Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e70f0462-459f-447a-88cd-62a494e81770.roa
File: e70f0462-459f-447a-88cd-62a494e81770.roa (raw, json)
Hash identifier: U1K/qQNJy1KuZq9Pi81B3n6C0xmCZmCplvvjzcD7/TM=
Subject key identifier: BB:15:CA:EA:93:FA:35:3D:7E:35:75:54:BA:8C:67:51:3C:F6:9D:83
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4C627DDA8DF4FFD1A6E0C90515D74F34DE00B081
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e70f0462-459f-447a-88cd-62a494e81770.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.216.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:62:7d:da:8d:f4:ff:d1:a6:e0:c9:05:15:d7:4f:34:de:00:b0:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=118484a0d450b400f865ab2568aaec9223b598aef565340cb56ed32ea610ce69, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5f:b6:8a:ef:4b:ba:63:ec:c3:e7:6d:9c:0b:
15:2b:7c:e3:42:ba:7f:81:ad:c4:f7:f7:ba:26:a1:
59:ba:b4:04:04:88:cc:5d:5c:1c:3f:f5:46:0b:77:
dc:eb:11:22:80:97:a4:a1:9d:a3:06:9e:9c:78:dc:
08:ed:30:cc:7e:9f:45:96:c3:8d:7e:ed:69:18:1d:
aa:71:a2:6d:5d:e4:b3:ae:f2:67:5e:5c:0f:44:dc:
2f:c0:7f:53:92:ad:08:d9:35:a3:16:15:f8:b9:72:
42:c9:3e:9b:3b:ea:19:33:b7:82:ec:db:e6:70:ec:
be:b8:23:25:0d:e5:5d:1f:55:ba:c0:9b:29:da:0e:
de:70:8d:54:42:a5:0d:da:4a:e4:7a:d9:5b:23:60:
db:22:58:52:fd:43:cc:3d:5e:6f:b6:05:36:05:48:
07:27:33:f8:61:a5:75:83:68:a4:25:2b:db:0e:bc:
b1:8f:9f:e9:92:74:3d:6f:a7:01:e1:fb:be:07:df:
c4:28:79:8d:e7:16:af:69:b1:ff:18:b6:50:9a:d7:
82:e9:03:84:e4:f7:40:93:b3:24:f4:c6:58:d6:9b:
9a:af:79:1b:ad:a4:9b:b1:73:2f:3c:36:bc:a1:99:
68:f8:27:de:45:e8:71:3f:3d:26:42:37:47:4e:65:
d3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:15:CA:EA:93:FA:35:3D:7E:35:75:54:BA:8C:67:51:3C:F6:9D:83
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e70f0462-459f-447a-88cd-62a494e81770.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.216.0/21
Signature Algorithm: sha256WithRSAEncryption
36:32:bb:02:51:b3:8f:48:40:9f:45:f5:b8:5e:48:d3:4f:dd:
2b:5a:e7:28:a3:ac:d8:68:f4:81:2e:e9:af:e0:7f:1e:47:57:
98:ca:65:08:3e:4b:79:f9:6d:ce:7e:5e:14:55:78:4b:51:3a:
66:b5:73:fe:ab:44:07:ae:96:07:c8:bc:f2:69:d8:dc:ee:47:
05:bc:8e:cf:ac:b5:ec:dc:e0:7a:d7:70:27:8c:e4:10:19:8f:
1c:71:23:e7:ab:88:28:27:d4:51:3e:1c:87:c1:a7:fb:34:9c:
d1:a7:d8:47:35:f1:26:05:1f:9f:51:48:12:c0:a4:1f:83:07:
32:0a:4e:81:5c:27:1e:ea:38:d2:91:35:59:da:d4:87:87:1e:
ec:09:99:49:01:ab:13:d8:62:e7:2f:bd:24:6f:cb:1e:c5:ee:
3e:f3:14:7f:d8:1b:01:61:f6:7a:d6:bc:a9:e2:af:4b:0e:e6:
ce:54:46:9e:46:34:63:87:c5:e1:cb:ec:28:57:1c:5b:31:1b:
f3:eb:44:4e:b7:55:96:e0:be:52:2a:1e:c8:d2:2e:c2:6a:db:
19:c2:30:22:04:ef:66:a4:aa:f3:25:0b:25:8d:37:2d:ee:fb:
0c:70:6e:97:f8:04:fc:0a:4e:1f:71:58:37:55:c0:02:d8:5b:
cb:5b:56:76
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTGJ92o30/9Gm4MkFFddPNN4AsIEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDExODQ4NGEwZDQ1MGI0MDBmODY1YWIyNTY4YWFlYzkyMjNiNTk4YWVmNTY1
MzQwY2I1NmVkMzJlYTYxMGNlNjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJpftorvS7pj7MPnbZwLFSt840K6f4GtxPf3uiahWbq0BASIzF1cHD/1Rgt3
3OsRIoCXpKGdowaenHjcCO0wzH6fRZbDjX7taRgdqnGibV3ks67yZ15cD0TcL8B/
U5KtCNk1oxYV+LlyQsk+mzvqGTO3guzb5nDsvrgjJQ3lXR9VusCbKdoO3nCNVEKl
DdpK5HrZWyNg2yJYUv1DzD1eb7YFNgVIBycz+GGldYNopCUr2w68sY+f6ZJ0PW+n
AeH7vgffxCh5jecWr2mx/xi2UJrXgukDhOT3QJOzJPTGWNabmq95G62km7FzLzw2
vKGZaPgn3kXocT89JkI3R05l00UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS7Fcrq
k/o1PX41dVS6jGdRPPadgzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTcwZjA0NjItNDU5Zi00NDdhLTg4Y2QtNjJhNDk0ZTgxNzcwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4z2DAN
BgkqhkiG9w0BAQsFAAOCAQEANjK7AlGzj0hAn0X1uF5I00/dK1rnKKOs2Gj0gS7p
r+B/HkdXmMplCD5Lefltzn5eFFV4S1E6ZrVz/qtEB66WB8i88mnY3O5HBbyOz6y1
7NzgetdwJ4zkEBmPHHEj56uIKCfUUT4ch8Gn+zSc0afYRzXxJgUfn1FIEsCkH4MH
MgpOgVwnHuo40pE1WdrUh4ce7AmZSQGrE9hi5y+9JG/LHsXuPvMUf9gbAWH2eta8
qeKvSw7mzlRGnkY0Y4fF4cvsKFccWzEb8+tETrdVluC+UioeyNIuwmrbGcIwIgTv
ZqSq8yULJY03Le77DHBul/gE/ApOH3FYN1XAAthby1tWdg==
-----END CERTIFICATE-----
Generated at Fri Apr 19 01:16:39 2024 by rpki-client on console-fra.rpki-client.org