Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd4f2a8d-bc24-433b-8b8f-218da9419673.roa
File: dd4f2a8d-bc24-433b-8b8f-218da9419673.roa (raw, json)
Hash identifier: C8Rs/TfawqFw2B6Opmu94MKbQ/ZQ/ZNVkdSL4Pveb88=
Subject key identifier: 14:D6:8C:6C:C5:43:F9:11:BD:DB:E3:8E:46:6E:66:32:47:92:E6:83
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E52DBB26EDDF128C4F5FF266983E40EE9E7046B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd4f2a8d-bc24-433b-8b8f-218da9419673.roa
Signing time: Mon 27 May 2024 00:00:00 +0000
ROA not before: Mon 27 May 2024 00:00:00 +0000
ROA not after: Mon 01 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:52:db:b2:6e:dd:f1:28:c4:f5:ff:26:69:83:e4:0e:e9:e7:04:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 27 00:00:00 2024 GMT
Not After : Jul 1 23:59:59 2024 GMT
Subject: serialNumber=24945bc5585e34ffa0a2fd4145cef0adce38b1cd50b2bf063025aa2d6e0069e9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:94:96:04:0e:28:78:63:03:c7:47:0e:3d:fd:
f2:18:e6:20:3c:82:0b:c2:f1:2a:4d:ce:de:2c:5a:
9d:51:d0:30:21:eb:49:ae:c6:94:8d:f2:b7:13:d4:
72:5b:c0:d3:1d:08:7f:83:e6:04:4a:45:23:2d:87:
8b:5b:48:97:1e:7a:93:a4:96:9b:3c:0b:50:20:03:
b9:9c:68:db:11:65:6a:1e:78:b8:be:ad:a2:ef:6e:
b1:ee:cf:f2:ce:a6:5e:d8:49:ea:cd:e5:4d:f1:b5:
ac:ec:d8:54:53:c3:20:fd:9f:fb:77:8c:05:44:72:
cb:e4:00:2a:4b:3e:6a:e8:0f:7a:bc:b5:4f:18:af:
39:d1:ee:3e:f7:e0:03:6e:37:48:a7:64:59:2f:17:
8a:91:e1:8c:65:bf:73:2c:6e:c4:34:fb:2a:4d:f7:
c4:7d:d1:f8:07:38:12:b8:e9:4c:a7:bc:db:5f:13:
29:70:d7:9c:bb:67:90:45:f2:7d:2f:55:9a:61:f2:
fc:0e:cf:dd:70:a5:77:e2:cb:0c:ab:43:de:84:69:
37:1b:f3:6b:80:2d:b5:06:99:25:5a:19:7f:b0:c9:
2e:af:ad:eb:d5:7c:65:aa:0f:f9:5d:ad:f1:f0:28:
5e:6f:f7:35:87:37:f3:ec:84:e1:4e:2d:67:65:91:
b0:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:D6:8C:6C:C5:43:F9:11:BD:DB:E3:8E:46:6E:66:32:47:92:E6:83
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd4f2a8d-bc24-433b-8b8f-218da9419673.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:a000::/40
Signature Algorithm: sha256WithRSAEncryption
0a:02:07:00:24:f6:db:1b:05:f9:37:70:05:35:8a:cc:cb:df:
2c:aa:c3:7d:88:2c:ab:4e:4e:ae:35:88:86:74:d8:2d:5c:b6:
3f:bc:7a:bb:67:38:09:51:d2:f1:b6:24:33:1e:f5:4a:b9:1f:
c9:e8:de:93:43:37:dd:70:69:82:9f:82:a6:ab:f7:ba:f7:f8:
a0:08:da:e6:5b:ae:cf:5f:1a:88:64:4c:c9:ab:93:51:3b:0b:
4c:a4:e6:e6:0f:ba:de:33:95:8d:30:ff:91:fa:50:0a:c2:38:
e2:21:56:25:0b:d1:f1:ef:ac:43:70:d0:64:6c:94:59:d7:a9:
fb:dd:14:29:99:d4:8a:97:c7:07:a1:10:d1:51:41:ac:ab:b9:
05:aa:6f:64:cc:20:29:a2:10:df:33:8a:32:de:83:88:a1:3e:
41:fa:b5:4f:01:8d:8a:df:29:e0:3b:36:31:db:a2:d4:30:db:
ae:19:a7:71:fc:62:02:d6:2e:08:0b:cc:1c:11:e7:27:97:69:
50:46:76:25:12:a3:1c:28:d3:e7:36:ae:b9:0e:4d:06:5d:b4:
1c:ac:67:1e:d4:61:3d:7c:6d:00:68:ad:fa:15:eb:89:13:98:
f2:73:e0:e2:23:d1:a9:a6:37:f1:97:cd:d7:f0:db:89:aa:f9:
ea:85:81:71
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUblLbsm7d8SjE9f8maYPkDunnBGswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA1MjcwMDAwMDBaFw0yNDA3MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0OTQ1YmM1NTg1ZTM0ZmZhMGEyZmQ0MTQ1Y2VmMGFkY2UzOGIxY2Q1MGIy
YmYwNjMwMjVhYTJkNmUwMDY5ZTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMmUlgQOKHhjA8dHDj398hjmIDyCC8LxKk3O3ixanVHQMCHrSa7GlI3ytxPU
clvA0x0If4PmBEpFIy2Hi1tIlx56k6SWmzwLUCADuZxo2xFlah54uL6tou9use7P
8s6mXthJ6s3lTfG1rOzYVFPDIP2f+3eMBURyy+QAKks+augPery1TxivOdHuPvfg
A243SKdkWS8XipHhjGW/cyxuxDT7Kk33xH3R+Ac4ErjpTKe8218TKXDXnLtnkEXy
fS9VmmHy/A7P3XCld+LLDKtD3oRpNxvza4AttQaZJVoZf7DJLq+t69V8ZaoP+V2t
8fAoXm/3NYc38+yE4U4tZ2WRsHUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQU1oxs
xUP5Eb3b445GbmYyR5LmgzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGQ0ZjJhOGQtYmMyNC00MzNiLThiOGYtMjE4ZGE5NDE5NjczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSg
MA0GCSqGSIb3DQEBCwUAA4IBAQAKAgcAJPbbGwX5N3AFNYrMy98sqsN9iCyrTk6u
NYiGdNgtXLY/vHq7ZzgJUdLxtiQzHvVKuR/J6N6TQzfdcGmCn4Kmq/e69/igCNrm
W67PXxqIZEzJq5NROwtMpObmD7reM5WNMP+R+lAKwjjiIVYlC9Hx76xDcNBkbJRZ
16n73RQpmdSKl8cHoRDRUUGsq7kFqm9kzCApohDfM4oy3oOIoT5B+rVPAY2K3yng
OzYx26LUMNuuGadx/GIC1i4IC8wcEecnl2lQRnYlEqMcKNPnNq65Dk0GXbQcrGce
1GE9fG0AaK36FeuJE5jyc+DiI9Gppjfxl83X8NuJqvnqhYFx
-----END CERTIFICATE-----
Generated at Sun Jun 2 01:00:50 2024 by rpki-client on console-fra.rpki-client.org