Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0329f72c-bcfc-450d-9501-0716fe320aff.roa
File: 0329f72c-bcfc-450d-9501-0716fe320aff.roa (raw, json)
Hash identifier: PbxitPaCyjl99waDiG3008i77r+sDw7WEFvfTZvA/rs=
Subject key identifier: E5:3E:86:25:22:43:7B:09:C0:74:66:81:32:6A:FA:54:88:2D:4C:09
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12A41BBC9254D7A6FD2B61BD17FF4EDEA8415E52
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0329f72c-bcfc-450d-9501-0716fe320aff.roa
Signing time: Fri 29 Mar 2024 00:00:00 +0000
ROA not before: Fri 29 Mar 2024 00:00:00 +0000
ROA not after: Fri 03 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:a4:1b:bc:92:54:d7:a6:fd:2b:61:bd:17:ff:4e:de:a8:41:5e:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 29 00:00:00 2024 GMT
Not After : May 3 23:59:59 2024 GMT
Subject: serialNumber=1c2058184f941a248bdc51c370bb4ab7b49412292f44c7dc9c3f3d839b512184, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ed:13:38:83:39:54:b2:bb:5e:1d:73:dd:4a:
8b:14:38:24:68:e9:29:5b:8a:03:65:ba:94:5e:2e:
f1:f8:f3:a4:a4:31:6b:16:a8:c4:74:a8:3a:b5:67:
19:9b:4f:c1:f1:86:f4:be:69:93:1e:0d:86:15:81:
07:52:de:c2:2e:30:eb:30:3a:1d:36:fc:91:b9:57:
f5:df:e6:82:14:1a:bc:9b:31:23:b4:65:2e:4a:0f:
ef:18:ba:15:60:15:db:b6:7d:9d:29:ec:23:d5:94:
30:cf:48:a4:aa:91:b4:fd:7a:7d:52:b3:cd:61:1e:
47:c7:c3:7b:29:fc:f4:dc:80:38:e0:00:44:9e:60:
18:96:c2:05:7f:4d:2b:96:2e:9c:87:6c:10:2a:f2:
45:cd:06:b9:da:3e:be:09:1d:9c:ab:85:de:1d:c5:
c5:fe:72:58:88:58:bb:8c:38:0c:7d:f0:99:b8:8a:
73:ba:9d:18:ba:f7:61:99:b8:e6:b9:2b:20:92:67:
f5:68:af:42:48:24:a1:fd:4e:81:36:45:9c:f2:c9:
52:ec:c6:e0:8d:f6:73:ec:07:68:4c:e6:c9:9b:c4:
66:92:a3:14:5b:90:f9:6d:59:8e:95:12:a1:dd:87:
32:83:61:ec:86:5f:cc:42:e9:44:83:f1:60:b0:70:
78:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:3E:86:25:22:43:7B:09:C0:74:66:81:32:6A:FA:54:88:2D:4C:09
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0329f72c-bcfc-450d-9501-0716fe320aff.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c000::/40
Signature Algorithm: sha256WithRSAEncryption
36:e7:18:1a:cd:83:1a:ed:56:91:87:19:da:f0:d3:ee:a2:06:
dd:db:f2:62:c1:4f:dd:7f:eb:9c:20:8d:c8:55:26:85:aa:37:
f8:a5:6f:7e:7a:eb:6d:bf:e7:e4:2d:e2:88:bc:85:82:96:31:
72:dd:48:fb:b0:4d:e7:5e:63:05:52:0e:8b:3b:33:cc:6b:52:
1f:95:90:b3:00:76:31:de:64:67:5d:87:95:10:b9:ff:84:b5:
d3:d2:d7:fd:06:57:b1:05:48:51:3a:22:80:6d:a8:45:0d:a1:
cd:06:4b:6f:42:f4:d1:ec:06:43:8c:fe:8f:31:47:66:07:91:
f2:77:7e:94:49:37:ef:e9:c9:83:53:fe:5e:c5:7e:6a:a0:d5:
4c:81:50:85:60:6b:8f:44:aa:0a:a4:00:20:e1:9e:05:69:88:
bc:89:10:b2:1a:80:af:ae:c8:b9:b8:4c:92:d3:e2:6b:a2:68:
08:20:b5:6d:cd:1a:ca:79:4b:be:13:35:80:2a:da:2a:f3:9f:
c0:77:9d:44:96:44:ba:d5:f7:d3:9a:af:11:a5:51:2f:a7:89:
00:01:d6:5d:30:0a:2a:96:69:67:c1:37:65:21:00:0a:75:68:
6c:b5:58:2d:34:09:bf:dd:71:d9:c0:bd:3f:3e:72:99:33:f3:
74:52:b1:31
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEqQbvJJU16b9K2G9F/9O3qhBXlIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDAzMjkwMDAwMDBaFw0yNDA1MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjMjA1ODE4NGY5NDFhMjQ4YmRjNTFjMzcwYmI0YWI3YjQ5NDEyMjkyZjQ0
YzdkYzljM2YzZDgzOWI1MTIxODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3tEziDOVSyu14dc91KixQ4JGjpKVuKA2W6lF4u8fjzpKQxaxaoxHSoOrVn
GZtPwfGG9L5pkx4NhhWBB1Lewi4w6zA6HTb8kblX9d/mghQavJsxI7RlLkoP7xi6
FWAV27Z9nSnsI9WUMM9IpKqRtP16fVKzzWEeR8fDeyn89NyAOOAARJ5gGJbCBX9N
K5YunIdsECryRc0Gudo+vgkdnKuF3h3Fxf5yWIhYu4w4DH3wmbiKc7qdGLr3YZm4
5rkrIJJn9WivQkgkof1OgTZFnPLJUuzG4I32c+wHaEzmyZvEZpKjFFuQ+W1ZjpUS
od2HMoNh7IZfzELpRIPxYLBweCUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTlPoYl
IkN7CcB0ZoEyavpUiC1MCTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDMyOWY3MmMtYmNmYy00NTBkLTk1MDEtMDcxNmZlMzIwYWZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADA
MA0GCSqGSIb3DQEBCwUAA4IBAQA25xgazYMa7VaRhxna8NPuogbd2/JiwU/df+uc
II3IVSaFqjf4pW9+euttv+fkLeKIvIWCljFy3Uj7sE3nXmMFUg6LOzPMa1IflZCz
AHYx3mRnXYeVELn/hLXT0tf9BlexBUhROiKAbahFDaHNBktvQvTR7AZDjP6PMUdm
B5Hyd36USTfv6cmDU/5exX5qoNVMgVCFYGuPRKoKpAAg4Z4FaYi8iRCyGoCvrsi5
uEyS0+JromgIILVtzRrKeUu+EzWAKtoq85/Ad51ElkS61ffTmq8RpVEvp4kAAdZd
MAoqlmlnwTdlIQAKdWhstVgtNAm/3XHZwL0/PnKZM/N0UrEx
-----END CERTIFICATE-----
Generated at Fri Apr 19 01:16:39 2024 by rpki-client on console-fra.rpki-client.org