Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f3b212e-99ea-437f-8284-aae55df5f2b3.roa
File: 0f3b212e-99ea-437f-8284-aae55df5f2b3.roa (raw, json)
Hash identifier: JIHrz6k819TslOg7GMm2m9YaHdnWEvE/pu6/HJZ3/o0=
Subject key identifier: 44:05:A4:8B:D7:B3:99:7E:35:48:F6:14:27:80:DB:88:6F:BE:17:95
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 507BA28C3B934ED2A83B8EBCB85CE87339C27CBB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f3b212e-99ea-437f-8284-aae55df5f2b3.roa
Signing time: Fri 24 May 2024 00:00:00 +0000
ROA not before: Fri 24 May 2024 00:00:00 +0000
ROA not after: Fri 28 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:7b:a2:8c:3b:93:4e:d2:a8:3b:8e:bc:b8:5c:e8:73:39:c2:7c:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 24 00:00:00 2024 GMT
Not After : Jun 28 23:59:59 2024 GMT
Subject: serialNumber=6ee8b3830c91d550f93723c3bcada29a457d23104945bf12edfe101076ba83e2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:61:2b:20:64:07:b8:b9:62:e3:8a:3f:80:87:
2b:ea:ac:3a:ac:cb:1f:72:3a:fa:26:e9:5f:0c:99:
86:92:18:b1:bc:98:e0:34:f5:3e:9a:47:00:0b:05:
86:91:b5:f7:87:b3:c6:d3:a0:70:b0:3b:f8:7d:f2:
42:75:aa:96:38:c0:81:95:c1:56:d5:91:7c:e5:28:
d2:2b:8b:cc:06:17:a8:50:61:ee:c3:bb:79:3c:f0:
b2:ef:97:63:1f:4d:d4:65:6e:34:e9:f9:f4:ea:5e:
c2:b2:8a:25:28:c8:e5:fa:80:e5:d1:a2:07:63:04:
b0:2b:15:a2:06:63:a6:51:c8:4e:4b:98:a5:5c:f0:
ce:61:6e:8c:7f:5b:f5:0f:ae:5b:28:4f:a1:1a:ff:
fe:a0:ab:ee:d5:68:a1:3c:21:bd:30:4b:4d:6c:b0:
5d:8d:42:e1:5a:c3:7d:f5:26:b4:ea:7b:14:4c:15:
7b:ef:85:39:63:d8:42:12:c1:48:0f:10:6f:29:a7:
82:c6:b7:dc:f8:69:e4:61:c1:ed:ce:87:eb:ae:e2:
3d:da:90:f1:d1:e5:b6:f8:80:ee:05:af:ad:bb:40:
68:59:e2:e7:d0:c6:9a:d4:b2:c5:70:83:df:cf:46:
23:35:5e:bb:02:c3:4c:0b:22:10:8e:9b:87:99:fd:
29:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:05:A4:8B:D7:B3:99:7E:35:48:F6:14:27:80:DB:88:6F:BE:17:95
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f3b212e-99ea-437f-8284-aae55df5f2b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c:4000::/40
Signature Algorithm: sha256WithRSAEncryption
29:aa:3a:6c:a7:39:a2:58:39:a2:ca:0d:42:7f:58:82:71:da:
93:95:1c:1b:5a:10:be:45:67:0f:2f:16:15:84:27:22:c6:0c:
54:f5:06:99:27:03:e2:7c:08:fc:9a:2f:ce:87:ae:11:66:d0:
92:d9:53:0d:b3:0d:ce:f4:08:d4:11:79:da:e6:77:17:ac:f4:
a0:45:77:11:35:5a:d1:05:ac:e8:c8:e3:2d:6a:af:f1:5d:1c:
db:ab:b8:6d:2c:d2:aa:c5:8f:38:e2:25:7d:85:e0:d0:10:0d:
e6:fa:0b:77:4f:18:20:ba:63:64:05:04:b7:c4:79:47:a9:89:
02:db:a7:e0:0e:8f:74:87:38:67:12:f9:67:5e:29:13:15:18:
cd:88:2b:f0:24:84:14:2e:11:e0:c7:b7:98:09:f4:ee:ee:54:
73:39:51:ee:57:93:a5:6f:71:00:b5:63:fa:a7:08:02:ac:af:
d7:31:3d:a5:c5:65:88:8b:a4:ce:7a:40:73:5a:43:82:4c:f0:
4f:3b:72:30:ad:95:bb:4f:b0:16:ca:88:e1:e7:7d:d5:7f:00:
fd:c7:8b:95:df:25:94:66:87:13:12:b5:6b:15:41:d3:f8:90:
1a:0a:ae:01:ea:46:18:5b:9a:17:a0:99:ac:10:64:81:53:23:
49:47:d4:53
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUHuijDuTTtKoO468uFzocznCfLswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA1MjQwMDAwMDBaFw0yNDA2MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDZlZThiMzgzMGM5MWQ1NTBmOTM3MjNjM2JjYWRhMjlhNDU3ZDIzMTA0OTQ1
YmYxMmVkZmUxMDEwNzZiYTgzZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJhKyBkB7i5YuOKP4CHK+qsOqzLH3I6+ibpXwyZhpIYsbyY4DT1PppHAAsF
hpG194ezxtOgcLA7+H3yQnWqljjAgZXBVtWRfOUo0iuLzAYXqFBh7sO7eTzwsu+X
Yx9N1GVuNOn59OpewrKKJSjI5fqA5dGiB2MEsCsVogZjplHITkuYpVzwzmFujH9b
9Q+uWyhPoRr//qCr7tVooTwhvTBLTWywXY1C4VrDffUmtOp7FEwVe++FOWPYQhLB
SA8Qbymngsa33Php5GHB7c6H667iPdqQ8dHltviA7gWvrbtAaFni59DGmtSyxXCD
389GIzVeuwLDTAsiEI6bh5n9KekCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBREBaSL
17OZfjVI9hQngNuIb74XlTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGYzYjIxMmUtOTllYS00MzdmLTgyODQtYWFlNTVkZjVmMmIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HxA
MA0GCSqGSIb3DQEBCwUAA4IBAQApqjpspzmiWDmiyg1Cf1iCcdqTlRwbWhC+RWcP
LxYVhCcixgxU9QaZJwPifAj8mi/Oh64RZtCS2VMNsw3O9AjUEXna5ncXrPSgRXcR
NVrRBazoyOMtaq/xXRzbq7htLNKqxY844iV9heDQEA3m+gt3TxggumNkBQS3xHlH
qYkC26fgDo90hzhnEvlnXikTFRjNiCvwJIQULhHgx7eYCfTu7lRzOVHuV5Olb3EA
tWP6pwgCrK/XMT2lxWWIi6TOekBzWkOCTPBPO3IwrZW7T7AWyojh533VfwD9x4uV
3yWUZocTErVrFUHT+JAaCq4B6kYYW5oXoJmsEGSBUyNJR9RT
-----END CERTIFICATE-----
Generated at Sun Jun 2 01:00:50 2024 by rpki-client on console-fra.rpki-client.org