Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a75eda97-cc53-4a04-9991-af2bfeeed825.roa
File: a75eda97-cc53-4a04-9991-af2bfeeed825.roa (raw, json)
Hash identifier: J9Et1pjT2IhWTH5+L0ULzX81U1zVVuGBBh2x0HpeiiM=
Subject key identifier: 8E:FA:66:A8:04:BA:07:1C:3B:A9:CE:86:C5:94:D6:96:1F:04:FD:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 70A793C17CA03D4789C439ABE8C35BDA2682BAA9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a75eda97-cc53-4a04-9991-af2bfeeed825.roa
Signing time: Fri 24 May 2024 00:00:00 +0000
ROA not before: Fri 24 May 2024 00:00:00 +0000
ROA not after: Fri 28 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d070:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:a7:93:c1:7c:a0:3d:47:89:c4:39:ab:e8:c3:5b:da:26:82:ba:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 24 00:00:00 2024 GMT
Not After : Jun 28 23:59:59 2024 GMT
Subject: serialNumber=0968edda26cb61184dedfbc13bd8e9bdf96fbb0469e1c3a6de27793b7032e151, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:24:10:91:bd:00:d4:fe:51:79:19:1e:c1:df:
0c:29:78:0f:14:44:24:bc:83:a3:3f:59:9d:37:e9:
4e:20:1a:0e:23:db:38:02:bd:72:8c:fe:93:eb:b5:
69:64:d7:a5:fc:73:d2:23:1a:05:24:15:d1:eb:45:
d5:3a:2d:bc:62:fc:b8:1c:04:d3:c9:6f:24:24:9e:
75:7a:d3:d2:d5:88:0f:2c:91:57:bf:d8:34:3b:a8:
14:0c:8a:13:6a:94:dc:9f:ef:af:50:10:27:e6:ba:
bb:6a:19:07:5a:14:ff:03:41:43:96:21:59:5a:71:
16:31:63:54:b7:37:c2:d6:c0:71:f6:8c:6d:3a:6e:
2a:29:b8:6d:ba:2a:b2:0d:6d:af:f5:36:e5:90:a6:
77:dd:fb:96:16:d0:9c:26:05:5c:bb:a6:38:4a:f0:
f8:d4:0f:81:a1:06:ef:a5:8f:ab:aa:d9:90:71:7d:
ef:66:e5:b7:76:d2:2f:f8:f3:37:87:80:dc:0f:a4:
cd:99:3b:2a:35:8a:2c:3b:98:7a:19:75:8e:d9:c9:
03:e6:56:6b:d0:6d:32:c4:95:7d:98:1c:30:07:ab:
d4:64:84:39:86:9d:eb:d9:31:a9:ee:76:f2:0d:24:
76:65:94:90:bb:ed:70:f8:0d:86:98:d5:5c:ee:7f:
cf:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:FA:66:A8:04:BA:07:1C:3B:A9:CE:86:C5:94:D6:96:1F:04:FD:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a75eda97-cc53-4a04-9991-af2bfeeed825.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d070:9000::/40
Signature Algorithm: sha256WithRSAEncryption
8b:0c:f9:8f:bb:10:a0:c4:d4:a0:f4:11:c5:5d:24:28:bf:8e:
63:65:91:5c:83:ab:16:6f:03:22:c3:e4:08:91:67:a6:40:e3:
30:a2:01:41:4b:bf:5f:85:08:de:12:30:b2:25:5d:c9:22:64:
32:04:d0:53:5f:79:cf:5f:a6:4e:03:35:81:9f:be:8b:bf:fc:
de:90:dc:d1:e2:0a:d2:c4:2c:9e:6d:5c:52:d5:71:63:a8:1e:
3c:a8:b7:91:b9:3a:ec:6a:04:a6:43:fb:f6:5a:fd:d5:4f:4b:
8f:7e:99:72:61:6a:6c:2e:96:98:ac:b4:de:53:35:d5:43:e0:
73:fe:00:c8:91:f0:88:fd:24:a9:a6:66:d9:32:51:5e:93:89:
9e:94:a9:98:c8:52:32:85:4f:e4:71:65:cb:db:39:b0:7b:fb:
ba:a7:db:06:b7:5e:3d:4a:2f:18:99:85:e7:67:b8:4f:e0:94:
37:50:df:67:1b:51:8b:6e:ec:4f:41:9a:2f:06:52:91:ed:9d:
06:1c:eb:f5:df:b8:ca:89:0a:32:84:30:13:38:6e:56:38:b1:
52:a2:ff:56:be:76:fe:ca:bf:ef:b1:44:93:69:9b:86:4f:aa:
9d:64:9b:7b:04:fe:57:d2:e8:31:1c:53:51:ed:a1:b2:3a:2e:
22:e6:c4:50
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcKeTwXygPUeJxDmr6MNb2iaCuqkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA1MjQwMDAwMDBaFw0yNDA2MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5NjhlZGRhMjZjYjYxMTg0ZGVkZmJjMTNiZDhlOWJkZjk2ZmJiMDQ2OWUx
YzNhNmRlMjc3OTNiNzAzMmUxNTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4kEJG9ANT+UXkZHsHfDCl4DxREJLyDoz9ZnTfpTiAaDiPbOAK9coz+k+u1
aWTXpfxz0iMaBSQV0etF1TotvGL8uBwE08lvJCSedXrT0tWIDyyRV7/YNDuoFAyK
E2qU3J/vr1AQJ+a6u2oZB1oU/wNBQ5YhWVpxFjFjVLc3wtbAcfaMbTpuKim4bboq
sg1tr/U25ZCmd937lhbQnCYFXLumOErw+NQPgaEG76WPq6rZkHF972blt3bSL/jz
N4eA3A+kzZk7KjWKLDuYehl1jtnJA+ZWa9BtMsSVfZgcMAer1GSEOYad69kxqe52
8g0kdmWUkLvtcPgNhpjVXO5/z98CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSO+mao
BLoHHDupzobFlNaWHwT9dDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc1ZWRhOTctY2M1My00YTA0LTk5OTEtYWYyYmZlZWVkODI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCLDPmPuxCgxNSg9BHFXSQov45jZZFcg6sWbwMi
w+QIkWemQOMwogFBS79fhQjeEjCyJV3JImQyBNBTX3nPX6ZOAzWBn76Lv/zekNzR
4grSxCyebVxS1XFjqB48qLeRuTrsagSmQ/v2Wv3VT0uPfplyYWpsLpaYrLTeUzXV
Q+Bz/gDIkfCI/SSppmbZMlFek4melKmYyFIyhU/kcWXL2zmwe/u6p9sGt149Si8Y
mYXnZ7hP4JQ3UN9nG1GLbuxPQZovBlKR7Z0GHOv137jKiQoyhDATOG5WOLFSov9W
vnb+yr/vsUSTaZuGT6qdZJt7BP5X0ugxHFNR7aGyOi4i5sRQ
-----END CERTIFICATE-----
Generated at Sun Jun 2 01:38:09 2024 by rpki-client on console-ams.rpki-client.org