Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
File: 04593af5-4653-4d6a-8bb5-65270db84a4f.roa (raw, json)
Hash identifier: 1Lx2frDkBlhhlDqlvzLl/rr4O/LD+neR7m/ktNyWIeY=
Subject key identifier: E8:A4:FC:8D:B8:2E:F8:DE:D8:38:05:E2:96:5B:A0:9B:14:7D:B4:12
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 266BEAA3514B9935F29F1951F87AFBA20F864E59
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02d::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:6b:ea:a3:51:4b:99:35:f2:9f:19:51:f8:7a:fb:a2:0f:86:4e:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=225642e83c3132e8d37fcfe9a45bb60bb88828575421d4b93e3f04151c3a381c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8e:7b:73:c4:e6:e3:08:4a:b7:69:96:ce:24:
69:ed:03:e2:55:3a:83:dc:d1:d1:87:57:e9:dd:37:
e1:61:21:2e:30:f0:4c:9f:a2:9e:1c:09:1c:75:f6:
9e:88:b3:d6:c7:8b:7b:c9:c7:65:70:77:d5:db:31:
3c:4e:8d:66:60:60:f2:de:64:54:43:0d:be:f5:3b:
af:bf:1d:5b:ac:53:30:d8:78:78:47:24:1d:c1:73:
45:30:f1:7e:3c:e0:54:d1:1a:25:2b:a4:5c:6d:11:
b4:c4:7e:0e:f0:68:1e:0e:f5:79:9f:2b:25:37:1e:
aa:16:da:96:29:f4:fa:d0:6d:be:8e:e4:6d:fa:9d:
2f:07:36:c2:27:28:4f:bb:66:76:7d:da:ed:e7:51:
f7:96:ec:91:8c:30:ac:f2:57:74:6c:13:59:33:b5:
46:7f:3c:8b:ff:c7:b0:ef:02:08:6e:91:69:0c:37:
28:a1:48:76:44:32:bf:68:c3:40:33:7d:75:8e:86:
76:f2:1e:99:58:48:e4:a6:7e:5e:e2:9b:0e:28:67:
bc:65:fd:3d:b9:4f:c6:f0:68:df:b0:f9:6d:6b:a3:
60:3b:1c:c7:68:c6:3b:7b:64:7c:87:c7:6d:7d:d0:
1b:4d:37:be:2f:b4:7d:89:a7:67:29:c9:4e:e6:27:
5a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:A4:FC:8D:B8:2E:F8:DE:D8:38:05:E2:96:5B:A0:9B:14:7D:B4:12
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02d::/36
Signature Algorithm: sha256WithRSAEncryption
3f:b3:c3:25:ba:c5:f0:11:86:ea:f5:ad:95:73:62:a2:c1:ad:
3e:76:5e:b8:c6:16:56:ef:4b:07:a2:4a:b1:a1:40:8c:55:cc:
e3:a6:38:fb:10:0e:47:0a:27:60:80:82:b2:85:4c:40:10:25:
47:5f:d5:43:c0:44:b4:c3:a0:6c:e7:5f:34:41:d2:a3:76:57:
53:57:bb:1f:57:88:c2:5a:03:4f:d5:1e:21:9b:fc:9a:0d:39:
d7:80:27:37:12:27:48:be:c2:63:2e:e1:d5:4a:c2:7f:dc:39:
66:c3:c6:6f:fd:03:54:32:a1:48:47:ca:82:cf:10:7b:e7:ed:
f2:bc:dc:67:87:e6:1d:8a:3b:11:c7:11:6b:39:fb:34:97:c8:
dd:f1:1f:a5:d8:6d:4c:66:4c:f2:e2:68:8b:4d:18:32:25:b8:
ae:7d:71:a9:d4:5e:a6:c6:ed:93:9c:ce:c2:67:46:46:2c:85:
a6:a4:00:ee:88:0a:4f:39:37:93:fd:aa:3b:91:46:c8:07:d0:
9e:9b:de:00:52:01:f4:d2:ef:47:8d:db:2b:b2:09:5b:57:8b:
19:4d:ed:d3:63:6b:30:32:36:54:60:98:66:d3:58:d3:64:1b:
53:94:ac:77:34:3c:09:5f:f5:a9:59:20:23:53:c9:5d:4a:a6:
7c:ac:75:94
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJmvqo1FLmTXynxlR+Hr7og+GTlkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyNTY0MmU4M2MzMTMyZThkMzdmY2ZlOWE0NWJiNjBiYjg4ODI4NTc1NDIx
ZDRiOTNlM2YwNDE1MWMzYTM4MWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCOe3PE5uMISrdpls4kae0D4lU6g9zR0YdX6d034WEhLjDwTJ+inhwJHHX2
noiz1seLe8nHZXB31dsxPE6NZmBg8t5kVEMNvvU7r78dW6xTMNh4eEckHcFzRTDx
fjzgVNEaJSukXG0RtMR+DvBoHg71eZ8rJTceqhbalin0+tBtvo7kbfqdLwc2wico
T7tmdn3a7edR95bskYwwrPJXdGwTWTO1Rn88i//HsO8CCG6RaQw3KKFIdkQyv2jD
QDN9dY6GdvIemVhI5KZ+XuKbDihnvGX9PblPxvBo37D5bWujYDscx2jGO3tkfIfH
bX3QG003vi+0fYmnZynJTuYnWg0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTopPyN
uC743tg4BeKWW6CbFH20EjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQ1OTNhZjUtNDY1My00ZDZhLThiYjUtNjUyNzBkYjg0YTRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C0A
MA0GCSqGSIb3DQEBCwUAA4IBAQA/s8MlusXwEYbq9a2Vc2Kiwa0+dl64xhZW70sH
okqxoUCMVczjpjj7EA5HCidggIKyhUxAECVHX9VDwES0w6Bs5180QdKjdldTV7sf
V4jCWgNP1R4hm/yaDTnXgCc3EidIvsJjLuHVSsJ/3Dlmw8Zv/QNUMqFIR8qCzxB7
5+3yvNxnh+YdijsRxxFrOfs0l8jd8R+l2G1MZkzy4miLTRgyJbiufXGp1F6mxu2T
nM7CZ0ZGLIWmpADuiApPOTeT/ao7kUbIB9Cem94AUgH00u9HjdsrsglbV4sZTe3T
Y2swMjZUYJhm01jTZBtTlKx3NDwJX/WpWSAjU8ldSqZ8rHWU
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org