Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/533769c8-002c-491c-9b99-324fe9f5743c.roa
File: 533769c8-002c-491c-9b99-324fe9f5743c.roa (raw, json)
Hash identifier: Derd+HjYs9p0jMAhBb6vmO8tdkaoDCN99MyuVzjpADQ=
Subject key identifier: FA:EA:1E:06:A9:3C:FD:DA:AA:8C:05:78:5A:6B:CE:94:A4:F2:18:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 377C84D9CDF121E048FC506FE41C1999B96658C7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/533769c8-002c-491c-9b99-324fe9f5743c.roa
Signing time: Fri 24 May 2024 00:00:00 +0000
ROA not before: Fri 24 May 2024 00:00:00 +0000
ROA not after: Fri 28 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d022::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:7c:84:d9:cd:f1:21:e0:48:fc:50:6f:e4:1c:19:99:b9:66:58:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 24 00:00:00 2024 GMT
Not After : Jun 28 23:59:59 2024 GMT
Subject: serialNumber=502ea6c5d94ae7ee187b6a37afaa866d4c8cb480078c6052384088bb698d1c67, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:64:5d:6c:49:84:a0:44:98:f1:eb:4a:ed:24:
aa:33:21:20:d3:2e:8d:c6:c8:60:9c:c5:9c:4e:ac:
4c:33:d4:e5:33:4a:6f:79:dc:c8:0a:5a:a3:d1:d7:
11:fc:f6:c3:b2:06:f4:ea:ac:2c:fc:5c:aa:2d:97:
49:5c:9b:af:ca:93:8c:81:9e:99:92:30:5d:c9:a1:
20:68:0f:85:8f:13:1c:07:0f:f9:14:f3:a8:8e:97:
1c:23:47:ab:10:6d:f4:c3:a3:a7:98:a8:d8:5f:5d:
53:e3:c5:61:40:f3:1d:0f:36:80:68:eb:ea:0b:a0:
53:99:de:5d:c6:f1:5d:63:fa:19:e4:18:40:e3:08:
bd:8d:56:21:dd:13:1b:15:fb:45:b9:9e:ab:a2:25:
b3:7d:05:9c:8b:34:61:f9:59:c0:9c:80:77:43:d8:
50:f7:0a:da:9a:a7:e7:ee:25:cb:89:13:9d:eb:a1:
33:ec:d2:c5:55:05:4f:8e:29:c2:cd:d8:81:f4:c3:
10:9b:72:87:95:98:59:e1:4f:1f:e5:78:a4:e5:c8:
82:9b:0e:26:28:09:30:2d:a3:da:f9:f8:c8:ac:3c:
ba:28:8c:e4:b0:28:03:0c:82:d7:a3:25:ff:79:41:
58:77:47:7c:f1:c8:b2:c2:25:e1:ab:04:cb:3a:de:
e5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:EA:1E:06:A9:3C:FD:DA:AA:8C:05:78:5A:6B:CE:94:A4:F2:18:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/533769c8-002c-491c-9b99-324fe9f5743c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d022::/36
Signature Algorithm: sha256WithRSAEncryption
51:31:66:b0:22:aa:0b:9f:80:f7:c1:c9:4b:30:b9:ad:ac:d4:
60:0f:7e:e5:54:cd:ac:44:88:59:6e:e2:e7:4f:8d:92:22:93:
ad:b3:1d:b3:d6:a2:4d:51:8e:b3:f0:43:e4:76:12:34:17:14:
7d:67:20:25:1b:81:08:79:6a:8b:f6:79:f2:25:cd:4b:00:47:
c3:3e:fd:e0:f5:e9:11:cd:5c:2c:95:83:80:e7:7d:7b:47:32:
4e:ed:76:06:13:14:71:fc:d2:34:d0:8f:5b:bd:55:ff:60:a9:
cb:f8:c7:ed:76:47:a0:68:70:5f:7c:21:d7:f5:a2:13:6c:b4:
58:4a:b2:1e:05:25:c4:81:87:06:ca:cd:77:53:39:f0:9b:11:
b0:1c:47:7e:f7:9a:ae:85:86:0a:61:5c:ae:67:1e:0f:a9:0f:
e4:64:83:0e:9a:da:1b:f5:b9:37:fa:24:6d:03:89:1d:7c:2b:
51:26:28:ea:0c:83:7b:03:7c:bb:40:0a:a3:49:1b:71:69:1d:
5f:e7:a7:5e:b8:0a:e8:81:70:94:8e:59:93:a5:0c:33:f7:2e:
66:60:d2:5d:1e:3b:11:c8:01:c1:0f:2d:71:95:ab:72:89:b3:
13:ca:f7:b0:60:0c:e9:42:60:a8:5b:78:62:b5:74:1c:80:ef:
4a:86:f1:e9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUN3yE2c3xIeBI/FBv5BwZmblmWMcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA1MjQwMDAwMDBaFw0yNDA2MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwMmVhNmM1ZDk0YWU3ZWUxODdiNmEzN2FmYWE4NjZkNGM4Y2I0ODAwNzhj
NjA1MjM4NDA4OGJiNjk4ZDFjNjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANNkXWxJhKBEmPHrSu0kqjMhINMujcbIYJzFnE6sTDPU5TNKb3ncyApao9HX
Efz2w7IG9OqsLPxcqi2XSVybr8qTjIGemZIwXcmhIGgPhY8THAcP+RTzqI6XHCNH
qxBt9MOjp5io2F9dU+PFYUDzHQ82gGjr6gugU5neXcbxXWP6GeQYQOMIvY1WId0T
GxX7Rbmeq6Ils30FnIs0YflZwJyAd0PYUPcK2pqn5+4ly4kTneuhM+zSxVUFT44p
ws3YgfTDEJtyh5WYWeFPH+V4pOXIgpsOJigJMC2j2vn4yKw8uiiM5LAoAwyC16Ml
/3lBWHdHfPHIssIl4asEyzre5ekCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT66h4G
qTz92qqMBXhaa86UpPIYczAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTMzNzY5YzgtMDAyYy00OTFjLTliOTktMzI0ZmU5ZjU3NDNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CIA
MA0GCSqGSIb3DQEBCwUAA4IBAQBRMWawIqoLn4D3wclLMLmtrNRgD37lVM2sRIhZ
buLnT42SIpOtsx2z1qJNUY6z8EPkdhI0FxR9ZyAlG4EIeWqL9nnyJc1LAEfDPv3g
9ekRzVwslYOA5317RzJO7XYGExRx/NI00I9bvVX/YKnL+MftdkegaHBffCHX9aIT
bLRYSrIeBSXEgYcGys13UznwmxGwHEd+95quhYYKYVyuZx4PqQ/kZIMOmtob9bk3
+iRtA4kdfCtRJijqDIN7A3y7QAqjSRtxaR1f56deuArogXCUjlmTpQwz9y5mYNJd
HjsRyAHBDy1xlatyibMTyvewYAzpQmCoW3hitXQcgO9KhvHp
-----END CERTIFICATE-----
Generated at Sun Jun 2 01:00:50 2024 by rpki-client on console-fra.rpki-client.org