Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bcc54b09-bf59-4a2e-b56b-ff5ead915cfb.roa
File: bcc54b09-bf59-4a2e-b56b-ff5ead915cfb.roa (raw, json)
Hash identifier: jJkADkVuf7WM5YaOk82nLMVCuGjt6G36MRwgTFBB8MI=
Subject key identifier: A0:BE:AE:DD:81:D3:41:58:B3:5F:C8:88:72:53:9C:49:6F:E6:A9:C1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69946732FE817C4D969FA733BC3238D5936B0759
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bcc54b09-bf59-4a2e-b56b-ff5ead915cfb.roa
Signing time: Wed 29 May 2024 00:00:00 +0000
ROA not before: Wed 29 May 2024 00:00:00 +0000
ROA not after: Wed 03 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:94:67:32:fe:81:7c:4d:96:9f:a7:33:bc:32:38:d5:93:6b:07:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 29 00:00:00 2024 GMT
Not After : Jul 3 23:59:59 2024 GMT
Subject: serialNumber=20fceb780fbfb2ed599af06f567aab40fe63f34eab83a8f91983fdc6c9f0b60e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:94:7c:2b:cb:f3:2d:9c:34:4c:6d:63:18:11:
3a:c4:3a:63:23:f8:68:2d:fb:e7:d9:08:bc:65:e8:
ed:15:83:3f:ee:81:30:90:0f:27:a1:24:cb:1c:df:
2c:db:19:ba:c6:a7:94:00:70:a4:67:26:ed:8c:56:
70:71:d6:1b:65:d9:9f:e9:21:2a:0f:42:0a:cc:be:
83:50:82:54:be:9a:9a:26:5b:33:91:19:eb:ae:49:
54:df:f1:c3:a7:94:a2:4f:f0:e1:ff:f4:76:bf:9d:
ad:ae:06:50:59:dc:75:7d:75:a4:12:aa:6f:8c:bc:
8c:19:db:e5:d5:97:12:e4:d5:cb:e4:e0:2b:12:37:
8e:a6:27:1a:f7:cb:11:94:bc:c5:6e:a1:ed:29:db:
22:21:e1:b1:2c:44:d8:ff:11:98:36:f1:8b:f5:bb:
7d:1f:ad:ef:e6:2e:fc:43:a4:94:df:20:cc:db:41:
64:90:ce:31:61:b2:8a:09:60:7d:53:68:53:f1:ea:
92:33:0e:d6:79:ba:aa:27:ff:48:f5:87:81:79:f7:
6c:42:46:96:64:48:8e:4a:64:a8:2f:4a:d7:84:f1:
4f:97:2b:b6:9f:94:89:f3:6f:50:bc:ac:8d:44:79:
4a:df:70:4c:46:60:9c:ae:95:bf:7f:1d:6a:49:d1:
39:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:BE:AE:DD:81:D3:41:58:B3:5F:C8:88:72:53:9C:49:6F:E6:A9:C1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bcc54b09-bf59-4a2e-b56b-ff5ead915cfb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:4000::/40
Signature Algorithm: sha256WithRSAEncryption
a7:4a:12:c0:0f:48:67:8b:ec:27:04:10:ef:6e:b7:aa:81:91:
9a:7f:1a:df:3f:8b:c7:79:3c:22:1b:5f:3c:20:3f:e5:14:94:
d9:59:97:d2:59:f3:bc:d5:39:2f:41:c2:2d:aa:b4:45:42:44:
d4:b1:37:6a:27:9a:49:76:fb:5d:5b:a2:58:7b:01:57:98:38:
77:36:79:b9:70:6d:07:34:0e:98:47:fe:e6:5c:3e:71:3e:28:
27:38:8d:5f:0a:f2:9b:21:f6:c9:08:34:ab:1b:82:d0:e4:18:
cd:4b:59:a5:dc:95:60:7b:f3:51:d7:68:a9:57:7c:e1:c3:5f:
10:61:33:08:1b:9a:14:12:69:a9:ae:34:f5:ce:73:3b:f8:00:
5f:96:f0:26:f6:35:cf:60:f7:c6:00:d7:32:fa:4d:8e:9d:35:
5a:a3:4f:0c:aa:5b:d6:6b:e3:04:ca:a3:0d:89:9f:84:95:60:
ea:b1:ad:ad:48:40:ae:9c:f1:50:37:08:aa:66:6c:61:26:56:
2b:23:0a:0f:08:21:ec:e3:21:d3:96:ed:c2:16:f9:71:12:7b:
f0:23:bf:bf:06:2f:b3:8e:64:4d:2b:9b:fd:64:c2:4c:43:0c:
c4:fc:0d:dd:7e:e5:28:5b:ea:93:73:8d:4e:2a:ff:54:75:b1:
88:c0:4f:dd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaZRnMv6BfE2Wn6czvDI41ZNrB1kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA1MjkwMDAwMDBaFw0yNDA3MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwZmNlYjc4MGZiZmIyZWQ1OTlhZjA2ZjU2N2FhYjQwZmU2M2YzNGVhYjgz
YThmOTE5ODNmZGM2YzlmMGI2MGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANaUfCvL8y2cNExtYxgROsQ6YyP4aC3759kIvGXo7RWDP+6BMJAPJ6Ekyxzf
LNsZusanlABwpGcm7YxWcHHWG2XZn+khKg9CCsy+g1CCVL6amiZbM5EZ665JVN/x
w6eUok/w4f/0dr+dra4GUFncdX11pBKqb4y8jBnb5dWXEuTVy+TgKxI3jqYnGvfL
EZS8xW6h7SnbIiHhsSxE2P8RmDbxi/W7fR+t7+Yu/EOklN8gzNtBZJDOMWGyiglg
fVNoU/HqkjMO1nm6qif/SPWHgXn3bEJGlmRIjkpkqC9K14TxT5crtp+UifNvULys
jUR5St9wTEZgnK6Vv38daknROXMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSgvq7d
gdNBWLNfyIhyU5xJb+apwTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmNjNTRiMDktYmY1OS00YTJlLWI1NmItZmY1ZWFkOTE1Y2ZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HZA
MA0GCSqGSIb3DQEBCwUAA4IBAQCnShLAD0hni+wnBBDvbreqgZGafxrfP4vHeTwi
G188ID/lFJTZWZfSWfO81TkvQcItqrRFQkTUsTdqJ5pJdvtdW6JYewFXmDh3Nnm5
cG0HNA6YR/7mXD5xPignOI1fCvKbIfbJCDSrG4LQ5BjNS1ml3JVge/NR12ipV3zh
w18QYTMIG5oUEmmprjT1znM7+ABflvAm9jXPYPfGANcy+k2OnTVao08MqlvWa+ME
yqMNiZ+ElWDqsa2tSECunPFQNwiqZmxhJlYrIwoPCCHs4yHTlu3CFvlxEnvwI7+/
Bi+zjmRNK5v9ZMJMQwzE/A3dfuUoW+qTc41OKv9UdbGIwE/d
-----END CERTIFICATE-----
Generated at Sun Jun 2 01:00:50 2024 by rpki-client on console-fra.rpki-client.org