Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f63754b7-fb63-483b-81cc-1e0530064391.roa
File: f63754b7-fb63-483b-81cc-1e0530064391.roa (raw, json)
Hash identifier: fm7XhV4Ith8hcmMpTOF6zzDkUPgn4oNX9nIKXpIROzU=
Subject key identifier: 2E:5D:B8:74:DD:34:0F:A4:9C:AF:1C:18:DA:D2:8E:FA:7C:FA:92:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 43BBD6CD459A4B51C9BF3E49D6A5E1514CE0D18D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f63754b7-fb63-483b-81cc-1e0530064391.roa
Signing time: Tue 23 Apr 2024 00:00:00 +0000
ROA not before: Tue 23 Apr 2024 00:00:00 +0000
ROA not after: Tue 28 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:bb:d6:cd:45:9a:4b:51:c9:bf:3e:49:d6:a5:e1:51:4c:e0:d1:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 23 00:00:00 2024 GMT
Not After : May 28 23:59:59 2024 GMT
Subject: serialNumber=820958e1366f8074d3cfc1e3055a9d82434921320d02c4e9ee9be8697816860e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8f:45:ca:82:c8:4e:b7:5c:69:e0:dc:82:04:
3f:8a:ed:14:f4:92:7e:c2:cf:eb:c4:66:4d:80:59:
43:87:67:ef:8f:94:23:bf:a1:fe:59:ed:65:91:ac:
6a:c7:e0:9a:68:62:d3:f8:af:a0:4d:86:86:e8:eb:
53:95:42:a2:2a:7a:f6:a3:5b:8a:f4:e8:b6:b7:f3:
b5:e1:fb:9a:61:bd:d0:a0:55:13:a0:f1:20:c4:42:
e0:f3:48:6b:47:e1:d7:37:20:16:b5:1b:1b:93:93:
cb:9e:6c:b7:49:02:69:4e:c0:ba:a2:e7:0f:2e:cc:
d0:9c:3a:3c:41:b6:96:7d:38:38:ab:a6:73:16:ca:
86:34:4c:95:c7:69:d4:52:41:2d:a1:37:ed:b6:43:
fe:ab:d0:73:a3:2d:43:bd:c7:b8:5c:97:8a:40:eb:
4d:2d:8a:c5:90:de:65:a0:b7:ef:ff:86:4b:91:b5:
49:ac:43:d3:77:f5:d6:d7:f9:b2:c8:b5:5a:f1:21:
e9:5e:cb:f5:44:f8:e9:f9:1b:b3:44:3b:c4:8c:d9:
7a:3c:4d:18:7e:e0:f4:f2:1b:ca:e0:6e:f8:e2:9b:
07:db:06:bb:11:c0:a1:b4:b8:ec:5c:25:c1:6e:26:
43:fe:94:9c:65:81:d1:19:0f:87:d4:df:f9:4f:13:
7e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:5D:B8:74:DD:34:0F:A4:9C:AF:1C:18:DA:D2:8E:FA:7C:FA:92:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f63754b7-fb63-483b-81cc-1e0530064391.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.128.0/18
Signature Algorithm: sha256WithRSAEncryption
0d:2b:e4:8d:6b:a0:af:78:5b:11:4d:ec:bc:96:f3:44:80:5a:
27:8a:1d:7f:28:48:72:31:91:d5:af:cb:80:66:01:cc:2d:2d:
bd:6b:9d:64:d8:d7:a6:38:05:67:c0:82:06:54:58:d5:3b:9b:
a5:ff:af:34:84:cd:cd:db:d0:81:e9:fa:07:77:5f:e9:ee:23:
37:fd:2e:34:10:3f:ef:69:e0:07:72:7d:56:7e:a3:ea:6d:b8:
db:35:51:31:64:f7:21:48:6b:b4:77:f7:64:e8:ff:39:f6:1a:
31:1b:e0:a0:a8:67:98:80:8d:1c:2e:c3:8e:65:15:7d:0d:d8:
33:71:8c:c4:f6:b9:e2:00:b8:82:e9:a5:b3:5c:10:40:24:4a:
7d:11:b8:6f:fa:5a:59:de:17:25:8a:0d:6a:35:ae:66:74:de:
ef:8a:54:e6:17:7a:e5:fc:f4:f7:73:8d:28:19:ef:71:48:78:
f4:77:f1:55:8b:84:5c:e0:dc:f2:37:fd:ea:36:fc:ca:3c:fd:
03:f4:98:2a:f6:c2:1b:c8:99:00:d9:af:87:dc:b4:b3:08:4a:
fa:0b:cd:a6:1e:04:fc:da:a4:67:75:3b:50:6f:f3:b6:1e:1a:
53:9b:46:be:fc:fd:8e:52:65:9c:b8:6a:10:92:d2:bf:68:0e:
fd:f5:e6:aa
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQ7vWzUWaS1HJvz5J1qXhUUzg0Y0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjMwMDAwMDBaFw0yNDA1MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyMDk1OGUxMzY2ZjgwNzRkM2NmYzFlMzA1NWE5ZDgyNDM0OTIxMzIwZDAy
YzRlOWVlOWJlODY5NzgxNjg2MGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWPRcqCyE63XGng3IIEP4rtFPSSfsLP68RmTYBZQ4dn74+UI7+h/lntZZGs
asfgmmhi0/ivoE2GhujrU5VCoip69qNbivTotrfzteH7mmG90KBVE6DxIMRC4PNI
a0fh1zcgFrUbG5OTy55st0kCaU7AuqLnDy7M0Jw6PEG2ln04OKumcxbKhjRMlcdp
1FJBLaE37bZD/qvQc6MtQ73HuFyXikDrTS2KxZDeZaC37/+GS5G1SaxD03f11tf5
ssi1WvEh6V7L9UT46fkbs0Q7xIzZejxNGH7g9PIbyuBu+OKbB9sGuxHAobS47Fwl
wW4mQ/6UnGWB0RkPh9Tf+U8Tfk8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQuXbh0
3TQPpJyvHBja0o76fPqSgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjYzNzU0YjctZmI2My00ODNiLTgxY2MtMWUwNTMwMDY0MzkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBi4zgDAN
BgkqhkiG9w0BAQsFAAOCAQEADSvkjWugr3hbEU3svJbzRIBaJ4odfyhIcjGR1a/L
gGYBzC0tvWudZNjXpjgFZ8CCBlRY1Tubpf+vNITNzdvQgen6B3df6e4jN/0uNBA/
72ngB3J9Vn6j6m242zVRMWT3IUhrtHf3ZOj/OfYaMRvgoKhnmICNHC7DjmUVfQ3Y
M3GMxPa54gC4gumls1wQQCRKfRG4b/paWd4XJYoNajWuZnTe74pU5hd65fz093ON
KBnvcUh49HfxVYuEXODc8jf96jb8yjz9A/SYKvbCG8iZANmvh9y0swhK+gvNph4E
/NqkZ3U7UG/zth4aU5tGvvz9jlJlnLhqEJLSv2gO/fXmqg==
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:11 2024 by rpki-client on console-fra.rpki-client.org