Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea9f1f24-552b-49dd-a167-4872d5575c1d.roa
File: ea9f1f24-552b-49dd-a167-4872d5575c1d.roa (raw, json)
Hash identifier: ghDbZ0guG/8AI5cl9MEGy37PE+d60LONE7K8ksYrFUU=
Subject key identifier: FD:73:41:76:51:28:D3:F3:4F:A3:E5:0F:7B:C2:76:DD:7D:A7:37:76
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4AC93E5F87E1FA9EFCA2A2A6865B7CF043817277
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea9f1f24-552b-49dd-a167-4872d5575c1d.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.120.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:c9:3e:5f:87:e1:fa:9e:fc:a2:a2:a6:86:5b:7c:f0:43:81:72:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=bc651ea4c42439f52986d9f087cc25eeafcdc991276af60423c4de6c40c74717, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:56:c4:cc:6a:91:50:2e:5a:3f:80:3e:e6:75:
b5:68:9b:50:7d:27:dc:8d:e7:99:ed:43:5d:50:d3:
b1:69:e8:bf:a5:a6:f4:c2:92:9a:c7:93:8d:4f:73:
75:d6:3f:a6:33:ae:ec:31:6d:cc:ef:39:d9:05:34:
18:f7:24:53:0e:92:1e:25:3b:54:2b:31:f9:28:60:
c1:0a:d3:bb:2f:e7:bf:c0:f0:a4:cf:dd:17:b1:4f:
37:ac:5b:02:75:04:12:c4:19:04:ab:3a:7f:c0:26:
27:03:1a:56:a8:04:4b:6a:38:43:37:22:3c:bd:44:
bf:5e:71:ef:17:8f:ae:8d:62:ad:b8:7c:8e:04:cd:
ae:a5:f3:df:2a:51:ac:79:19:8d:7a:d8:eb:08:d9:
e1:f9:c6:11:c6:70:59:53:60:63:c1:09:65:83:2e:
3f:df:95:5f:04:ea:17:8a:84:d7:b2:66:a9:90:ba:
52:a8:6f:6d:1e:b4:73:bb:c4:e8:de:33:4b:e9:79:
6e:5f:d7:04:d7:59:fd:28:31:d3:27:0e:1f:fe:be:
3e:2f:e0:9a:36:8e:8f:d7:03:a9:76:95:4b:78:96:
ca:54:6b:9f:be:c2:e8:06:05:d9:b8:a4:ba:2c:3c:
1f:9e:37:9a:c8:7a:71:a2:24:80:59:a4:a4:8f:d8:
e8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:73:41:76:51:28:D3:F3:4F:A3:E5:0F:7B:C2:76:DD:7D:A7:37:76
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea9f1f24-552b-49dd-a167-4872d5575c1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.120.0/22
Signature Algorithm: sha256WithRSAEncryption
31:bd:ed:ed:45:f4:31:56:17:e8:bd:c5:7c:73:e1:77:33:c1:
3a:64:5f:e4:23:79:08:5c:c9:d3:67:f0:8e:50:21:db:f1:3c:
d1:73:3b:52:6a:25:39:6d:37:72:1c:91:54:2f:28:f7:e8:0f:
c0:6e:0d:ce:7f:88:df:58:a2:9a:32:40:84:ad:93:f4:ac:69:
7a:3d:0a:11:9c:6d:44:c7:bd:bf:06:8e:4d:45:e2:71:85:70:
27:f0:9c:8d:a8:6f:f0:53:0c:7f:71:7f:d1:a4:3e:24:2f:d9:
21:a2:9c:e0:97:10:22:5f:ec:38:36:0f:15:76:81:d5:6a:42:
d5:30:a7:bc:06:52:63:f2:b9:55:03:ac:c7:8c:61:f2:cf:e3:
35:a7:8e:d5:04:c6:e9:62:21:53:25:5e:f6:db:71:da:de:68:
d1:69:a7:cb:24:1b:e4:5c:3a:80:70:47:f1:63:24:0b:d7:51:
36:4f:40:c6:ab:55:d3:5b:a3:ea:2c:80:e3:d0:7d:5d:5c:eb:
55:bd:db:f1:91:26:f3:0e:6f:d1:b0:57:f4:66:49:32:2b:35:
85:e8:8f:6b:0e:d4:0c:15:aa:1d:11:39:43:54:40:22:50:ed:
a7:6b:e6:d8:1a:32:a7:b1:4b:76:56:06:04:e4:26:51:5a:c0:
1f:04:33:f0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSsk+X4fh+p78oqKmhlt88EOBcncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjNjUxZWE0YzQyNDM5ZjUyOTg2ZDlmMDg3Y2MyNWVlYWZjZGM5OTEyNzZh
ZjYwNDIzYzRkZTZjNDBjNzQ3MTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANlWxMxqkVAuWj+APuZ1tWibUH0n3I3nme1DXVDTsWnov6Wm9MKSmseTjU9z
ddY/pjOu7DFtzO852QU0GPckUw6SHiU7VCsx+ShgwQrTuy/nv8DwpM/dF7FPN6xb
AnUEEsQZBKs6f8AmJwMaVqgES2o4QzciPL1Ev15x7xePro1irbh8jgTNrqXz3ypR
rHkZjXrY6wjZ4fnGEcZwWVNgY8EJZYMuP9+VXwTqF4qE17JmqZC6UqhvbR60c7vE
6N4zS+l5bl/XBNdZ/Sgx0ycOH/6+Pi/gmjaOj9cDqXaVS3iWylRrn77C6AYF2bik
uiw8H543msh6caIkgFmkpI/Y6B0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT9c0F2
USjT80+j5Q97wnbdfac3djAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWE5ZjFmMjQtNTUyYi00OWRkLWExNjctNDg3MmQ1NTc1YzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAgeDAN
BgkqhkiG9w0BAQsFAAOCAQEAMb3t7UX0MVYX6L3FfHPhdzPBOmRf5CN5CFzJ02fw
jlAh2/E80XM7UmolOW03chyRVC8o9+gPwG4Nzn+I31iimjJAhK2T9Kxpej0KEZxt
RMe9vwaOTUXicYVwJ/Ccjahv8FMMf3F/0aQ+JC/ZIaKc4JcQIl/sODYPFXaB1WpC
1TCnvAZSY/K5VQOsx4xh8s/jNaeO1QTG6WIhUyVe9ttx2t5o0WmnyyQb5Fw6gHBH
8WMkC9dRNk9AxqtV01uj6iyA49B9XVzrVb3b8ZEm8w5v0bBX9GZJMis1heiPaw7U
DBWqHRE5Q1RAIlDtp2vm2Boyp7FLdlYGBOQmUVrAHwQz8A==
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:30 2023 by rpki-client on console-fra.rpki-client.org