Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93bac90f-06a1-497f-b636-077944272223.roa
File: 93bac90f-06a1-497f-b636-077944272223.roa (raw, json)
Hash identifier: XQCabd8H3Y8/9oL9+lMTa6MwgphRINra763aKn4ZsEE=
Subject key identifier: E2:08:25:09:0C:FA:43:E2:7D:93:ED:D3:C9:11:9E:FF:7D:45:9A:DA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 514B577345C78D80FBCFA8B500EDE42E1773DF9E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93bac90f-06a1-497f-b636-077944272223.roa
Signing time: Fri 24 May 2024 00:00:00 +0000
ROA not before: Fri 24 May 2024 00:00:00 +0000
ROA not after: Fri 28 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d070:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:4b:57:73:45:c7:8d:80:fb:cf:a8:b5:00:ed:e4:2e:17:73:df:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 24 00:00:00 2024 GMT
Not After : Jun 28 23:59:59 2024 GMT
Subject: serialNumber=cbeec2f150cb27404feb497080d08b6921723b7330f711252cfa9281a7862636, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:98:fd:11:aa:21:6c:fd:a3:5d:d6:f9:1b:f2:
ec:c2:47:dd:ac:2c:2a:39:68:04:3e:cb:bd:8c:44:
a3:47:92:75:6f:5f:63:26:50:f6:cf:1c:63:a9:25:
09:53:fa:1f:9b:1f:88:1b:e2:d4:25:df:12:21:08:
a3:54:b2:54:28:2d:43:88:f1:f4:f6:0b:b1:2b:fb:
1e:06:5e:c3:80:a5:16:1c:72:bc:af:f0:ca:32:f2:
b0:b1:0b:97:41:9f:b4:2b:b4:39:a4:99:37:2d:8d:
45:a7:b8:94:0b:c1:1c:52:5f:9a:63:e7:f5:66:b9:
78:de:30:51:e9:e7:65:9f:8b:8d:f1:0b:07:a6:cc:
89:de:76:b7:63:d0:67:3f:81:5b:a6:f8:55:85:7b:
d1:3e:a6:86:df:30:be:28:a2:74:28:e0:4c:01:41:
02:d5:58:42:a4:05:bb:e8:65:d2:54:89:2f:31:9c:
7f:5b:39:51:9f:06:a4:bb:11:99:1f:36:24:ca:62:
3e:24:46:56:6a:a3:0c:c6:3d:a9:e6:ca:c9:ad:a2:
05:19:2c:6b:ed:6c:fe:05:7b:a2:20:1a:b5:23:fd:
40:41:8f:c5:52:43:e8:99:1e:de:c1:2b:41:29:2a:
bd:81:ba:80:8b:22:fd:14:d4:23:d4:2f:a7:58:5a:
d3:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:08:25:09:0C:FA:43:E2:7D:93:ED:D3:C9:11:9E:FF:7D:45:9A:DA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93bac90f-06a1-497f-b636-077944272223.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d070:e000::/40
Signature Algorithm: sha256WithRSAEncryption
0d:b4:e0:5d:ca:b5:8c:4c:8d:3a:ad:bb:a4:f4:45:59:0d:99:
62:5e:e3:07:94:cc:23:bb:1f:c4:da:60:e6:42:67:39:83:5e:
95:d9:b8:64:57:1a:bb:eb:2f:eb:f2:bb:12:25:0c:fd:90:d2:
4f:2e:31:68:65:5c:d1:69:a5:7e:b9:85:a6:a2:c1:9f:b0:f9:
03:e3:80:b3:ad:05:f6:2e:b1:1d:7e:76:72:dd:33:76:80:1a:
28:29:2e:14:19:56:e4:d3:eb:a1:1c:73:d7:ca:08:62:5e:86:
ba:3c:1c:6b:f3:12:39:c0:2b:77:19:f7:5f:ce:80:1c:ee:39:
05:03:fe:f0:5a:26:1c:bb:85:ba:68:04:7c:70:99:6f:a0:4c:
cb:93:07:17:3f:5e:52:61:5e:82:0f:30:29:f0:2a:7b:db:99:
d3:0e:9b:0a:31:31:39:52:37:56:bb:a1:c1:5d:6b:ce:cc:82:
fc:80:6f:1b:9c:54:19:e0:32:ed:0f:29:38:fb:eb:c6:46:6f:
01:b1:e9:89:61:82:6a:a5:3e:9a:72:3b:45:a2:5e:8c:75:fc:
6b:da:b2:6a:e0:7c:70:b1:5d:4a:d9:0b:3e:2a:84:06:d1:a9:
18:c3:a6:a4:f3:b0:58:96:4f:ef:25:9e:5a:92:a2:eb:b4:f1:
fb:3a:d5:34
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUUtXc0XHjYD7z6i1AO3kLhdz354wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA1MjQwMDAwMDBaFw0yNDA2MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiZWVjMmYxNTBjYjI3NDA0ZmViNDk3MDgwZDA4YjY5MjE3MjNiNzMzMGY3
MTEyNTJjZmE5MjgxYTc4NjI2MzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKaY/RGqIWz9o13W+Rvy7MJH3awsKjloBD7LvYxEo0eSdW9fYyZQ9s8cY6kl
CVP6H5sfiBvi1CXfEiEIo1SyVCgtQ4jx9PYLsSv7HgZew4ClFhxyvK/wyjLysLEL
l0GftCu0OaSZNy2NRae4lAvBHFJfmmPn9Wa5eN4wUennZZ+LjfELB6bMid52t2PQ
Zz+BW6b4VYV70T6mht8wviiidCjgTAFBAtVYQqQFu+hl0lSJLzGcf1s5UZ8GpLsR
mR82JMpiPiRGVmqjDMY9qebKya2iBRksa+1s/gV7oiAatSP9QEGPxVJD6Jke3sEr
QSkqvYG6gIsi/RTUI9Qvp1ha03UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTiCCUJ
DPpD4n2T7dPJEZ7/fUWa2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTNiYWM5MGYtMDZhMS00OTdmLWI2MzYtMDc3OTQ0MjcyMjIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HDg
MA0GCSqGSIb3DQEBCwUAA4IBAQANtOBdyrWMTI06rbuk9EVZDZliXuMHlMwjux/E
2mDmQmc5g16V2bhkVxq76y/r8rsSJQz9kNJPLjFoZVzRaaV+uYWmosGfsPkD44Cz
rQX2LrEdfnZy3TN2gBooKS4UGVbk0+uhHHPXyghiXoa6PBxr8xI5wCt3GfdfzoAc
7jkFA/7wWiYcu4W6aAR8cJlvoEzLkwcXP15SYV6CDzAp8Cp725nTDpsKMTE5UjdW
u6HBXWvOzIL8gG8bnFQZ4DLtDyk4++vGRm8BsemJYYJqpT6acjtFol6Mdfxr2rJq
4HxwsV1K2Qs+KoQG0akYw6ak87BYlk/vJZ5akqLrtPH7OtU0
-----END CERTIFICATE-----
Generated at Sun Jun 2 01:38:08 2024 by rpki-client on console-ams.rpki-client.org