Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f563251-1efa-4b6d-afe9-3e7f014bbba1.roa
File: 0f563251-1efa-4b6d-afe9-3e7f014bbba1.roa (raw, json)
Hash identifier: l7qrQPg8Xj7LVWsj+2QPJj7l8hZQoqstiFLz5u47/EE=
Subject key identifier: 7E:C6:F7:CD:A1:EF:F5:2A:6F:EF:DE:7D:70:BB:81:D7:88:A9:EA:B3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E61B3276FE90A355E36585F77576CD24611383D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f563251-1efa-4b6d-afe9-3e7f014bbba1.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:61:b3:27:6f:e9:0a:35:5e:36:58:5f:77:57:6c:d2:46:11:38:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=cf91fc2b7c76ebcaf51fe8bcd1ff82f4320668756d85800db49bc8baa44dfa9f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:54:81:52:ec:33:c8:bc:5f:f8:7f:bd:c8:d2:
9d:4a:ad:12:86:9b:4e:76:13:a4:53:66:14:ba:38:
34:ef:23:0f:ae:7d:7a:80:b3:c0:b8:15:71:2a:c2:
30:91:06:97:94:33:da:2f:5f:31:0f:b8:26:93:e1:
c5:44:2a:45:93:aa:2f:9e:5f:6e:60:d7:cd:00:d1:
9a:1c:eb:0a:f6:c3:c9:2f:5b:d2:94:f5:0f:03:8b:
50:5d:2e:57:5f:f1:d8:fd:e2:28:48:1a:e2:b3:9e:
96:56:fb:c4:92:67:4f:36:6f:9e:2a:cf:5a:75:16:
80:f9:a5:23:9d:63:f6:ac:cb:02:45:18:4d:05:02:
ff:a5:14:b5:12:a7:33:c6:04:9b:cd:5a:dc:95:59:
c7:85:60:bf:ec:ea:10:a3:d7:8a:ba:77:df:ec:3d:
cb:ae:66:9f:31:e5:20:f6:13:c2:fb:12:5f:13:14:
ed:9f:b8:3a:b5:90:87:84:2f:fa:c3:ef:b8:67:f4:
ab:52:f9:d9:84:30:68:6b:1d:cf:c4:3d:34:0f:a9:
89:88:8c:db:eb:de:70:b8:18:9a:86:e2:5f:da:81:
da:36:31:9c:0a:62:e3:14:3a:d2:dd:25:8f:83:77:
23:4b:51:db:4c:44:7a:09:0b:5e:95:82:6e:83:d5:
e3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:C6:F7:CD:A1:EF:F5:2A:6F:EF:DE:7D:70:BB:81:D7:88:A9:EA:B3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f563251-1efa-4b6d-afe9-3e7f014bbba1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6000::/40
Signature Algorithm: sha256WithRSAEncryption
26:1c:55:5c:c5:14:51:63:92:2c:cf:48:41:13:1e:3e:19:51:
1e:70:30:13:95:b4:36:68:3d:98:e3:e1:16:1f:69:b3:be:b3:
42:d0:26:46:09:4d:b8:78:52:fc:66:c3:88:da:ea:42:b8:07:
55:cd:76:4a:5f:c0:14:9d:34:45:44:26:4e:6f:18:84:09:b1:
70:6d:54:cb:54:5d:d8:d2:2b:bc:2d:1b:82:4c:a8:35:98:cc:
a5:7a:74:0b:5d:8c:0a:29:d9:9f:06:ea:1e:e0:98:0b:46:71:
d2:9e:3c:83:92:65:77:9e:5d:f8:c3:c2:83:96:83:8a:4a:41:
a7:dd:dd:db:e2:bd:3b:11:7b:b8:1c:e8:99:35:97:09:29:19:
37:67:75:37:94:8e:85:b4:17:87:20:33:24:b3:ef:c7:25:b5:
88:90:75:2c:9f:e9:70:9b:a6:31:cd:06:21:3f:16:52:18:77:
4a:5b:d4:cd:cc:7c:e7:ae:53:64:b7:d4:aa:cb:42:a1:b9:1e:
ef:4c:9e:c5:e2:90:83:44:81:c7:17:1a:d1:f7:a7:72:1d:de:
5f:5e:ea:2f:c0:d2:d4:62:cf:de:c7:cc:f7:87:1a:41:51:7c:
c1:31:48:e1:10:27:21:ed:3b:74:6e:d9:6c:5a:20:c8:05:a2:
63:cd:21:ec
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXmGzJ2/pCjVeNlhfd1ds0kYROD0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmOTFmYzJiN2M3NmViY2FmNTFmZThiY2QxZmY4MmY0MzIwNjY4NzU2ZDg1
ODAwZGI0OWJjOGJhYTQ0ZGZhOWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOpUgVLsM8i8X/h/vcjSnUqtEoabTnYTpFNmFLo4NO8jD659eoCzwLgVcSrC
MJEGl5Qz2i9fMQ+4JpPhxUQqRZOqL55fbmDXzQDRmhzrCvbDyS9b0pT1DwOLUF0u
V1/x2P3iKEga4rOellb7xJJnTzZvnirPWnUWgPmlI51j9qzLAkUYTQUC/6UUtRKn
M8YEm81a3JVZx4Vgv+zqEKPXirp33+w9y65mnzHlIPYTwvsSXxMU7Z+4OrWQh4Qv
+sPvuGf0q1L52YQwaGsdz8Q9NA+piYiM2+vecLgYmobiX9qB2jYxnApi4xQ60t0l
j4N3I0tR20xEegkLXpWCboPV4x8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR+xvfN
oe/1Km/v3n1wu4HXiKnqszAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGY1NjMyNTEtMWVmYS00YjZkLWFmZTktM2U3ZjAxNGJiYmExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJg
MA0GCSqGSIb3DQEBCwUAA4IBAQAmHFVcxRRRY5Isz0hBEx4+GVEecDATlbQ2aD2Y
4+EWH2mzvrNC0CZGCU24eFL8ZsOI2upCuAdVzXZKX8AUnTRFRCZObxiECbFwbVTL
VF3Y0iu8LRuCTKg1mMylenQLXYwKKdmfBuoe4JgLRnHSnjyDkmV3nl34w8KDloOK
SkGn3d3b4r07EXu4HOiZNZcJKRk3Z3U3lI6FtBeHIDMks+/HJbWIkHUsn+lwm6Yx
zQYhPxZSGHdKW9TNzHznrlNkt9Sqy0KhuR7vTJ7F4pCDRIHHFxrR96dyHd5fXuov
wNLUYs/ex8z3hxpBUXzBMUjhECch7Tt0btlsWiDIBaJjzSHs
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:58:37 2024 by rpki-client on console-fra.rpki-client.org