Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ecb3878-2618-4a84-8b0d-b24f8a80bcfe.roa
File: 0ecb3878-2618-4a84-8b0d-b24f8a80bcfe.roa (raw, json)
Hash identifier: DCg8RQgRfHg6egeKd+/VF4nF8n40s3GMnSVvl7fvkGQ=
Subject key identifier: 6A:CF:9F:E6:C3:A1:3C:2D:15:7C:E4:98:A6:2B:7D:A7:72:B8:DF:E6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45DAFB551BF9A1748BEDB3C3F47A5ADDD29B8391
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ecb3878-2618-4a84-8b0d-b24f8a80bcfe.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:da:fb:55:1b:f9:a1:74:8b:ed:b3:c3:f4:7a:5a:dd:d2:9b:83:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=faa9477888f54490ccf207f32266190624bb7efe359e83d81ca07468b1b60589, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:b3:0c:dd:99:84:4a:26:a2:4f:eb:49:b7:c2:
f4:ab:45:2c:05:7b:dc:c6:44:9c:ea:3c:0e:95:ab:
fe:bf:68:3a:ff:5b:fe:73:4c:70:f9:74:6c:22:9c:
f0:0e:64:43:5e:5b:1b:0a:62:38:71:a9:97:bf:d2:
f3:a7:a5:c7:1d:c0:13:20:ab:66:69:37:82:1e:25:
cd:00:86:e1:2a:2b:6e:4f:22:f6:27:8c:a8:56:15:
fd:25:85:3d:dd:f8:fe:45:4b:70:fe:01:e4:85:d4:
75:f6:49:f7:4e:a0:d2:b0:e7:b3:f4:c9:29:25:34:
b0:d9:bb:b7:cc:89:42:ee:dc:69:6a:b7:aa:3d:7c:
eb:23:0d:8e:47:73:71:6b:09:82:97:56:3c:e6:80:
eb:81:8f:61:5b:db:fa:59:38:96:06:9d:de:ea:5d:
12:db:78:86:4c:54:a2:a8:92:35:82:ec:a4:c2:ef:
53:4e:a5:8c:42:a8:26:c0:04:fc:2d:27:16:bd:1c:
15:d9:88:67:ff:59:ef:71:ba:79:1c:40:61:1b:74:
17:08:40:7e:03:38:33:c2:fe:8a:7f:37:e0:92:f4:
63:52:2b:b0:f9:04:35:01:1d:42:84:ef:f3:87:1f:
55:ff:08:c0:96:e7:92:f9:6c:ad:f6:ab:da:9d:84:
07:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:CF:9F:E6:C3:A1:3C:2D:15:7C:E4:98:A6:2B:7D:A7:72:B8:DF:E6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ecb3878-2618-4a84-8b0d-b24f8a80bcfe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:2000::/40
Signature Algorithm: sha256WithRSAEncryption
19:dd:c5:5a:36:d6:91:58:bc:2f:b6:8c:bb:54:65:99:53:00:
06:d7:6e:9a:e6:9c:d7:b7:da:74:07:43:84:99:7d:ae:56:05:
4c:eb:99:e8:5b:04:af:f7:f5:89:da:b0:a9:b4:2b:2d:b7:7e:
e2:6c:dc:a6:9d:5f:2c:bd:5f:01:b8:86:dd:cc:ed:92:db:f6:
06:6f:59:7b:3a:66:78:b2:af:09:96:2c:ed:0d:89:b1:b3:a2:
6b:8b:30:53:93:c0:c8:21:8e:25:e7:91:1e:58:04:37:f2:18:
24:f0:bf:f3:ce:c2:b0:ea:f4:83:af:65:80:1f:13:88:7b:28:
b8:44:00:25:d5:d6:3f:7f:1e:51:58:bb:8b:2b:a6:b7:e4:03:
59:50:c3:c0:6c:5a:f5:6f:72:b8:32:76:e4:b1:a4:77:84:e3:
27:44:23:ca:3d:52:70:53:41:37:f7:d0:11:48:df:df:29:02:
91:f2:24:f8:d5:63:90:48:dc:ab:d5:8b:e1:3f:bd:03:db:fb:
17:a0:34:f4:70:46:9c:cb:bd:07:f2:37:bb:a5:ae:78:ed:ef:
31:9f:99:23:a5:f8:1d:cf:b3:5f:55:71:cc:d4:93:84:5b:a8:
d9:81:86:58:4e:06:9c:e3:8d:9e:e8:c1:c6:0e:74:e1:c3:b8:
1b:f3:53:8a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURdr7VRv5oXSL7bPD9Hpa3dKbg5EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhYTk0Nzc4ODhmNTQ0OTBjY2YyMDdmMzIyNjYxOTA2MjRiYjdlZmUzNTll
ODNkODFjYTA3NDY4YjFiNjA1ODkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANizDN2ZhEomok/rSbfC9KtFLAV73MZEnOo8DpWr/r9oOv9b/nNMcPl0bCKc
8A5kQ15bGwpiOHGpl7/S86elxx3AEyCrZmk3gh4lzQCG4Sorbk8i9ieMqFYV/SWF
Pd34/kVLcP4B5IXUdfZJ906g0rDns/TJKSU0sNm7t8yJQu7caWq3qj186yMNjkdz
cWsJgpdWPOaA64GPYVvb+lk4lgad3updEtt4hkxUoqiSNYLspMLvU06ljEKoJsAE
/C0nFr0cFdmIZ/9Z73G6eRxAYRt0FwhAfgM4M8L+in834JL0Y1IrsPkENQEdQoTv
84cfVf8IwJbnkvlsrfar2p2EBycCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRqz5/m
w6E8LRV85JimK32ncrjf5jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGVjYjM4NzgtMjYxOC00YTg0LThiMGQtYjI0ZjhhODBiY2ZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hsg
MA0GCSqGSIb3DQEBCwUAA4IBAQAZ3cVaNtaRWLwvtoy7VGWZUwAG126a5pzXt9p0
B0OEmX2uVgVM65noWwSv9/WJ2rCptCstt37ibNymnV8svV8BuIbdzO2S2/YGb1l7
OmZ4sq8JliztDYmxs6JrizBTk8DIIY4l55EeWAQ38hgk8L/zzsKw6vSDr2WAHxOI
eyi4RAAl1dY/fx5RWLuLK6a35ANZUMPAbFr1b3K4MnbksaR3hOMnRCPKPVJwU0E3
99ARSN/fKQKR8iT41WOQSNyr1YvhP70D2/sXoDT0cEacy70H8je7pa547e8xn5kj
pfgdz7NfVXHM1JOEW6jZgYZYTgac442e6MHGDnThw7gb81OK
-----END CERTIFICATE-----
Generated at Wed May 1 20:48:45 2024 by rpki-client on console-ams.rpki-client.org