Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2f218f6-1edd-4d3d-a03c-7d9a289fe4a8.roa
File: c2f218f6-1edd-4d3d-a03c-7d9a289fe4a8.roa (raw, json)
Hash identifier: 7Du0xG/p/B5UWN4C4mnJ6dykTaGVgMFxuOKaoBU1cds=
Subject key identifier: 88:8C:3D:49:CC:DF:59:A2:C1:11:9C:6A:EE:E3:B6:96:57:5F:B0:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A8D4CEFBA1EE573439E7EE191BD1396B9CD787A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2f218f6-1edd-4d3d-a03c-7d9a289fe4a8.roa
Signing time: Wed 17 Apr 2024 00:00:00 +0000
ROA not before: Wed 17 Apr 2024 00:00:00 +0000
ROA not after: Wed 22 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:8d:4c:ef:ba:1e:e5:73:43:9e:7e:e1:91:bd:13:96:b9:cd:78:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 00:00:00 2024 GMT
Not After : May 22 23:59:59 2024 GMT
Subject: serialNumber=9272b35237f86987b5d15c5a8e53726fb6d871ff0b4b6408ee9b97558bd83ffa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:5d:6d:6e:47:1a:d7:c5:38:2a:31:08:5f:71:
f0:c6:85:97:b2:5b:4b:6a:21:11:56:63:3f:10:ca:
ed:ff:9a:4d:04:44:3f:fc:e4:40:79:d8:48:37:b6:
86:29:20:8f:62:fc:d8:87:54:ba:5a:93:53:c4:23:
86:bd:59:55:b4:7b:8a:47:11:50:0e:04:a8:59:a7:
16:c9:37:95:69:8e:f5:18:b6:65:85:16:fc:fd:c4:
8e:53:74:ee:19:ba:43:9d:18:00:ab:04:82:d2:82:
b0:70:53:94:0d:e3:29:fb:e0:34:d1:dc:94:17:48:
2e:f6:16:0e:13:76:9e:9f:85:2f:b5:51:03:d6:a5:
17:b1:35:26:2f:41:0b:de:45:22:4f:e2:91:91:5d:
5b:93:0f:e3:1f:85:6d:7e:ed:d0:8c:e1:a8:ef:83:
41:b2:17:3a:9f:13:16:a4:b6:70:4b:b6:55:e6:65:
ae:00:1f:64:e9:91:eb:44:51:64:0e:a4:62:d0:c8:
f4:07:c4:1c:65:e1:36:a5:7f:f1:58:42:ba:79:49:
58:32:cf:4e:d6:bb:c6:89:51:c7:b1:28:89:42:1b:
51:09:be:bf:70:f6:0c:d0:40:3b:7b:1c:7a:7a:5c:
7b:30:2d:f4:2f:36:da:84:fa:c1:9c:70:c3:98:2f:
c5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:8C:3D:49:CC:DF:59:A2:C1:11:9C:6A:EE:E3:B6:96:57:5F:B0:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2f218f6-1edd-4d3d-a03c-7d9a289fe4a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
79:f5:26:46:c2:23:03:51:bb:6f:73:05:12:14:ab:5e:33:ee:
9e:33:50:ef:28:64:d9:66:a8:7e:82:9f:62:6b:5a:08:bf:d1:
75:7d:08:f2:cf:a8:6b:b3:c7:cd:e1:57:35:fa:80:ec:b1:ea:
c1:38:0b:55:4b:61:0f:18:f6:56:46:c9:d4:d0:6f:ad:55:42:
8c:0c:f7:9d:26:31:61:9f:c2:36:d2:34:92:35:13:42:78:48:
09:bc:9b:7e:b2:2f:b4:18:d8:af:33:49:82:a2:87:f0:af:bf:
b5:49:c6:ce:de:7d:92:15:78:96:7f:c2:2a:06:50:39:e1:69:
9b:a6:01:7d:3a:8b:65:03:6f:b8:de:06:5d:37:92:c6:ab:5f:
58:88:d8:77:24:59:40:e6:6d:90:03:99:e6:35:ec:ca:3c:4e:
f2:44:17:c2:8a:17:95:72:20:19:b9:88:19:2b:7b:c9:63:05:
35:4a:e4:b7:fb:e6:f8:5f:e4:a7:fd:a1:da:52:51:24:78:03:
b9:29:bf:47:98:82:bf:c0:c6:48:ef:cc:b7:c5:c8:34:e6:59:
db:90:ec:76:a5:99:49:66:44:7c:0d:02:90:5a:6b:95:10:4f:
44:dd:c6:d4:9d:eb:d0:9a:91:73:d5:49:83:14:10:37:e0:7b:
0f:cb:63:25
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKo1M77oe5XNDnn7hkb0TlrnNeHowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MTcwMDAwMDBaFw0yNDA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyNzJiMzUyMzdmODY5ODdiNWQxNWM1YThlNTM3MjZmYjZkODcxZmYwYjRi
NjQwOGVlOWI5NzU1OGJkODNmZmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANhdbW5HGtfFOCoxCF9x8MaFl7JbS2ohEVZjPxDK7f+aTQREP/zkQHnYSDe2
hikgj2L82IdUulqTU8Qjhr1ZVbR7ikcRUA4EqFmnFsk3lWmO9Ri2ZYUW/P3EjlN0
7hm6Q50YAKsEgtKCsHBTlA3jKfvgNNHclBdILvYWDhN2np+FL7VRA9alF7E1Ji9B
C95FIk/ikZFdW5MP4x+FbX7t0IzhqO+DQbIXOp8TFqS2cEu2VeZlrgAfZOmR60RR
ZA6kYtDI9AfEHGXhNqV/8VhCunlJWDLPTta7xolRx7EoiUIbUQm+v3D2DNBAO3sc
enpcezAt9C822oT6wZxww5gvxbECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSIjD1J
zN9ZosERnGru47aWV1+wATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzJmMjE4ZjYtMWVkZC00ZDNkLWEwM2MtN2Q5YTI4OWZlNGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDALAiMA0G
CSqGSIb3DQEBCwUAA4IBAQB59SZGwiMDUbtvcwUSFKteM+6eM1DvKGTZZqh+gp9i
a1oIv9F1fQjyz6hrs8fN4Vc1+oDsserBOAtVS2EPGPZWRsnU0G+tVUKMDPedJjFh
n8I20jSSNRNCeEgJvJt+si+0GNivM0mCoofwr7+1ScbO3n2SFXiWf8IqBlA54Wmb
pgF9OotlA2+43gZdN5LGq19YiNh3JFlA5m2QA5nmNezKPE7yRBfCiheVciAZuYgZ
K3vJYwU1SuS3++b4X+Sn/aHaUlEkeAO5Kb9HmIK/wMZI78y3xcg05lnbkOx2pZlJ
ZkR8DQKQWmuVEE9E3cbUnevQmpFz1UmDFBA34HsPy2Ml
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:31:27 2024 by rpki-client on console-fra.rpki-client.org