Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fa23d6c-fd5a-4d4c-9504-fa93a22f52cb.roa
File: 0fa23d6c-fd5a-4d4c-9504-fa93a22f52cb.roa (raw, json)
Hash identifier: ElipA06kLkqvD+yx297VVF1KfBhNwpMLx+vt1RfFoSY=
Subject key identifier: E5:AF:FE:AC:0F:00:77:61:5D:54:85:61:AC:17:39:DE:97:AD:C2:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 42A2ACBB89E7F6587BB1E3A3B16E3FBAF39D9A52
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fa23d6c-fd5a-4d4c-9504-fa93a22f52cb.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:a2:ac:bb:89:e7:f6:58:7b:b1:e3:a3:b1:6e:3f:ba:f3:9d:9a:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=aa7073ad51f23df5c2c6eefedf67a2203098840127541959dd19cf89c6189548, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:4a:60:f7:ef:6b:bf:07:7d:db:6f:34:3c:bb:
b1:f8:79:b1:25:5f:b3:da:82:d8:78:79:d0:b1:72:
66:ed:2e:3f:4c:cf:dd:37:5b:9d:9c:8c:38:46:be:
b7:a0:86:6b:71:e3:1f:5d:5a:58:52:dc:90:ad:0f:
13:1d:b4:e8:29:12:52:80:66:8e:6a:3d:54:48:a3:
96:08:5d:a4:25:fb:2c:9d:1c:e6:4f:77:08:d9:17:
0f:a1:3b:98:eb:a1:76:eb:60:34:27:6f:3b:81:93:
1d:6c:c5:e0:49:26:3d:07:4e:af:c9:94:7b:4e:61:
1c:4a:33:d6:9e:07:5a:da:5b:3c:9d:1b:35:a6:0e:
02:b8:26:b7:a7:5b:83:f3:85:5a:af:59:ea:61:05:
1a:6a:a3:8c:02:f5:7d:86:e4:b6:8e:65:da:e3:2e:
8b:74:6b:da:97:9d:6d:54:67:a8:8f:e6:3d:50:99:
60:c0:2c:40:d1:c0:69:a0:95:fb:9e:ed:34:4c:e2:
b1:7a:0f:c7:78:6d:d4:7c:be:9a:af:a0:48:a3:50:
5e:2d:ba:bd:67:8c:8d:03:e9:c0:76:a7:77:50:f5:
85:af:7f:3c:04:a9:20:4e:d1:56:70:63:72:44:ad:
29:10:87:3a:1d:5a:79:6b:b3:93:f8:d8:2b:bc:05:
28:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:AF:FE:AC:0F:00:77:61:5D:54:85:61:AC:17:39:DE:97:AD:C2:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fa23d6c-fd5a-4d4c-9504-fa93a22f52cb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:4000::/40
Signature Algorithm: sha256WithRSAEncryption
46:f2:97:29:d5:17:3a:02:af:7f:71:28:ab:5d:2a:f9:c1:00:
0b:bc:7e:ff:e9:f5:23:ac:f7:e0:f5:e0:48:31:74:45:3b:6f:
8f:9f:ad:11:58:95:25:27:c3:65:21:72:10:33:3c:ce:93:9d:
5f:8c:f4:d7:3e:19:f3:9c:6f:7c:ed:f3:84:dd:c5:a5:c3:77:
78:5f:af:43:77:4a:2a:19:ce:90:6f:5a:e1:bd:55:37:79:94:
11:fb:3c:0e:6f:21:31:65:db:ff:5d:72:29:31:2a:b4:b4:fe:
fa:39:d6:e5:db:be:81:a2:c9:2d:46:e4:b0:c3:31:38:2f:5b:
89:22:f4:81:93:b0:b4:18:28:b6:45:7c:8d:88:28:f0:45:75:
7c:cb:27:fb:09:7d:ad:72:12:62:b9:5e:cf:ed:80:c0:b2:25:
a6:e5:93:cb:48:45:4b:26:9a:fb:24:6e:14:fb:b0:19:cc:ed:
a8:1e:23:53:5b:4b:16:9f:fd:cc:9b:78:57:6b:93:80:99:aa:
4d:31:dc:f6:d8:b5:24:96:00:c4:d8:43:69:6a:f4:c5:98:3f:
a6:0d:a0:9a:c1:1d:25:fe:6c:65:62:68:7a:d6:ee:90:5f:32:
e2:e7:c0:8d:0a:bd:fe:33:94:70:a3:03:58:f5:84:1c:b1:30:
b7:72:27:31
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQqKsu4nn9lh7seOjsW4/uvOdmlIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhNzA3M2FkNTFmMjNkZjVjMmM2ZWVmZWRmNjdhMjIwMzA5ODg0MDEyNzU0
MTk1OWRkMTljZjg5YzYxODk1NDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOlKYPfva78HfdtvNDy7sfh5sSVfs9qC2Hh50LFyZu0uP0zP3TdbnZyMOEa+
t6CGa3HjH11aWFLckK0PEx206CkSUoBmjmo9VEijlghdpCX7LJ0c5k93CNkXD6E7
mOuhdutgNCdvO4GTHWzF4EkmPQdOr8mUe05hHEoz1p4HWtpbPJ0bNaYOArgmt6db
g/OFWq9Z6mEFGmqjjAL1fYbkto5l2uMui3Rr2pedbVRnqI/mPVCZYMAsQNHAaaCV
+57tNEzisXoPx3ht1Hy+mq+gSKNQXi26vWeMjQPpwHand1D1ha9/PASpIE7RVnBj
ckStKRCHOh1aeWuzk/jYK7wFKMcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTlr/6s
DwB3YV1UhWGsFznel63CXzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGZhMjNkNmMtZmQ1YS00ZDRjLTk1MDQtZmE5M2EyMmY1MmNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJA
MA0GCSqGSIb3DQEBCwUAA4IBAQBG8pcp1Rc6Aq9/cSirXSr5wQALvH7/6fUjrPfg
9eBIMXRFO2+Pn60RWJUlJ8NlIXIQMzzOk51fjPTXPhnznG987fOE3cWlw3d4X69D
d0oqGc6Qb1rhvVU3eZQR+zwObyExZdv/XXIpMSq0tP76Odbl276BosktRuSwwzE4
L1uJIvSBk7C0GCi2RXyNiCjwRXV8yyf7CX2tchJiuV7P7YDAsiWm5ZPLSEVLJpr7
JG4U+7AZzO2oHiNTW0sWn/3Mm3hXa5OAmapNMdz22LUklgDE2ENpavTFmD+mDaCa
wR0l/mxlYmh61u6QXzLi58CNCr3+M5RwowNY9YQcsTC3cicx
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:32 2024 by rpki-client on console-fra.rpki-client.org