Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea9f1f24-552b-49dd-a167-4872d5575c1d.roa
File: ea9f1f24-552b-49dd-a167-4872d5575c1d.roa (raw, json)
Hash identifier: PwB6HRwvE3pZwTdd79yf/Td4/LtdB9PyoARz/L7RIr4=
Subject key identifier: 4A:BA:61:5A:FD:E7:A2:9B:F3:71:F5:A1:47:19:B1:8C:C5:77:EC:FF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 022FE43E59434C699997590E1C1B5E13D2422A2A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea9f1f24-552b-49dd-a167-4872d5575c1d.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.120.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Apr 2024 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:2f:e4:3e:59:43:4c:69:99:97:59:0e:1c:1b:5e:13:d2:42:2a:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=06af92d6cb29b84e0d36f330c65f1a6e52c07843532e6f0d80c4221b2c7e5f3b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5b:07:46:80:ba:4b:49:07:1c:e4:e2:58:53:
fe:93:fb:65:43:9d:ef:42:dc:54:64:6c:ba:c5:36:
b4:27:28:9c:2d:a1:51:6a:df:dc:50:c8:53:4c:80:
20:91:71:fc:af:f1:1e:e6:70:aa:e1:07:6b:6c:de:
c1:25:c9:63:15:52:6d:c3:45:1e:8c:d7:24:ce:13:
6c:90:fe:bf:ec:cb:68:eb:58:f7:29:52:d0:af:bf:
68:fe:bb:78:63:4e:34:cc:27:48:a5:19:fc:97:88:
d2:27:a9:77:7b:5c:5f:e8:ff:77:43:f6:5e:f8:3d:
27:4d:5e:c5:e4:f8:91:62:e6:66:f5:d1:9a:7e:71:
69:49:e8:c1:85:61:dd:e0:c2:a5:43:94:ab:50:37:
06:5f:1f:e0:a2:02:21:6f:89:bd:5c:47:07:c3:74:
9d:d9:2f:42:d6:69:04:3d:75:e6:7d:53:4d:29:74:
ee:12:ac:87:75:36:c4:68:ff:42:0c:91:e5:5d:cd:
6b:82:c5:7c:8a:a0:44:6a:35:af:3f:b2:fa:cd:57:
7b:b5:aa:95:7b:1b:9b:3d:1d:5d:61:a6:65:6b:01:
42:69:75:f0:f6:14:0d:a0:fe:a1:32:9a:f2:f9:db:
8e:c8:bd:55:64:aa:2a:dc:8b:1c:93:85:d7:c0:01:
16:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:BA:61:5A:FD:E7:A2:9B:F3:71:F5:A1:47:19:B1:8C:C5:77:EC:FF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea9f1f24-552b-49dd-a167-4872d5575c1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.120.0/22
Signature Algorithm: sha256WithRSAEncryption
09:61:d0:f0:b1:49:a4:34:69:bd:8f:2b:dc:e8:91:b2:4c:bc:
d6:8c:92:f4:8e:77:cd:83:80:f4:6f:8a:94:98:67:7e:92:f4:
85:18:8d:43:37:26:e1:81:12:a6:0b:20:95:a6:f9:0c:11:31:
aa:40:27:39:94:f5:ea:4d:b9:88:8f:8e:3a:d2:41:59:85:5b:
15:5c:9f:59:fa:d6:64:70:55:71:d6:fc:8b:cd:c5:2d:64:35:
fa:15:86:7f:9c:c7:f6:a8:9b:1f:5b:08:51:67:16:f5:c3:15:
79:61:e9:e6:a9:0f:29:98:bd:3f:2b:a1:a9:8b:22:2b:65:5a:
f8:75:c4:27:40:97:98:9a:76:3e:0d:ff:c6:d0:11:ac:50:ad:
41:f1:5f:0d:56:04:27:07:33:08:30:38:71:d5:ac:87:d7:2d:
9d:ec:14:52:89:7e:a6:a1:eb:63:ce:b6:27:25:3a:ce:65:cf:
79:4f:d1:19:bf:82:30:14:5f:0a:eb:87:73:08:f3:7f:5f:a0:
62:5f:82:fa:a5:73:f6:16:46:d3:db:f2:ec:26:0c:97:37:70:
60:2d:77:30:8c:8f:e9:1a:5a:56:40:b0:ac:27:18:6b:6c:8c:
f5:65:20:54:31:3f:f0:51:fd:f4:d9:d5:34:ee:18:81:c9:aa:
70:88:5f:61
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAi/kPllDTGmZl1kOHBteE9JCKiowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2YWY5MmQ2Y2IyOWI4NGUwZDM2ZjMzMGM2NWYxYTZlNTJjMDc4NDM1MzJl
NmYwZDgwYzQyMjFiMmM3ZTVmM2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVbB0aAuktJBxzk4lhT/pP7ZUOd70LcVGRsusU2tCconC2hUWrf3FDIU0yA
IJFx/K/xHuZwquEHa2zewSXJYxVSbcNFHozXJM4TbJD+v+zLaOtY9ylS0K+/aP67
eGNONMwnSKUZ/JeI0iepd3tcX+j/d0P2Xvg9J01exeT4kWLmZvXRmn5xaUnowYVh
3eDCpUOUq1A3Bl8f4KICIW+JvVxHB8N0ndkvQtZpBD115n1TTSl07hKsh3U2xGj/
QgyR5V3Na4LFfIqgRGo1rz+y+s1Xe7WqlXsbmz0dXWGmZWsBQml18PYUDaD+oTKa
8vnbjsi9VWSqKtyLHJOF18ABFg8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRKumFa
/eeim/Nx9aFHGbGMxXfs/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWE5ZjFmMjQtNTUyYi00OWRkLWExNjctNDg3MmQ1NTc1YzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAgeDAN
BgkqhkiG9w0BAQsFAAOCAQEACWHQ8LFJpDRpvY8r3OiRsky81oyS9I53zYOA9G+K
lJhnfpL0hRiNQzcm4YESpgsglab5DBExqkAnOZT16k25iI+OOtJBWYVbFVyfWfrW
ZHBVcdb8i83FLWQ1+hWGf5zH9qibH1sIUWcW9cMVeWHp5qkPKZi9PyuhqYsiK2Va
+HXEJ0CXmJp2Pg3/xtARrFCtQfFfDVYEJwczCDA4cdWsh9ctnewUUol+pqHrY862
JyU6zmXPeU/RGb+CMBRfCuuHcwjzf1+gYl+C+qVz9hZG09vy7CYMlzdwYC13MIyP
6RpaVkCwrCcYa2yM9WUgVDE/8FH99NnVNO4YgcmqcIhfYQ==
-----END CERTIFICATE-----
Generated at Thu Apr 18 02:44:33 2024 by rpki-client on console-fra.rpki-client.org