3:
a8:cf:a4:3f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEYrq/uvjJWbWxeMmwSBmweHNruowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDQwMDAwMDBaFw0yMzEwMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhODRjMDIxM2IzOTM5Y2JjYzQ2NmZmZWMwOWJmNTk0OTY0N2FjMTk2ZjJk
MzA0ZGNkMDRmZjAwYTlmNzQ4YzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKeprGyRjmQUFIMVcMC1p+lqftD7muF/KOnPDxAdJpXpwpCYYBA31Ye4G7VT
zbnwA+YrRE7+USMgbUmEw0XltdcQ3+9kvwH+s4TI0pUZn+vSQRLgVBzsm+2TLVB5
SgQqxlzFLtqFiklx355+rfJe68Tap8+/SGOZtGRJGnyZ/tlraSeL24budcWVa7qc
4hLYzQmfR9S0nO0kLBjM/sQhT5kuJ0v5Srh8V/O4YaRAvuw3t6PuArfvLzxMYjDr
0D9pKMURAA6z9rTNG7Hqe5VQQ4sEkk0Blp1t/f6YxSOhw0ViY0iLK8PgP9D3TTKA
MfdxhLtpvZ5kUKmHRZr1zrOc2/MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTxNIxt
WK4Ks0ONeU/ncCOyv+MFjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzJmMjE4ZjYtMWVkZC00ZDNkLWEwM2MtN2Q5YTI4OWZlNGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDALAiMA0G
CSqGSIb3DQEBCwUAA4IBAQBaCeAD4/SyZYxDWgb8pdmrJHrW0CJxz/ye2WCkTSfx
RNqoly1ZhaI0YIPGEop7OhAxr0yPnktfWUUBHf9x3Wv7a/aA6v3eMLmxl0WwNUkR
G3SpR5giDJczK4xXakueTdSvOzJnmuq+nQVi10D2HlhZLKmUle1RR/npxQDZMDbg
ytqwACqvGGuEuuMV8BI9WwlKDCDH8iOaLAiLJajSmaPtHf+blQyvnCkLWlyb6Ep4
XMMSMQy8V6vpwFNr3ltDAz7FX+tntkjjSbwXVsAGLBhGif6UeY3Ejb2k6+mY05Cq
9KVG0b25bWOHmA1UCqwfzXMVjh/ymXfw2SzLgeOoz6Q/
-----END CERTIFICATE-----
Generated at Mon Sep 4 15:38:31 2023 by rpki-client on console-fra.rpki-client.org