Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a0bbc81-c72e-4bc3-aa05-9e9aee8f319e.roa
File: 1a0bbc81-c72e-4bc3-aa05-9e9aee8f319e.roa (raw, json)
Hash identifier: aI0BPJYFUchx3Pm1pJtF+Dzvmzq2gbu5b5uqp+RaC8w=
Subject key identifier: 47:96:0E:EA:84:63:06:71:3A:28:D8:6D:04:94:AC:A9:83:6A:31:16
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 58E79F8191586785234035BFEDD5AAC7504E797F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a0bbc81-c72e-4bc3-aa05-9e9aee8f319e.roa
Signing time: Fri 24 May 2024 00:00:00 +0000
ROA not before: Fri 24 May 2024 00:00:00 +0000
ROA not after: Fri 28 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:e7:9f:81:91:58:67:85:23:40:35:bf:ed:d5:aa:c7:50:4e:79:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 24 00:00:00 2024 GMT
Not After : Jun 28 23:59:59 2024 GMT
Subject: serialNumber=4fe915f2274722cc0f0fb0aba376ddd798bec5e71423f3ea5ba0bd7605f405a1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2b:f5:7d:46:3e:b6:c4:91:a9:28:45:a6:ba:
38:e3:c9:b9:d8:3c:fb:5b:fd:12:cf:a5:c6:ea:71:
de:a0:16:07:62:18:2c:e5:2f:8d:94:2f:64:93:dc:
1e:58:7e:13:c8:b7:25:4f:26:df:5f:03:ff:e1:ea:
cb:4b:48:8a:35:a2:11:af:c0:b4:8a:40:61:d0:ae:
ed:ec:e2:5d:58:24:50:bd:26:99:55:95:dd:a7:72:
00:0a:fe:f3:c5:bb:37:ac:29:67:51:1b:16:ab:36:
9f:9d:70:05:6f:75:21:e7:6f:fa:5d:8e:8d:71:8b:
f2:d0:55:cc:24:2b:5c:b3:5c:8a:02:fc:7f:e1:85:
2a:18:76:ba:e9:13:a6:55:cb:41:b5:3c:89:95:e3:
72:2d:73:5a:81:00:8f:e2:47:04:de:6f:5b:78:86:
1d:01:0b:94:0a:68:31:04:89:ef:09:31:f2:01:7a:
55:99:95:c3:27:45:fa:d7:ad:7c:8f:06:d6:25:5a:
93:b5:2f:bc:4f:39:66:37:98:27:ed:53:29:69:c0:
ae:8e:19:65:3c:d1:e7:5a:4a:81:8d:08:ac:21:26:
b9:a6:43:81:42:ea:20:99:70:16:78:da:c2:0e:76:
8a:64:13:89:2f:52:50:2a:e4:1c:3b:ea:c4:bb:87:
d2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:96:0E:EA:84:63:06:71:3A:28:D8:6D:04:94:AC:A9:83:6A:31:16
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a0bbc81-c72e-4bc3-aa05-9e9aee8f319e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e000::/40
Signature Algorithm: sha256WithRSAEncryption
35:dc:d7:0c:83:15:da:0f:3b:ef:d6:b1:49:1b:47:88:b4:71:
6e:fb:81:29:67:9b:54:2a:ea:9b:71:e6:84:08:75:f9:79:e2:
d2:4d:95:a1:49:43:2b:df:08:50:90:ae:67:a7:d1:50:82:7d:
81:d4:85:90:49:c6:3f:eb:5a:38:92:f6:38:64:97:23:0c:17:
75:67:c7:0b:39:21:f5:1c:b8:ef:44:a8:a6:be:13:58:d2:0e:
b6:cb:aa:b9:a9:26:07:64:fb:b8:1b:53:5b:8f:72:af:83:b1:
df:28:d7:3d:4a:77:3f:4c:10:db:29:86:e1:fe:80:32:1c:ef:
b6:49:3b:bb:f0:a7:8d:f8:18:d8:a6:00:ce:9d:10:45:1c:3c:
4a:dd:2e:e7:4e:4b:0b:9a:96:65:9a:e8:bf:47:e0:17:34:af:
0b:d4:ae:62:46:31:56:a9:7e:16:3c:24:1e:7d:9d:70:ad:64:
f9:d9:3e:7f:19:0e:27:5f:07:79:8b:48:19:79:bb:92:ae:ca:
f1:17:c2:eb:30:ef:7b:42:21:6f:85:c7:b1:14:88:1a:ba:4a:
71:e1:91:e9:6f:fe:be:64:9b:43:75:da:fe:7b:05:75:09:97:
83:52:02:ee:3a:6f:f0:e0:23:2f:e3:1f:f9:fd:e7:1e:f9:04:
23:a5:43:ac
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWOefgZFYZ4UjQDW/7dWqx1BOeX8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA1MjQwMDAwMDBaFw0yNDA2MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmZTkxNWYyMjc0NzIyY2MwZjBmYjBhYmEzNzZkZGQ3OThiZWM1ZTcxNDIz
ZjNlYTViYTBiZDc2MDVmNDA1YTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMr9X1GPrbEkakoRaa6OOPJudg8+1v9Es+lxupx3qAWB2IYLOUvjZQvZJPc
Hlh+E8i3JU8m318D/+Hqy0tIijWiEa/AtIpAYdCu7eziXVgkUL0mmVWV3adyAAr+
88W7N6wpZ1EbFqs2n51wBW91Iedv+l2OjXGL8tBVzCQrXLNcigL8f+GFKhh2uukT
plXLQbU8iZXjci1zWoEAj+JHBN5vW3iGHQELlApoMQSJ7wkx8gF6VZmVwydF+tet
fI8G1iVak7UvvE85ZjeYJ+1TKWnAro4ZZTzR51pKgY0IrCEmuaZDgULqIJlwFnja
wg52imQTiS9SUCrkHDvqxLuH0vkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRHlg7q
hGMGcToo2G0ElKypg2oxFjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWEwYmJjODEtYzcyZS00YmMzLWFhMDUtOWU5YWVlOGYzMTllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADg
MA0GCSqGSIb3DQEBCwUAA4IBAQA13NcMgxXaDzvv1rFJG0eItHFu+4EpZ5tUKuqb
ceaECHX5eeLSTZWhSUMr3whQkK5np9FQgn2B1IWQScY/61o4kvY4ZJcjDBd1Z8cL
OSH1HLjvRKimvhNY0g62y6q5qSYHZPu4G1Nbj3Kvg7HfKNc9Snc/TBDbKYbh/oAy
HO+2STu78KeN+BjYpgDOnRBFHDxK3S7nTksLmpZlmui/R+AXNK8L1K5iRjFWqX4W
PCQefZ1wrWT52T5/GQ4nXwd5i0gZebuSrsrxF8LrMO97QiFvhcexFIgaukpx4ZHp
b/6+ZJtDddr+ewV1CZeDUgLuOm/w4CMv4x/5/ece+QQjpUOs
-----END CERTIFICATE-----
Generated at Sun Jun 2 01:00:50 2024 by rpki-client on console-fra.rpki-client.org