Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f3fbd71-85b4-48a7-8479-e942c9578262.roa
File: 0f3fbd71-85b4-48a7-8479-e942c9578262.roa (raw, json)
Hash identifier: tIOJbI9y0rCysAmfJGqOomvsbdjjI8ljyzSgQPFk/aM=
Subject key identifier: B3:40:7F:EA:0D:18:A1:78:19:C5:88:F3:18:98:7C:09:0E:19:CC:AC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 60AB66614724B8AD98C8AB894099B15ABFF2EB1A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f3fbd71-85b4-48a7-8479-e942c9578262.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Apr 2024 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:ab:66:61:47:24:b8:ad:98:c8:ab:89:40:99:b1:5a:bf:f2:eb:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=84a12e13dc82132315872acf0e2ab52641d8ec4f6053343b7a3cfb6121495881, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:d2:32:2a:af:c7:f9:e9:2e:7d:1a:4a:d8:d0:
31:49:a4:cb:2f:c8:4e:f1:6d:05:93:4b:c1:f0:eb:
12:0d:24:c5:b2:79:c8:ed:82:dc:25:aa:71:35:ca:
b0:2e:ad:9f:e2:15:c0:b1:e3:15:b1:5f:27:fe:d9:
ca:d9:1f:36:f0:e5:e2:8e:8a:e3:45:53:0f:6f:84:
5f:4d:9e:c8:9a:ce:07:36:32:87:03:4c:73:74:29:
87:28:75:5b:ac:c7:2f:73:e2:9b:46:70:40:cf:e0:
e9:ad:55:97:27:bc:8a:71:6a:90:00:32:bf:b1:98:
22:70:a5:63:5e:34:c2:47:97:ed:1c:2a:e6:65:16:
00:96:9a:d0:57:ae:a9:8b:09:ed:6e:eb:c2:be:e8:
6a:90:9a:ed:91:71:89:8b:cc:41:ee:40:bc:1f:d0:
81:38:53:25:27:aa:f4:53:51:67:e2:f9:4d:61:e4:
fc:55:53:15:89:53:f0:e5:85:0b:b7:19:73:23:5f:
8f:c4:79:4e:ac:cb:16:36:6d:e6:2f:01:8d:ec:bf:
c4:03:b7:9b:5c:2a:de:f0:ff:35:58:74:c8:12:98:
92:70:26:20:50:18:58:15:f1:f5:89:ad:6b:d5:26:
14:9a:f7:28:21:c7:95:ab:cd:17:6b:52:fe:6c:1a:
bf:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:40:7F:EA:0D:18:A1:78:19:C5:88:F3:18:98:7C:09:0E:19:CC:AC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f3fbd71-85b4-48a7-8479-e942c9578262.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:1000::/40
Signature Algorithm: sha256WithRSAEncryption
38:c5:a7:05:a5:bc:10:ee:37:5a:74:3f:c9:49:38:6c:6a:01:
18:4d:87:3d:da:78:83:7c:25:4d:5d:67:8e:8e:c1:25:bb:85:
35:46:de:47:d0:92:a0:0b:0e:6f:41:eb:e1:35:e9:dc:de:8a:
b6:5e:44:5c:de:a3:e0:b0:06:78:5f:d7:61:de:0e:bf:4e:0b:
03:2e:a6:01:8f:a4:49:74:8a:40:6a:2c:3e:5e:b2:1c:78:3e:
e6:82:a1:fe:5e:29:1a:4e:85:77:67:5f:f5:2d:c3:0d:62:37:
82:71:1b:42:65:8e:bb:7e:cd:48:73:26:a0:85:cf:23:45:ca:
69:8f:6e:a6:df:14:72:ff:69:97:66:2c:26:ed:9a:53:be:f9:
14:f4:02:0e:10:6f:69:88:60:44:06:08:1d:94:e7:03:90:43:
87:24:a8:bd:67:82:8b:38:ca:d5:20:68:9a:c7:86:9a:5c:0b:
d5:7a:00:4f:bd:27:50:f0:c7:21:e7:7e:3d:3f:9d:19:b7:59:
00:1b:34:f9:aa:7f:e3:ae:8c:ec:8a:87:0d:6f:a7:8f:e3:90:
d1:c4:bb:e4:d4:ed:58:2c:a1:14:d6:66:dc:33:fc:b2:30:2d:
d6:37:5f:49:8d:57:61:95:06:e4:8b:b1:75:70:a2:d9:69:02:
5a:0f:a3:86
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYKtmYUckuK2YyKuJQJmxWr/y6xowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0YTEyZTEzZGM4MjEzMjMxNTg3MmFjZjBlMmFiNTI2NDFkOGVjNGY2MDUz
MzQzYjdhM2NmYjYxMjE0OTU4ODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAODSMiqvx/npLn0aStjQMUmkyy/ITvFtBZNLwfDrEg0kxbJ5yO2C3CWqcTXK
sC6tn+IVwLHjFbFfJ/7ZytkfNvDl4o6K40VTD2+EX02eyJrOBzYyhwNMc3Qphyh1
W6zHL3Pim0ZwQM/g6a1Vlye8inFqkAAyv7GYInClY140wkeX7Rwq5mUWAJaa0Feu
qYsJ7W7rwr7oapCa7ZFxiYvMQe5AvB/QgThTJSeq9FNRZ+L5TWHk/FVTFYlT8OWF
C7cZcyNfj8R5TqzLFjZt5i8Bjey/xAO3m1wq3vD/NVh0yBKYknAmIFAYWBXx9Ymt
a9UmFJr3KCHHlavNF2tS/mwav7cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSzQH/q
DRiheBnFiPMYmHwJDhnMrDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGYzZmJkNzEtODViNC00OGE3LTg0NzktZTk0MmM5NTc4MjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HEQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA4xacFpbwQ7jdadD/JSThsagEYTYc92niDfCVN
XWeOjsElu4U1Rt5H0JKgCw5vQevhNenc3oq2XkRc3qPgsAZ4X9dh3g6/TgsDLqYB
j6RJdIpAaiw+XrIceD7mgqH+XikaToV3Z1/1LcMNYjeCcRtCZY67fs1Icyaghc8j
Rcppj26m3xRy/2mXZiwm7ZpTvvkU9AIOEG9piGBEBggdlOcDkEOHJKi9Z4KLOMrV
IGiax4aaXAvVegBPvSdQ8Mch5349P50Zt1kAGzT5qn/jrozsiocNb6eP45DRxLvk
1O1YLKEU1mbcM/yyMC3WN19JjVdhlQbki7F1cKLZaQJaD6OG
-----END CERTIFICATE-----
Generated at Thu Apr 18 02:44:33 2024 by rpki-client on console-fra.rpki-client.org