Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e70f0462-459f-447a-88cd-62a494e81770.roa
File: e70f0462-459f-447a-88cd-62a494e81770.roa (raw, json)
Hash identifier: dAQsgw78Q4XKvqRey8oGBUuNR78TT8Mh+SsZ5DrcVV4=
Subject key identifier: EB:A1:D0:5D:B6:D4:48:C5:F8:EF:D9:D3:FD:69:BC:3A:19:AB:9C:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 41EA73D1DF56C01A02B41CDF15940383F508E625
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e70f0462-459f-447a-88cd-62a494e81770.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.216.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:ea:73:d1:df:56:c0:1a:02:b4:1c:df:15:94:03:83:f5:08:e6:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=e568ccbba29c6a3649f53406fd0d34f32b16240fae2a0c86e23615370e5cf372, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:18:e0:c7:8e:e8:cd:3e:b6:3f:55:c5:86:58:
88:dd:e6:b7:32:ac:13:7d:e2:4e:a1:3a:1a:97:a3:
d7:6d:22:70:b9:4b:72:da:72:d0:45:f6:7b:81:a8:
a3:e3:75:db:93:67:dd:eb:b6:05:83:7c:59:a4:31:
0b:03:3b:b0:0a:93:12:54:d5:33:e0:01:a0:ad:ef:
6c:f4:5f:86:a4:47:2e:67:ae:c1:3e:b8:89:15:8d:
0c:9c:ff:7e:c2:4e:d0:d6:83:05:bf:c6:d9:ea:a2:
aa:a4:18:92:8c:8d:2d:7e:f7:cc:c6:10:b3:d9:f9:
28:f8:de:da:f9:1c:5e:cb:d2:e0:67:4b:87:ea:8b:
8d:a0:ab:ec:4a:4c:60:bf:4b:e7:18:e4:d0:26:e8:
18:3c:96:aa:9e:89:a3:b3:cd:eb:86:7b:45:56:7d:
10:3e:40:ee:73:0c:58:c6:54:f5:39:c9:7a:e3:da:
08:51:64:7c:bc:07:fa:97:e7:38:a2:47:75:b6:cb:
5c:2e:0c:6e:bf:d5:f0:75:8c:8e:08:74:8b:ef:04:
80:79:1a:18:9a:b3:1e:56:3b:8d:7f:1d:92:d4:63:
a6:48:e7:fd:df:b2:72:27:be:5c:c8:a3:04:b3:0c:
89:25:22:07:99:7d:a5:ef:0e:df:09:27:d2:b5:02:
13:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:A1:D0:5D:B6:D4:48:C5:F8:EF:D9:D3:FD:69:BC:3A:19:AB:9C:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e70f0462-459f-447a-88cd-62a494e81770.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.216.0/21
Signature Algorithm: sha256WithRSAEncryption
77:89:62:db:76:b9:0b:d3:28:ce:21:53:b8:e2:75:f7:da:d6:
05:22:27:22:b8:d0:a7:0f:1a:a4:d0:81:be:33:bd:ea:d4:50:
b7:a3:62:8a:1b:22:a1:3f:a3:0d:91:87:b6:be:52:46:d9:f9:
ed:8b:6e:13:15:ec:fc:21:de:64:2f:7c:f5:54:9b:65:81:a6:
f1:fd:2e:3e:78:1f:39:64:cf:2c:f0:ca:51:3e:fb:07:06:5b:
a1:e9:ac:63:4a:7c:d5:29:01:9f:ef:6f:bd:98:a4:63:bb:30:
0c:db:8b:f6:c8:4c:3c:2b:d7:0b:58:49:63:11:a4:1e:2b:0c:
6b:cb:68:3e:6d:3b:e3:93:64:ce:f8:3b:4b:15:05:a6:b1:04:
d2:f1:d5:2e:c6:5e:09:9b:7b:e7:83:49:a5:47:2f:62:7a:06:
31:3e:dd:78:d7:09:16:69:3d:a4:54:94:64:e3:34:39:67:34:
3c:d3:09:7d:9e:14:c1:fd:22:8d:f2:16:cb:7b:89:94:da:f9:
56:85:70:a9:87:32:37:a3:4e:91:d8:68:5e:83:ba:8d:0c:27:
7b:3b:d8:25:3a:d9:ca:73:a1:af:16:5a:c6:f9:0e:1a:7b:57:
dd:9a:82:1d:a3:b5:0c:42:48:64:84:96:f2:79:1b:90:f8:58:
e5:00:36:30
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQepz0d9WwBoCtBzfFZQDg/UI5iUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1NjhjY2JiYTI5YzZhMzY0OWY1MzQwNmZkMGQzNGYzMmIxNjI0MGZhZTJh
MGM4NmUyMzYxNTM3MGU1Y2YzNzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANIY4MeO6M0+tj9VxYZYiN3mtzKsE33iTqE6Gpej120icLlLctpy0EX2e4Go
o+N125Nn3eu2BYN8WaQxCwM7sAqTElTVM+ABoK3vbPRfhqRHLmeuwT64iRWNDJz/
fsJO0NaDBb/G2eqiqqQYkoyNLX73zMYQs9n5KPje2vkcXsvS4GdLh+qLjaCr7EpM
YL9L5xjk0CboGDyWqp6Jo7PN64Z7RVZ9ED5A7nMMWMZU9TnJeuPaCFFkfLwH+pfn
OKJHdbbLXC4Mbr/V8HWMjgh0i+8EgHkaGJqzHlY7jX8dktRjpkjn/d+ycie+XMij
BLMMiSUiB5l9pe8O3wkn0rUCE18CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTrodBd
ttRIxfjv2dP9abw6GaucATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTcwZjA0NjItNDU5Zi00NDdhLTg4Y2QtNjJhNDk0ZTgxNzcwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4z2DAN
BgkqhkiG9w0BAQsFAAOCAQEAd4li23a5C9MoziFTuOJ199rWBSInIrjQpw8apNCB
vjO96tRQt6NiihsioT+jDZGHtr5SRtn57YtuExXs/CHeZC989VSbZYGm8f0uPngf
OWTPLPDKUT77BwZboemsY0p81SkBn+9vvZikY7swDNuL9shMPCvXC1hJYxGkHisM
a8toPm0745Nkzvg7SxUFprEE0vHVLsZeCZt754NJpUcvYnoGMT7deNcJFmk9pFSU
ZOM0OWc0PNMJfZ4Uwf0ijfIWy3uJlNr5VoVwqYcyN6NOkdhoXoO6jQwnezvYJTrZ
ynOhrxZaxvkOGntX3ZqCHaO1DEJIZISW8nkbkPhY5QA2MA==
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org