Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f870cd2-3211-4d48-b083-dc34ba1cf991.roa
File: 0f870cd2-3211-4d48-b083-dc34ba1cf991.roa (raw, json)
Hash identifier: jhwWb90s0YjB9Hafrvut02Pb3cugMB2rbl3UsHQ5Arg=
Subject key identifier: FB:5A:55:00:52:0C:5C:C9:1F:ED:FF:B6:09:71:9A:A7:27:30:4D:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59DCCEC236471348EEDD6791976722699ECEEDC3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f870cd2-3211-4d48-b083-dc34ba1cf991.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:dc:ce:c2:36:47:13:48:ee:dd:67:91:97:67:22:69:9e:ce:ed:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=8a99fcb6f8ef341e746b1a8c1011c772fc8b5c497ce69841eaa2a202590152d1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:19:6e:9c:64:b5:bd:62:39:76:fd:f2:8d:62:
45:be:6d:1a:16:3a:07:ac:02:4c:af:de:b3:56:00:
2b:ad:57:0c:8c:11:db:bc:95:1c:a4:37:07:3f:28:
09:a9:d0:c7:8d:cc:9c:f4:d2:ef:c1:02:00:9a:24:
99:e1:b5:6d:91:3b:65:30:31:52:d6:d6:7f:16:a9:
3c:9f:1f:b9:23:98:c8:3f:6f:e2:73:46:1e:6b:d3:
bd:b3:ad:77:2d:cd:c3:e1:30:15:66:0d:8d:8c:b3:
5e:40:92:ff:73:5f:c4:86:45:f7:6f:b3:58:21:0a:
e2:db:6d:48:44:3a:e8:fd:17:54:36:f3:e9:83:cd:
64:58:c4:79:97:48:05:24:ce:36:1a:94:0a:37:fb:
4b:b4:28:b8:3c:58:d3:a8:73:1f:9e:b6:b7:98:14:
85:16:6b:94:41:71:99:94:fe:0f:d6:68:fb:e9:62:
91:d1:43:a4:f3:f8:ce:71:a8:81:09:5f:17:4a:62:
75:af:76:b6:5e:18:60:a7:1f:86:9f:bc:e1:2e:35:
8f:09:26:e0:0d:a9:cf:a6:50:44:9c:aa:e7:61:fe:
e8:01:98:54:67:59:c8:67:00:97:e8:23:e3:40:3a:
1d:cd:92:63:17:73:e5:8d:56:01:2a:64:81:3c:e6:
f2:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:5A:55:00:52:0C:5C:C9:1F:ED:FF:B6:09:71:9A:A7:27:30:4D:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f870cd2-3211-4d48-b083-dc34ba1cf991.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a::/36
Signature Algorithm: sha256WithRSAEncryption
5b:c9:ff:4e:77:3b:a6:e1:b8:84:13:9d:97:06:8d:6d:16:fb:
96:d9:5d:bc:dc:74:db:f0:6a:68:85:74:84:ae:8f:54:27:f5:
6b:d4:16:2e:ce:af:da:fa:1b:94:57:dd:fb:35:42:94:de:1d:
c5:02:a3:88:bf:6a:30:37:c7:31:e6:b2:a0:0d:8e:4a:75:02:
2b:4f:88:2c:2b:d5:46:cd:ab:9b:c9:c4:b9:7d:19:89:d4:b7:
f7:b2:32:46:4c:9c:8e:c4:e3:da:b7:63:cd:e0:d5:59:f0:ad:
f2:7b:3e:dc:a4:30:89:65:4e:a9:72:ab:16:b7:4f:c4:e9:08:
62:76:15:8f:ea:8f:35:86:1f:0b:46:28:3c:b9:0a:4f:b8:62:
ed:82:a3:2b:51:50:fe:78:1f:ed:b1:fb:d9:ca:cb:1b:b7:f6:
14:fd:c0:c8:a0:e6:d0:d9:73:55:dd:f9:81:f0:b8:e4:a2:ba:
dd:0e:ab:20:53:aa:86:ef:9e:6a:38:d6:5b:d3:9e:24:a1:47:
12:90:4d:9f:65:eb:cd:17:8e:1e:1d:2a:ea:56:76:36:02:e7:
05:06:4f:05:b5:5d:6c:f1:51:f9:0b:6e:95:df:c3:41:03:44:
b4:07:a4:37:9e:df:41:43:a1:dc:07:97:18:70:09:45:cb:4f:
cd:53:a2:d0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWdzOwjZHE0ju3WeRl2ciaZ7O7cMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhOTlmY2I2ZjhlZjM0MWU3NDZiMWE4YzEwMTFjNzcyZmM4YjVjNDk3Y2U2
OTg0MWVhYTJhMjAyNTkwMTUyZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ8Zbpxktb1iOXb98o1iRb5tGhY6B6wCTK/es1YAK61XDIwR27yVHKQ3Bz8o
CanQx43MnPTS78ECAJokmeG1bZE7ZTAxUtbWfxapPJ8fuSOYyD9v4nNGHmvTvbOt
dy3Nw+EwFWYNjYyzXkCS/3NfxIZF92+zWCEK4tttSEQ66P0XVDbz6YPNZFjEeZdI
BSTONhqUCjf7S7QouDxY06hzH562t5gUhRZrlEFxmZT+D9Zo++likdFDpPP4znGo
gQlfF0pida92tl4YYKcfhp+84S41jwkm4A2pz6ZQRJyq52H+6AGYVGdZyGcAl+gj
40A6Hc2SYxdz5Y1WASpkgTzm8kkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT7WlUA
UgxcyR/t/7YJcZqnJzBNpjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGY4NzBjZDItMzIxMS00ZDQ4LWIwODMtZGMzNGJhMWNmOTkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BoA
MA0GCSqGSIb3DQEBCwUAA4IBAQBbyf9Odzum4biEE52XBo1tFvuW2V283HTb8Gpo
hXSEro9UJ/Vr1BYuzq/a+huUV937NUKU3h3FAqOIv2owN8cx5rKgDY5KdQIrT4gs
K9VGzaubycS5fRmJ1Lf3sjJGTJyOxOPat2PN4NVZ8K3yez7cpDCJZU6pcqsWt0/E
6QhidhWP6o81hh8LRig8uQpPuGLtgqMrUVD+eB/tsfvZyssbt/YU/cDIoObQ2XNV
3fmB8LjkorrdDqsgU6qG755qONZb054koUcSkE2fZevNF44eHSrqVnY2AucFBk8F
tV1s8VH5C26V38NBA0S0B6Q3nt9BQ6HcB5cYcAlFy0/NU6LQ
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:11 2024 by rpki-client on console-fra.rpki-client.org