Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6ff377d-6d59-4c6c-aa67-738a3deb3bb4.roa
File: d6ff377d-6d59-4c6c-aa67-738a3deb3bb4.roa (raw, json)
Hash identifier: O7kGeHY0vDmx/mXsq/0YCo/2GxLnSR7vZ8UXl6ZviKw=
Subject key identifier: 39:BC:AC:13:62:8A:95:42:0A:2E:0A:B6:A4:63:98:EB:75:A0:6F:0B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7EE351055886F1D330124FC2D001C88506475A71
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6ff377d-6d59-4c6c-aa67-738a3deb3bb4.roa
Signing time: Wed 17 Apr 2024 00:00:00 +0000
ROA not before: Wed 17 Apr 2024 00:00:00 +0000
ROA not after: Wed 22 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 46.137.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:e3:51:05:58:86:f1:d3:30:12:4f:c2:d0:01:c8:85:06:47:5a:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 00:00:00 2024 GMT
Not After : May 22 23:59:59 2024 GMT
Subject: serialNumber=2d499eb165e291368c9f876b9ec56e1178556feb8b1dbe00002bbf5d6d6ef017, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:85:bd:89:be:72:25:c1:e3:67:23:01:90:2d:
99:83:c7:d0:26:77:df:67:2b:2b:6e:ab:11:9c:2e:
95:c7:59:ba:43:7c:27:fc:fb:62:9d:01:89:b7:3a:
c6:35:1f:8e:ef:ac:cf:9d:00:5e:ff:78:95:c0:be:
cb:a5:5c:e6:18:a2:cc:10:b7:a9:70:13:91:be:27:
fd:b8:d3:e6:a3:83:d5:5e:2f:26:d2:84:ed:7e:0b:
c0:cb:9d:dc:cd:61:5a:8b:96:3b:8e:fd:dc:a8:e0:
93:5d:66:88:a6:bd:24:2d:69:fe:eb:65:c4:01:a6:
f2:ac:5b:cd:ff:e9:e9:32:99:71:5a:06:a1:07:33:
db:34:55:2b:79:e9:99:04:2f:94:dc:71:9a:54:61:
d1:f6:0d:69:af:ba:1c:a6:cd:60:81:3b:35:83:19:
6d:01:45:fe:2e:b3:c2:79:d3:cd:b8:b3:6e:c5:f8:
1c:44:56:b4:d1:c7:69:b4:2d:41:f2:36:46:03:3f:
c1:ec:87:1c:f7:3e:28:7b:18:af:91:73:6d:47:78:
e8:f0:e4:c0:cc:7b:dc:13:7d:4f:b6:c4:7e:fd:06:
cd:33:1b:07:1b:0f:58:44:ac:a4:1a:5f:52:2e:47:
76:e9:aa:1f:68:85:db:5b:4e:03:9d:22:3a:7e:24:
24:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:BC:AC:13:62:8A:95:42:0A:2E:0A:B6:A4:63:98:EB:75:A0:6F:0B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6ff377d-6d59-4c6c-aa67-738a3deb3bb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/16
Signature Algorithm: sha256WithRSAEncryption
91:e6:f3:26:35:d8:29:c0:46:7b:94:89:b0:14:b4:ba:b2:e3:
5e:89:e8:fe:c6:23:92:15:bf:15:e4:da:a1:14:18:8a:32:fb:
7c:a2:2d:0b:a3:e2:24:e3:f1:09:72:4e:79:36:f6:ea:26:3d:
dd:b5:0e:c3:46:b6:9c:63:83:ab:87:0f:6d:c9:3d:b5:6a:cf:
83:08:33:d9:ef:82:d4:f9:26:2d:5e:72:39:13:cf:5b:91:e0:
bc:3e:d0:d0:ed:62:68:64:24:cc:84:28:f2:f0:09:cb:6b:91:
d8:44:87:69:b9:d0:50:c3:6c:ad:68:88:35:9e:b9:9a:6b:54:
df:34:5e:11:3c:a4:ca:08:08:28:e8:ae:ba:85:74:1b:f5:53:
b8:b4:c9:05:97:de:0a:76:a4:f1:d5:e9:b5:fa:b1:6f:45:d7:
00:6c:14:11:e3:a7:81:de:6b:1e:1d:96:eb:da:bf:ee:3b:de:
ae:57:27:5e:c5:fe:6d:c9:6a:8a:90:d3:ea:5f:00:67:6e:d6:
a5:a3:08:39:c8:59:4f:f2:f7:08:33:a5:7c:3f:c6:48:bb:ea:
96:50:25:df:31:2a:44:fe:28:03:57:eb:6c:e1:c0:91:f1:9b:
58:9d:0a:6f:ce:8b:65:c5:60:4f:15:bb:bf:75:83:92:40:82:
04:c3:ee:ac
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfuNRBViG8dMwEk/C0AHIhQZHWnEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MTcwMDAwMDBaFw0yNDA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkNDk5ZWIxNjVlMjkxMzY4YzlmODc2YjllYzU2ZTExNzg1NTZmZWI4YjFk
YmUwMDAwMmJiZjVkNmQ2ZWYwMTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmFvYm+ciXB42cjAZAtmYPH0CZ332crK26rEZwulcdZukN8J/z7Yp0Bibc6
xjUfju+sz50AXv94lcC+y6Vc5hiizBC3qXATkb4n/bjT5qOD1V4vJtKE7X4LwMud
3M1hWouWO4793Kjgk11miKa9JC1p/utlxAGm8qxbzf/p6TKZcVoGoQcz2zRVK3np
mQQvlNxxmlRh0fYNaa+6HKbNYIE7NYMZbQFF/i6zwnnTzbizbsX4HERWtNHHabQt
QfI2RgM/weyHHPc+KHsYr5FzbUd46PDkwMx73BN9T7bEfv0GzTMbBxsPWESspBpf
Ui5HdumqH2iF21tOA50iOn4kJOsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ5vKwT
YoqVQgouCrakY5jrdaBvCzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDZmZjM3N2QtNmQ1OS00YzZjLWFhNjctNzM4YTNkZWIzYmI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAC6JMA0G
CSqGSIb3DQEBCwUAA4IBAQCR5vMmNdgpwEZ7lImwFLS6suNeiej+xiOSFb8V5Nqh
FBiKMvt8oi0Lo+Ik4/EJck55NvbqJj3dtQ7DRracY4Orhw9tyT21as+DCDPZ74LU
+SYtXnI5E89bkeC8PtDQ7WJoZCTMhCjy8AnLa5HYRIdpudBQw2ytaIg1nrmaa1Tf
NF4RPKTKCAgo6K66hXQb9VO4tMkFl94KdqTx1em1+rFvRdcAbBQR46eB3mseHZbr
2r/uO96uVydexf5tyWqKkNPqXwBnbtalowg5yFlP8vcIM6V8P8ZIu+qWUCXfMSpE
/igDV+ts4cCR8ZtYnQpvzotlxWBPFbu/dYOSQIIEw+6s
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:02:32 2024 by rpki-client on console-fra.rpki-client.org