Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d54efbe8-e379-4fb9-8476-aa25678e8a06.roa
File: d54efbe8-e379-4fb9-8476-aa25678e8a06.roa (raw, json)
Hash identifier: POABJCwDMuQEj34/4AVvhquKNlP5mDlzQIHYAD8CKzM=
Subject key identifier: 73:FD:A2:2F:AA:92:EC:A4:31:00:DA:BD:A3:43:0E:4F:F8:CD:FB:FE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1249152DDDCAABBCFA112AD6BA7C3B2F1C7B0F52
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d54efbe8-e379-4fb9-8476-aa25678e8a06.roa
Signing time: Wed 17 Apr 2024 00:00:00 +0000
ROA not before: Wed 17 Apr 2024 00:00:00 +0000
ROA not after: Wed 22 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 46.51.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:49:15:2d:dd:ca:ab:bc:fa:11:2a:d6:ba:7c:3b:2f:1c:7b:0f:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 00:00:00 2024 GMT
Not After : May 22 23:59:59 2024 GMT
Subject: serialNumber=e45ef1d7866d59c18ccf9842c1b91183f40b521d5843cb0bdf931850bce52ad3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:80:31:b7:0e:c6:89:47:83:24:99:4d:39:aa:
2f:e7:8a:9a:53:7c:2b:8b:fa:1c:04:32:2c:b8:db:
90:8b:b5:86:ca:ab:66:62:74:95:e2:fe:28:d4:6c:
75:c7:2a:71:18:19:38:41:56:6d:2f:80:e7:da:f0:
22:96:2a:7d:63:d0:1e:0d:04:f4:24:8d:71:e0:26:
e6:33:b3:b0:59:59:fa:1a:54:5c:0d:d2:9b:9a:ae:
85:64:31:8e:b9:18:64:f1:d3:7b:7a:3d:e8:8b:53:
90:ef:08:53:f1:33:e4:ff:96:17:a7:33:a4:4a:39:
fb:a7:f8:81:e3:94:00:65:67:6c:4f:f3:6b:57:cb:
5d:be:f6:8b:7f:06:01:e1:2e:de:30:dc:39:40:b6:
c5:d4:3e:e1:02:47:fa:8d:cb:03:5d:14:cd:9b:88:
c3:68:74:27:29:b5:ee:49:1e:81:90:39:bd:a5:99:
a1:0f:f9:1e:10:46:37:b4:21:59:a9:22:3a:e2:21:
68:36:e7:a1:17:73:2f:de:27:53:e2:1a:02:a7:e0:
7f:9c:10:d2:7b:e4:b5:3f:49:cc:63:44:2f:ed:a2:
b4:e7:ac:e0:f6:07:ec:b2:9c:1c:29:aa:6a:27:0c:
0f:1f:bf:ad:d9:99:8c:2e:fc:7f:a4:e9:63:bb:f6:
85:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:FD:A2:2F:AA:92:EC:A4:31:00:DA:BD:A3:43:0E:4F:F8:CD:FB:FE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d54efbe8-e379-4fb9-8476-aa25678e8a06.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.128.0/17
Signature Algorithm: sha256WithRSAEncryption
2a:cf:73:43:fd:3b:7b:3a:ee:a7:84:54:82:47:cc:c8:ac:c1:
db:33:48:76:b9:84:3d:00:c7:5b:8c:cf:54:8a:09:57:7c:1a:
c7:97:1b:4f:99:01:4c:f4:08:72:64:ff:7b:f6:08:88:d2:64:
31:93:6b:c2:fc:f6:53:52:8f:b8:a4:26:ba:e3:a0:50:53:c1:
7b:c1:5a:e3:4e:ac:24:5b:d3:96:b7:bc:c8:23:ca:c5:57:7d:
42:0c:dd:dd:ff:49:68:fc:50:ec:4c:95:5c:b2:a7:c4:54:f7:
b5:4f:28:5a:33:a2:09:c0:ed:85:42:0e:de:64:37:9e:c5:d4:
2d:96:d5:5e:d5:8e:af:f7:85:d2:00:de:c7:03:a3:bb:0c:53:
4c:59:f0:21:58:76:a8:a8:1e:c3:ed:7f:d9:4c:ef:bd:17:12:
13:13:1f:83:86:7f:63:26:62:ae:b9:87:f7:87:16:2d:dc:82:
a1:13:4a:a8:47:7b:46:c2:c7:73:dd:65:0a:be:c7:63:b8:85:
c2:10:86:c0:5c:aa:37:95:09:c3:a4:38:97:78:48:62:ba:62:
7e:4a:89:cc:06:20:0f:2e:a5:2c:3b:2e:43:31:ac:14:20:f3:
09:41:28:eb:42:6b:dc:63:89:29:e9:ad:dc:dc:a4:3a:75:ff:
ed:1d:12:43
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEkkVLd3Kq7z6ESrWunw7Lxx7D1IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MTcwMDAwMDBaFw0yNDA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0NWVmMWQ3ODY2ZDU5YzE4Y2NmOTg0MmMxYjkxMTgzZjQwYjUyMWQ1ODQz
Y2IwYmRmOTMxODUwYmNlNTJhZDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANeAMbcOxolHgySZTTmqL+eKmlN8K4v6HAQyLLjbkIu1hsqrZmJ0leL+KNRs
dccqcRgZOEFWbS+A59rwIpYqfWPQHg0E9CSNceAm5jOzsFlZ+hpUXA3Sm5quhWQx
jrkYZPHTe3o96ItTkO8IU/Ez5P+WF6czpEo5+6f4geOUAGVnbE/za1fLXb72i38G
AeEu3jDcOUC2xdQ+4QJH+o3LA10UzZuIw2h0Jym17kkegZA5vaWZoQ/5HhBGN7Qh
WakiOuIhaDbnoRdzL94nU+IaAqfgf5wQ0nvktT9JzGNEL+2itOes4PYH7LKcHCmq
aicMDx+/rdmZjC78f6TpY7v2hTcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRz/aIv
qpLspDEA2r2jQw5P+M37/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDU0ZWZiZTgtZTM3OS00ZmI5LTg0NzYtYWEyNTY3OGU4YTA2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBy4zgDAN
BgkqhkiG9w0BAQsFAAOCAQEAKs9zQ/07ezrup4RUgkfMyKzB2zNIdrmEPQDHW4zP
VIoJV3wax5cbT5kBTPQIcmT/e/YIiNJkMZNrwvz2U1KPuKQmuuOgUFPBe8Fa406s
JFvTlre8yCPKxVd9Qgzd3f9JaPxQ7EyVXLKnxFT3tU8oWjOiCcDthUIO3mQ3nsXU
LZbVXtWOr/eF0gDexwOjuwxTTFnwIVh2qKgew+1/2UzvvRcSExMfg4Z/YyZirrmH
94cWLdyCoRNKqEd7RsLHc91lCr7HY7iFwhCGwFyqN5UJw6Q4l3hIYrpifkqJzAYg
Dy6lLDsuQzGsFCDzCUEo60Jr3GOJKemt3NykOnX/7R0SQw==
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:33 2024 by rpki-client on console-fra.rpki-client.org