Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
File: 04593af5-4653-4d6a-8bb5-65270db84a4f.roa (raw, json)
Hash identifier: c1aYuRRp78lyLdbNkZBH2crJWeyLyqhgNhZKBGG6sX0=
Subject key identifier: CF:B4:24:47:41:8A:C2:C6:13:50:39:2B:FB:38:97:AA:12:70:F8:95
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 22E40B72568118CFA4CC5EE594CD785B468C8085
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02d::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:e4:0b:72:56:81:18:cf:a4:cc:5e:e5:94:cd:78:5b:46:8c:80:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=488c77a783e9dcd1522df26fe6f2addb1ec3a8224688d1b9134106eddd7e8603, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a1:50:c6:7a:37:e3:00:3d:3e:c3:ff:40:40:
60:36:e3:44:53:f5:2c:ee:fa:77:b6:19:32:f2:d0:
07:f6:cc:ca:7c:84:87:3e:97:82:8f:cd:e4:bd:48:
b5:a9:7a:3e:65:19:73:f1:c6:ba:27:ed:78:ee:ad:
fd:c7:f5:e8:2a:33:a0:e2:e3:89:6b:e3:bf:a4:b5:
b4:f5:56:38:86:57:ef:02:ba:f5:d9:8f:59:7e:b6:
f0:3d:4b:a7:c8:6c:2f:66:cc:40:b4:6f:1d:68:ee:
1e:ca:74:bb:22:a3:b9:61:54:1e:86:66:08:41:e0:
76:80:8b:c5:61:17:e1:96:61:72:8f:dc:fd:a2:6a:
b7:91:39:e0:3e:d6:50:a0:6f:d4:7d:6e:fe:34:43:
d5:63:cc:46:4d:cb:e3:4c:d2:55:4a:3a:c1:f2:ae:
6b:5b:74:9a:2b:4c:1f:97:a2:50:88:4a:00:27:8b:
10:7f:11:b7:7b:b9:7a:de:8f:55:48:88:ea:41:3d:
40:2a:5a:0d:d3:60:e8:30:b5:b1:62:14:14:e9:2e:
87:dd:7a:65:27:af:f9:61:5c:ce:d0:ec:a9:64:04:
81:32:b4:34:64:37:41:e9:a5:ae:98:95:62:16:e6:
69:15:33:39:b1:25:cd:cb:38:de:65:00:b7:e0:a1:
9b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:B4:24:47:41:8A:C2:C6:13:50:39:2B:FB:38:97:AA:12:70:F8:95
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02d::/36
Signature Algorithm: sha256WithRSAEncryption
1a:34:4a:4e:08:70:e5:61:4c:40:5f:ba:b5:6f:33:84:5c:55:
e1:e1:e7:23:ab:4e:9b:8c:0b:83:1f:4e:e2:02:ab:fd:36:51:
d4:a7:fe:58:34:0b:74:7e:52:c5:be:b2:b8:67:e8:18:9c:5b:
3f:21:9b:b7:75:e5:e9:79:c9:75:7f:2f:54:c4:48:ef:e3:75:
fe:9d:58:5f:e0:64:95:34:6f:f8:34:63:8a:e4:f9:11:c1:b1:
48:0f:37:11:9d:4c:33:64:ff:5d:b6:6d:2a:f8:d3:0f:ad:b8:
2f:d0:fe:be:32:b0:66:4a:52:d7:f7:2f:35:fa:5b:64:da:3c:
6e:53:63:50:f9:46:af:fe:37:c0:bc:9f:bc:1c:61:87:f9:f2:
5f:d9:f5:b3:83:ab:46:ab:b3:4c:2b:bd:f8:f0:fd:31:6a:7b:
d1:d9:52:9a:93:3b:16:42:23:26:74:01:52:70:8b:6f:ba:0b:
63:74:e9:50:f7:55:60:cc:67:07:33:c9:54:06:0e:a5:01:90:
14:b0:9a:a8:62:ed:50:e0:e3:ff:8c:32:7b:e1:ce:4a:31:ce:
c9:30:84:1f:34:b6:ad:65:92:1b:2b:1c:83:30:78:f0:cf:dc:
c9:ef:82:f7:6e:90:26:bd:2f:c4:cb:cc:62:5a:61:32:59:0b:
0f:07:18:25
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIuQLclaBGM+kzF7llM14W0aMgIUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4OGM3N2E3ODNlOWRjZDE1MjJkZjI2ZmU2ZjJhZGRiMWVjM2E4MjI0Njg4
ZDFiOTEzNDEwNmVkZGQ3ZTg2MDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJKhUMZ6N+MAPT7D/0BAYDbjRFP1LO76d7YZMvLQB/bMynyEhz6Xgo/N5L1I
tal6PmUZc/HGuifteO6t/cf16CozoOLjiWvjv6S1tPVWOIZX7wK69dmPWX628D1L
p8hsL2bMQLRvHWjuHsp0uyKjuWFUHoZmCEHgdoCLxWEX4ZZhco/c/aJqt5E54D7W
UKBv1H1u/jRD1WPMRk3L40zSVUo6wfKua1t0mitMH5eiUIhKACeLEH8Rt3u5et6P
VUiI6kE9QCpaDdNg6DC1sWIUFOkuh916ZSev+WFcztDsqWQEgTK0NGQ3QemlrpiV
YhbmaRUzObElzcs43mUAt+ChmzECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTPtCRH
QYrCxhNQOSv7OJeqEnD4lTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQ1OTNhZjUtNDY1My00ZDZhLThiYjUtNjUyNzBkYjg0YTRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C0A
MA0GCSqGSIb3DQEBCwUAA4IBAQAaNEpOCHDlYUxAX7q1bzOEXFXh4ecjq06bjAuD
H07iAqv9NlHUp/5YNAt0flLFvrK4Z+gYnFs/IZu3deXpecl1fy9UxEjv43X+nVhf
4GSVNG/4NGOK5PkRwbFIDzcRnUwzZP9dtm0q+NMPrbgv0P6+MrBmSlLX9y81+ltk
2jxuU2NQ+Uav/jfAvJ+8HGGH+fJf2fWzg6tGq7NMK7348P0xanvR2VKakzsWQiMm
dAFScItvugtjdOlQ91VgzGcHM8lUBg6lAZAUsJqoYu1Q4OP/jDJ74c5KMc7JMIQf
NLatZZIbKxyDMHjwz9zJ74L3bpAmvS/Ey8xiWmEyWQsPBxgl
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:40:29 2024 by rpki-client on console-ams.rpki-client.org