Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02911d55-b354-4ba1-af38-5a4fbd4de1fd.roa
File: 02911d55-b354-4ba1-af38-5a4fbd4de1fd.roa (raw, json)
Hash identifier: pCT5/sU+AesVh+oBjqv7k50KIP6JER/d/6uctat+8Us=
Subject key identifier: 24:8E:BD:40:16:04:1E:37:5B:8D:3A:E1:95:A0:9A:2C:E2:B6:60:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 518841FADEF11A0D471D8D6553955C2559603136
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02911d55-b354-4ba1-af38-5a4fbd4de1fd.roa
Signing time: Fri 06 Sep 2024 00:00:00 +0000
ROA not before: Fri 06 Sep 2024 00:00:00 +0000
ROA not after: Fri 11 Oct 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d040:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Sep 2024 20:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:88:41:fa:de:f1:1a:0d:47:1d:8d:65:53:95:5c:25:59:60:31:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 6 00:00:00 2024 GMT
Not After : Oct 11 23:59:59 2024 GMT
Subject: serialNumber=4272b19ab4821e8793400aced220cf294b3c216632bb0eeb6b2ea0dad3247661, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:d4:7f:39:89:01:93:3a:5d:0f:69:2d:91:5f:
dc:3c:56:52:b3:64:0c:74:25:58:46:fb:1a:be:c5:
17:91:cf:07:33:fa:24:40:b3:e9:4b:9e:34:ce:dd:
46:1b:11:82:00:b5:27:b9:2a:76:59:ad:77:0e:71:
62:83:4a:7f:d8:36:a0:f2:53:d0:74:53:ea:51:80:
1c:b6:ee:c0:f1:f7:2b:ad:30:91:fb:98:47:3d:3c:
31:87:9d:64:d1:f2:2d:c8:1f:8b:2b:d2:e0:87:ed:
2a:3a:93:8a:7f:a5:d2:db:5c:1e:bf:9b:be:14:64:
e6:ca:6d:6e:94:28:8c:6b:a9:86:68:8f:4b:34:f0:
7c:c8:03:ec:bc:b6:25:f5:b8:5a:d5:60:68:45:8c:
a7:32:15:31:dd:b0:d8:17:23:0a:f2:22:08:54:f4:
8a:70:b1:e4:19:b3:fd:1a:ab:f9:2b:cb:68:f2:7b:
ed:cd:5b:c5:46:5f:cd:b6:cf:f8:ee:90:2f:c2:5b:
90:d0:ea:68:bf:05:6e:30:73:ee:db:54:98:2a:7b:
b6:54:1e:94:2c:48:aa:71:b0:fb:e9:2e:c0:1a:f8:
5e:23:be:fc:b5:a3:93:30:e5:b2:0c:0d:29:4f:1a:
f8:53:53:42:15:ee:04:3b:08:e3:06:49:df:4b:00:
e7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:8E:BD:40:16:04:1E:37:5B:8D:3A:E1:95:A0:9A:2C:E2:B6:60:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02911d55-b354-4ba1-af38-5a4fbd4de1fd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040:a000::/40
Signature Algorithm: sha256WithRSAEncryption
ab:8e:91:4e:ff:36:14:99:1a:e1:0f:65:a2:0a:78:9e:07:d5:
69:e6:f0:bd:25:47:ff:3a:bb:6e:52:39:95:58:56:0b:95:b6:
54:5b:72:0c:e0:22:e2:dc:3e:04:70:e3:e1:06:3c:b6:cd:d6:
6d:e9:63:2c:88:0c:e4:e9:c4:dc:dc:e3:e3:d0:96:4b:f3:75:
41:9a:91:c2:63:c9:32:cf:b4:84:c5:24:ae:ff:b6:9b:ac:7b:
06:ca:07:b9:b5:4b:4e:fe:3a:d3:2a:10:f5:3b:76:14:57:e3:
34:91:58:2a:66:9a:6c:89:32:6d:8b:d7:34:4b:87:d8:8b:9a:
86:e4:c8:14:2e:fa:2c:fc:be:78:4e:29:f4:04:97:4c:02:8f:
ad:5b:81:95:b5:b9:eb:33:7e:ba:f7:ef:c9:8e:63:d3:af:07:
76:6c:ce:46:5d:2e:33:d0:8d:af:fa:b2:e4:53:13:43:f6:c0:
57:43:e2:1d:6e:77:25:9c:b4:72:fb:01:1e:7b:73:f5:11:5b:
db:bf:c5:17:af:19:18:25:e5:b6:78:66:f6:b2:49:72:42:9e:
46:66:cd:b8:6a:0b:f7:8f:25:3b:0d:d8:d1:b8:56:0a:08:47:
a3:f5:ed:d2:2f:3b:ce:3b:cc:b8:cd:4f:e9:c4:e3:db:89:69:
bc:94:f5:ee
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUYhB+t7xGg1HHY1lU5VcJVlgMTYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA5MDYwMDAwMDBaFw0yNDEwMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyNzJiMTlhYjQ4MjFlODc5MzQwMGFjZWQyMjBjZjI5NGIzYzIxNjYzMmJi
MGVlYjZiMmVhMGRhZDMyNDc2NjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPPUfzmJAZM6XQ9pLZFf3DxWUrNkDHQlWEb7Gr7FF5HPBzP6JECz6UueNM7d
RhsRggC1J7kqdlmtdw5xYoNKf9g2oPJT0HRT6lGAHLbuwPH3K60wkfuYRz08MYed
ZNHyLcgfiyvS4IftKjqTin+l0ttcHr+bvhRk5sptbpQojGuphmiPSzTwfMgD7Ly2
JfW4WtVgaEWMpzIVMd2w2BcjCvIiCFT0inCx5Bmz/Rqr+SvLaPJ77c1bxUZfzbbP
+O6QL8JbkNDqaL8FbjBz7ttUmCp7tlQelCxIqnGw++kuwBr4XiO+/LWjkzDlsgwN
KU8a+FNTQhXuBDsI4wZJ30sA590CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQkjr1A
FgQeN1uNOuGVoJos4rZgTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDI5MTFkNTUtYjM1NC00YmExLWFmMzgtNWE0ZmJkNGRlMWZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ECg
MA0GCSqGSIb3DQEBCwUAA4IBAQCrjpFO/zYUmRrhD2WiCnieB9Vp5vC9JUf/Ortu
UjmVWFYLlbZUW3IM4CLi3D4EcOPhBjy2zdZt6WMsiAzk6cTc3OPj0JZL83VBmpHC
Y8kyz7SExSSu/7abrHsGyge5tUtO/jrTKhD1O3YUV+M0kVgqZppsiTJti9c0S4fY
i5qG5MgULvos/L54Tin0BJdMAo+tW4GVtbnrM3669+/JjmPTrwd2bM5GXS4z0I2v
+rLkUxND9sBXQ+IdbnclnLRy+wEee3P1EVvbv8UXrxkYJeW2eGb2sklyQp5GZs24
agv3jyU7DdjRuFYKCEej9e3SLzvOO8y4zU/pxOPbiWm8lPXu
-----END CERTIFICATE-----
Generated at Sat Sep 7 01:39:48 2024 by rpki-client on console-ams.rpki-client.org