Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ef44119-0cae-4a43-ad5a-98103c19e39b.roa
File: 1ef44119-0cae-4a43-ad5a-98103c19e39b.roa (raw, json)
Hash identifier: Byn1WrpfBwAcP58DRmZpwWl56aT5HOM8uo+vbLk2Et0=
Subject key identifier: F1:CB:A9:AE:51:22:49:91:23:8C:73:62:52:DA:F2:76:B2:AB:EE:1C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 55C125A94935244F6174451AFCF8BE22F6A95EEE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ef44119-0cae-4a43-ad5a-98103c19e39b.roa
Signing time: Fri 24 May 2024 00:00:00 +0000
ROA not before: Fri 24 May 2024 00:00:00 +0000
ROA not after: Fri 28 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:c1:25:a9:49:35:24:4f:61:74:45:1a:fc:f8:be:22:f6:a9:5e:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 24 00:00:00 2024 GMT
Not After : Jun 28 23:59:59 2024 GMT
Subject: serialNumber=30e60d76ea9b34a23ad17f36fbffa6f71e811e828fcd2b8f9ee02b7af0472b48, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:42:17:1e:ce:ee:fc:f9:f8:0a:7a:6f:37:f7:
b0:44:a5:92:98:da:12:3b:fb:bd:03:29:30:0d:13:
a9:b8:bb:0b:a8:0e:6a:2c:0b:72:5e:50:88:21:ef:
16:95:14:0d:23:d8:bc:ab:fe:1a:da:33:c8:4c:47:
65:05:ab:b7:ad:5f:39:9e:cb:8a:85:c3:e2:13:93:
e6:60:8b:8d:c9:86:84:f1:c4:8b:8a:3b:94:0e:e8:
20:5b:20:e2:ac:50:0e:ac:4f:63:2b:fd:c3:f3:0c:
74:c2:ee:ec:9a:92:b6:02:a1:2d:c5:35:34:ce:86:
b6:39:2f:cd:e7:de:62:48:09:cb:42:67:90:d7:38:
e2:f3:4c:9c:58:5a:c6:35:10:aa:ca:dc:b6:e9:35:
36:79:8a:7b:60:37:c9:c7:f9:f0:3b:f2:80:ce:ed:
17:e6:b5:db:cd:7a:6c:c9:6f:24:7a:70:e0:43:bd:
9c:6a:35:a7:b8:d2:92:2c:4e:bc:87:27:ea:34:39:
95:82:05:7e:da:d0:04:35:eb:e9:dc:bd:89:f1:aa:
0d:0a:04:72:3f:b7:d6:ba:b5:9c:18:51:bc:10:d8:
4a:14:ab:31:0d:7a:d0:3d:28:1a:f0:97:4a:20:db:
86:34:9c:fd:15:30:48:92:e3:d8:31:9d:65:a4:2a:
d9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:CB:A9:AE:51:22:49:91:23:8C:73:62:52:DA:F2:76:B2:AB:EE:1C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ef44119-0cae-4a43-ad5a-98103c19e39b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:e000::/40
Signature Algorithm: sha256WithRSAEncryption
40:0a:0f:13:fd:12:ed:01:ea:f5:db:3c:e0:a9:b0:8e:fa:41:
5a:7f:d6:c2:38:c4:91:2f:65:93:df:e9:b8:52:5e:0d:30:9b:
72:eb:97:3c:be:4c:b7:a4:06:a1:4f:52:43:35:3c:62:7e:48:
8a:44:30:7d:0b:1f:e5:bd:1b:81:0d:09:6d:ef:ec:74:0d:e5:
f1:ef:f5:fb:37:94:76:f6:02:5a:53:5f:cd:e5:fd:ca:4c:59:
c2:71:5a:69:df:f5:4a:20:37:8c:a5:7d:11:00:b7:a6:48:3d:
b6:57:d6:c6:19:a5:61:5f:e6:54:f9:94:85:7b:7b:55:ff:0b:
9f:0b:9c:d7:e1:74:d1:89:a3:89:29:29:5b:39:1f:fd:a6:c8:
49:8e:52:01:df:8d:98:e9:09:76:8b:b7:e3:5e:4a:f6:52:af:
e8:43:d1:f4:0e:1c:85:9b:42:48:23:10:3d:39:53:8b:87:39:
82:7f:d3:40:61:eb:65:ab:55:0d:4f:9b:a7:cc:5a:ee:10:05:
79:72:95:06:a2:a2:f9:d0:49:3a:40:03:12:c4:73:62:69:86:
93:27:66:f8:2b:8e:af:35:4c:7c:f7:06:ed:0c:b5:6f:77:92:
ae:77:77:a5:8d:01:07:1c:4d:02:3d:3c:7f:7c:a3:07:96:c9:
69:2b:ff:95
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVcElqUk1JE9hdEUa/Pi+IvapXu4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA1MjQwMDAwMDBaFw0yNDA2MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwZTYwZDc2ZWE5YjM0YTIzYWQxN2YzNmZiZmZhNmY3MWU4MTFlODI4ZmNk
MmI4ZjllZTAyYjdhZjA0NzJiNDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5CFx7O7vz5+Ap6bzf3sESlkpjaEjv7vQMpMA0Tqbi7C6gOaiwLcl5QiCHv
FpUUDSPYvKv+GtozyExHZQWrt61fOZ7LioXD4hOT5mCLjcmGhPHEi4o7lA7oIFsg
4qxQDqxPYyv9w/MMdMLu7JqStgKhLcU1NM6GtjkvzefeYkgJy0JnkNc44vNMnFha
xjUQqsrctuk1NnmKe2A3ycf58DvygM7tF+a12816bMlvJHpw4EO9nGo1p7jSkixO
vIcn6jQ5lYIFftrQBDXr6dy9ifGqDQoEcj+31rq1nBhRvBDYShSrMQ160D0oGvCX
SiDbhjSc/RUwSJLj2DGdZaQq2QsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTxy6mu
USJJkSOMc2JS2vJ2sqvuHDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWVmNDQxMTktMGNhZS00YTQzLWFkNWEtOTgxMDNjMTllMzliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HLg
MA0GCSqGSIb3DQEBCwUAA4IBAQBACg8T/RLtAer12zzgqbCO+kFaf9bCOMSRL2WT
3+m4Ul4NMJty65c8vky3pAahT1JDNTxifkiKRDB9Cx/lvRuBDQlt7+x0DeXx7/X7
N5R29gJaU1/N5f3KTFnCcVpp3/VKIDeMpX0RALemSD22V9bGGaVhX+ZU+ZSFe3tV
/wufC5zX4XTRiaOJKSlbOR/9pshJjlIB342Y6Ql2i7fjXkr2Uq/oQ9H0DhyFm0JI
IxA9OVOLhzmCf9NAYetlq1UNT5unzFruEAV5cpUGoqL50Ek6QAMSxHNiaYaTJ2b4
K46vNUx89wbtDLVvd5Kud3eljQEHHE0CPTx/fKMHlslpK/+V
-----END CERTIFICATE-----
Generated at Sun Jun 2 01:38:07 2024 by rpki-client on console-ams.rpki-client.org