Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcb67d7c-7aab-4a02-ad70-18aaf3211bb4.roa
File: fcb67d7c-7aab-4a02-ad70-18aaf3211bb4.roa (raw, json)
Hash identifier: fmkJijwLVifxpeIugfXNGB0sMklK5usdupp7QVcr8/E=
Subject key identifier: A3:18:0D:FF:73:1A:65:8A:C2:72:3C:94:08:50:F9:D8:78:CD:4F:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B7767AB5D0964D30165DAA389B64CE2DAB66C2C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcb67d7c-7aab-4a02-ad70-18aaf3211bb4.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:77:67:ab:5d:09:64:d3:01:65:da:a3:89:b6:4c:e2:da:b6:6c:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=bb112b2e05958bc00061bacaeee337f26cb2c908cdfccf18855aa2289f1fcb5c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:11:d6:91:98:72:98:70:d9:6e:2f:f8:27:af:
c2:80:a9:e3:43:c1:17:4c:9a:53:0a:a6:f2:ca:aa:
97:11:4b:fe:23:10:41:6d:22:4e:c6:97:c4:12:a8:
fc:d9:69:7d:83:12:ab:14:69:2b:80:b3:49:25:a5:
24:a5:1c:27:fb:1a:ec:ff:81:29:63:9f:74:92:0d:
5f:2a:1d:23:d4:e2:80:32:a9:75:c5:da:f2:da:c2:
25:8e:ab:db:dd:ae:ba:82:4d:01:f1:b1:04:b0:f3:
1d:fd:36:4e:fc:2c:33:bd:e1:18:9b:d2:18:57:8b:
77:8b:9f:87:e7:23:9f:5f:09:47:3d:16:6b:7e:0d:
be:9d:59:48:1d:1f:9e:3d:48:72:88:04:03:7f:b0:
fe:83:e7:e5:0b:82:9d:0b:1d:99:66:5f:b5:77:24:
f9:c7:a3:c9:ce:7b:70:4f:9f:e8:b6:1c:1a:9d:ca:
0f:a4:af:0b:7f:49:f8:1e:72:7f:92:e2:6c:af:89:
f2:d5:58:c5:29:45:f3:00:12:b5:28:ea:96:d6:7f:
6a:91:15:7b:e3:85:67:9d:d3:a4:88:cb:74:ba:37:
da:2c:3a:9b:1e:2a:89:5c:5d:d1:c0:0a:65:0c:8a:
f8:b3:8c:01:9c:52:d5:1c:fd:28:cb:4c:fc:13:88:
e1:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:18:0D:FF:73:1A:65:8A:C2:72:3C:94:08:50:F9:D8:78:CD:4F:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcb67d7c-7aab-4a02-ad70-18aaf3211bb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/19
Signature Algorithm: sha256WithRSAEncryption
81:53:4e:66:9c:92:3b:2d:5f:6c:f1:58:92:03:25:f6:ef:ff:
b9:4b:0e:92:05:67:f6:15:b7:1b:f1:19:bf:e7:41:72:56:fe:
5c:07:43:1e:33:4a:74:a8:ab:e5:3e:2a:a0:b0:de:b4:d0:65:
d4:cc:c0:04:76:fe:34:17:a5:57:28:57:7f:48:ed:54:3d:16:
6c:12:ee:ba:32:84:98:4a:7e:b3:63:3f:c3:bf:d1:7e:8d:9e:
52:b6:66:95:d3:af:0f:32:97:c0:e8:fd:cf:8e:21:b4:06:bb:
a9:07:75:ba:87:04:73:d5:85:e4:e6:cb:3a:27:b3:bd:eb:35:
57:2d:61:d3:03:b3:f4:c0:82:40:b1:41:ca:4d:c0:3f:51:dc:
d8:3e:a7:a5:c5:65:95:bd:7e:3f:87:1f:6e:6d:96:ea:cf:bb:
88:fb:9b:70:3e:36:b3:1f:58:fb:11:c2:67:ae:ea:0c:fb:be:
3a:b0:97:97:ca:8f:db:52:7e:9b:21:76:1c:85:23:e4:21:bd:
41:7e:13:1b:10:28:63:e0:af:7d:0a:8f:ce:47:62:36:5b:e0:
9b:55:1a:bf:5a:44:fa:93:f5:68:51:9a:8d:c5:ca:0e:b7:c8:
23:0f:27:0c:07:61:94:e1:55:c3:40:bd:31:da:0f:3e:60:58:
63:db:19:11
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUK3dnq10JZNMBZdqjibZM4tq2bCwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiMTEyYjJlMDU5NThiYzAwMDYxYmFjYWVlZTMzN2YyNmNiMmM5MDhjZGZj
Y2YxODg1NWFhMjI4OWYxZmNiNWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0R1pGYcphw2W4v+CevwoCp40PBF0yaUwqm8sqqlxFL/iMQQW0iTsaXxBKo
/NlpfYMSqxRpK4CzSSWlJKUcJ/sa7P+BKWOfdJINXyodI9TigDKpdcXa8trCJY6r
292uuoJNAfGxBLDzHf02TvwsM73hGJvSGFeLd4ufh+cjn18JRz0Wa34Nvp1ZSB0f
nj1IcogEA3+w/oPn5QuCnQsdmWZftXck+cejyc57cE+f6LYcGp3KD6SvC39J+B5y
f5LibK+J8tVYxSlF8wAStSjqltZ/apEVe+OFZ53TpIjLdLo32iw6mx4qiVxd0cAK
ZQyK+LOMAZxS1Rz9KMtM/BOI4SsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSjGA3/
cxplisJyPJQIUPnYeM1PjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmNiNjdkN2MtN2FhYi00YTAyLWFkNzAtMThhYWYzMjExYmI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAgVNOZpySOy1fbPFYkgMl9u//uUsOkgVn9hW3G/EZ
v+dBclb+XAdDHjNKdKir5T4qoLDetNBl1MzABHb+NBelVyhXf0jtVD0WbBLuujKE
mEp+s2M/w7/Rfo2eUrZmldOvDzKXwOj9z44htAa7qQd1uocEc9WF5ObLOiezves1
Vy1h0wOz9MCCQLFByk3AP1Hc2D6npcVllb1+P4cfbm2W6s+7iPubcD42sx9Y+xHC
Z67qDPu+OrCXl8qP21J+myF2HIUj5CG9QX4TGxAoY+CvfQqPzkdiNlvgm1Uav1pE
+pP1aFGajcXKDrfIIw8nDAdhlOFVw0C9MdoPPmBYY9sZEQ==
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:27 2024 by rpki-client on console-ams.rpki-client.org