Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e70f0462-459f-447a-88cd-62a494e81770.roa
File: e70f0462-459f-447a-88cd-62a494e81770.roa (raw, json)
Hash identifier: k7pd3s7MP9W/RGGYpRy6sNjMvpznMuVuiGh/+7sGffI=
Subject key identifier: 0F:71:0C:06:B9:DB:B0:6C:6F:94:0A:57:89:5B:B5:48:5E:3A:3C:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 106E4846E1C59218AD5FF343E3AB99C7314D0A23
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e70f0462-459f-447a-88cd-62a494e81770.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.216.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:6e:48:46:e1:c5:92:18:ad:5f:f3:43:e3:ab:99:c7:31:4d:0a:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=7c72b18e0fe861f978f64e042dc70fd2e6c2881fd70a08dc2b2d7608a2089712, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:49:19:cf:c6:90:84:11:5c:e7:23:38:7e:e3:
eb:d7:44:ee:bd:17:a3:da:c5:a6:62:21:23:83:8b:
14:34:db:fc:66:f6:a2:af:f3:aa:b2:6c:87:43:bd:
03:c3:54:5b:50:de:f1:88:16:01:74:9d:84:8b:e2:
f9:3b:94:e7:9a:e3:6e:b0:85:97:93:c8:b3:b6:13:
f5:4c:08:0a:40:a3:ae:a3:a1:21:26:f9:98:2e:3e:
b7:3a:48:85:5d:8a:9a:06:63:a9:5a:c7:81:b2:93:
f5:45:da:2f:26:1e:34:a4:f9:12:da:1e:de:5c:90:
4a:06:51:82:30:ed:45:b1:1a:bf:ee:51:d6:c0:0a:
b9:bc:59:d8:e0:99:1d:33:31:3e:89:7c:6a:88:43:
6f:26:7d:31:f9:1d:e2:a3:6a:ad:12:a8:6a:bd:fb:
30:3a:6f:a7:74:71:7c:b0:10:4d:67:7e:22:3c:94:
fa:33:b4:37:41:4d:2b:68:9a:94:a6:79:0c:a8:07:
d6:6c:fa:8c:17:7c:66:42:d1:cb:bf:9e:4e:03:cf:
85:e3:7e:a3:cc:87:1d:dc:9a:14:f1:97:4f:bc:4e:
50:d8:4b:1f:1a:de:17:05:e2:a0:ba:48:27:bc:56:
b8:24:f4:fc:b1:81:60:d1:77:66:2b:2d:9c:39:ca:
cd:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:71:0C:06:B9:DB:B0:6C:6F:94:0A:57:89:5B:B5:48:5E:3A:3C:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e70f0462-459f-447a-88cd-62a494e81770.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.216.0/21
Signature Algorithm: sha256WithRSAEncryption
bf:ef:e9:88:f4:07:09:32:e4:0a:7d:af:d7:06:cd:d9:35:53:
09:63:cf:b1:97:3d:b2:eb:99:64:f7:23:13:e2:34:12:cf:c2:
6f:e1:07:e5:e0:b7:9b:e3:74:de:3e:de:af:ad:60:08:dd:f2:
49:dd:9a:47:5b:f0:ea:c6:c7:a9:88:eb:a0:e1:d3:9c:79:ab:
43:ec:40:ea:c1:62:3f:35:81:d3:3c:f9:40:b4:6a:5f:42:88:
da:e1:34:3d:bf:49:42:d6:87:17:3b:ab:5e:06:7c:db:f1:57:
91:46:52:b6:c4:57:b2:89:a0:7f:95:bd:f3:b0:75:ab:34:d0:
85:49:ca:52:3e:79:41:02:1a:c1:fc:f8:c2:24:72:0a:42:00:
0d:f3:55:ba:85:6a:19:2c:43:6a:88:30:1e:58:5d:1d:c4:e7:
32:75:e0:53:31:9e:d6:d2:79:6d:7a:1e:6b:47:31:ba:fd:27:
f6:51:24:b6:72:10:71:a3:c5:c7:e7:e6:21:b4:bb:aa:3b:4a:
af:f8:08:87:f1:f2:e2:3f:a4:3d:10:18:14:d6:01:6d:03:7a:
a8:a0:5c:7b:8a:a4:87:68:ae:dd:10:53:a3:ae:1c:76:11:26:
94:6b:b3:cb:a0:55:6a:e2:4e:1b:ec:34:1e:e5:13:77:98:00:
7b:73:93:bf
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEG5IRuHFkhitX/ND46uZxzFNCiMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjNzJiMThlMGZlODYxZjk3OGY2NGUwNDJkYzcwZmQyZTZjMjg4MWZkNzBh
MDhkYzJiMmQ3NjA4YTIwODk3MTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJFJGc/GkIQRXOcjOH7j69dE7r0Xo9rFpmIhI4OLFDTb/Gb2oq/zqrJsh0O9
A8NUW1De8YgWAXSdhIvi+TuU55rjbrCFl5PIs7YT9UwICkCjrqOhISb5mC4+tzpI
hV2KmgZjqVrHgbKT9UXaLyYeNKT5Etoe3lyQSgZRgjDtRbEav+5R1sAKubxZ2OCZ
HTMxPol8aohDbyZ9Mfkd4qNqrRKoar37MDpvp3RxfLAQTWd+IjyU+jO0N0FNK2ia
lKZ5DKgH1mz6jBd8ZkLRy7+eTgPPheN+o8yHHdyaFPGXT7xOUNhLHxreFwXioLpI
J7xWuCT0/LGBYNF3ZistnDnKzd8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQPcQwG
uduwbG+UCleJW7VIXjo8eDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTcwZjA0NjItNDU5Zi00NDdhLTg4Y2QtNjJhNDk0ZTgxNzcwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4z2DAN
BgkqhkiG9w0BAQsFAAOCAQEAv+/piPQHCTLkCn2v1wbN2TVTCWPPsZc9suuZZPcj
E+I0Es/Cb+EH5eC3m+N03j7er61gCN3ySd2aR1vw6sbHqYjroOHTnHmrQ+xA6sFi
PzWB0zz5QLRqX0KI2uE0Pb9JQtaHFzurXgZ82/FXkUZStsRXsomgf5W987B1qzTQ
hUnKUj55QQIawfz4wiRyCkIADfNVuoVqGSxDaogwHlhdHcTnMnXgUzGe1tJ5bXoe
a0cxuv0n9lEktnIQcaPFx+fmIbS7qjtKr/gIh/Hy4j+kPRAYFNYBbQN6qKBce4qk
h2iu3RBTo64cdhEmlGuzy6BVauJOG+w0HuUTd5gAe3OTvw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:33 2024 by rpki-client on console-fra.rpki-client.org