Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
File: 11f67075-d744-49be-809b-fca0d72c41e0.roa (raw, json)
Hash identifier: roKqclC2stPRXw+rbMEZgyQtNEr8I5QLBiKlaNN4a6w=
Subject key identifier: E5:9F:26:01:63:DF:4C:1C:48:E4:C4:63:31:F9:BF:BD:33:9A:7D:BA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 18F68C7E0D53883CEAE2B331E498545CD02BDC1E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
Signing time: Tue 23 Apr 2024 00:00:00 +0000
ROA not before: Tue 23 Apr 2024 00:00:00 +0000
ROA not after: Tue 28 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 23:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:f6:8c:7e:0d:53:88:3c:ea:e2:b3:31:e4:98:54:5c:d0:2b:dc:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 23 00:00:00 2024 GMT
Not After : May 28 23:59:59 2024 GMT
Subject: serialNumber=967d59583b7071310c08db79dbf2c226d36e15d68c6499d1ca7124cbcfe5fb1b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:88:47:b0:f3:f9:a7:cf:e8:5d:8b:e9:b3:64:
aa:a9:bc:df:ea:63:da:5c:d5:3a:aa:21:7d:e8:7a:
23:92:16:5d:8f:0c:f4:59:48:4c:17:d7:35:22:ae:
2a:5f:21:78:11:21:ac:4b:fc:ab:c9:91:05:4c:90:
ed:bd:92:b9:3b:63:9e:f5:48:28:a8:a3:83:14:1a:
21:14:c6:16:43:11:1e:73:f4:18:07:0c:d8:82:c8:
2f:db:07:4c:ff:28:3c:3f:dc:fc:a8:86:f6:7d:ad:
2b:6a:1e:1f:e3:a0:c0:a2:a6:3c:1b:32:cd:25:f4:
6a:cc:b8:d0:0f:9d:73:3b:92:9b:bd:22:67:5f:25:
00:67:fb:8f:3b:58:0a:f8:24:bf:df:06:bf:62:13:
1c:1d:5c:f3:ab:5c:03:49:ed:4c:27:44:de:8f:ed:
f8:da:94:d6:37:90:73:74:07:c5:df:c3:9a:b3:66:
77:fc:c7:85:2a:34:62:81:9c:c7:c0:96:8e:fb:98:
f1:85:aa:5b:be:6c:c5:ed:1a:2a:ba:90:ad:1f:69:
56:6f:31:c9:24:0b:89:9d:14:8a:79:1a:8c:11:d4:
66:c8:0b:22:08:4d:9b:f6:4d:62:ff:e9:5d:54:31:
3c:25:c0:33:bc:12:48:f5:53:46:ff:8c:09:1e:67:
59:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:9F:26:01:63:DF:4C:1C:48:E4:C4:63:31:F9:BF:BD:33:9A:7D:BA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:2000::/40
Signature Algorithm: sha256WithRSAEncryption
ba:c8:d1:36:45:48:77:23:8a:7d:6d:86:52:d0:8b:e5:48:b5:
07:27:93:20:c0:87:e8:b3:dc:d3:e1:6a:88:17:a6:4b:c1:95:
de:72:71:e5:cb:0b:ce:bf:28:6f:96:5e:30:23:b5:6a:2a:3c:
3a:c8:26:b1:5f:bd:45:7b:76:17:80:93:43:d6:73:61:39:a9:
87:13:6d:f4:2a:55:a1:f0:e8:12:73:39:8c:c2:5e:14:16:eb:
bd:77:fc:6d:50:44:03:35:f5:33:c6:63:ee:c1:85:b3:36:0f:
3c:d0:71:61:35:6f:37:4b:21:f8:af:3b:eb:43:db:44:3e:1c:
46:fa:29:5c:e9:8f:bb:b3:35:ac:32:ff:29:ef:32:53:8f:6c:
5a:6b:64:ed:fc:ae:c4:a3:db:2b:2d:3e:92:aa:63:1d:90:d8:
7a:d8:14:3e:3b:6f:e4:65:fb:14:12:81:40:dc:c5:bf:0b:60:
54:fc:5b:9d:d6:4f:01:e9:36:d3:6d:c4:a6:3c:ec:74:4a:97:
61:35:b4:46:fd:14:bd:b4:92:39:5b:30:0f:94:51:0a:b4:b1:
f6:3f:7b:95:4a:15:95:57:12:f6:d1:82:ce:db:92:aa:a5:17:
1c:20:45:44:3b:55:0e:bb:8a:86:a5:6f:78:03:a1:6d:f7:a1:
5f:e6:49:a6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGPaMfg1TiDzq4rMx5JhUXNAr3B4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjMwMDAwMDBaFw0yNDA1MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2N2Q1OTU4M2I3MDcxMzEwYzA4ZGI3OWRiZjJjMjI2ZDM2ZTE1ZDY4YzY0
OTlkMWNhNzEyNGNiY2ZlNWZiMWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6IR7Dz+afP6F2L6bNkqqm83+pj2lzVOqohfeh6I5IWXY8M9FlITBfXNSKu
Kl8heBEhrEv8q8mRBUyQ7b2SuTtjnvVIKKijgxQaIRTGFkMRHnP0GAcM2ILIL9sH
TP8oPD/c/KiG9n2tK2oeH+OgwKKmPBsyzSX0asy40A+dczuSm70iZ18lAGf7jztY
Cvgkv98Gv2ITHB1c86tcA0ntTCdE3o/t+NqU1jeQc3QHxd/DmrNmd/zHhSo0YoGc
x8CWjvuY8YWqW75sxe0aKrqQrR9pVm8xySQLiZ0UinkajBHUZsgLIghNm/ZNYv/p
XVQxPCXAM7wSSPVTRv+MCR5nWSkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTlnyYB
Y99MHEjkxGMx+b+9M5p9ujAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTFmNjcwNzUtZDc0NC00OWJlLTgwOWItZmNhMGQ3MmM0MWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hgg
MA0GCSqGSIb3DQEBCwUAA4IBAQC6yNE2RUh3I4p9bYZS0IvlSLUHJ5MgwIfos9zT
4WqIF6ZLwZXecnHlywvOvyhvll4wI7VqKjw6yCaxX71Fe3YXgJND1nNhOamHE230
KlWh8OgSczmMwl4UFuu9d/xtUEQDNfUzxmPuwYWzNg880HFhNW83SyH4rzvrQ9tE
PhxG+ilc6Y+7szWsMv8p7zJTj2xaa2Tt/K7Eo9srLT6SqmMdkNh62BQ+O2/kZfsU
EoFA3MW/C2BU/Fud1k8B6TbTbcSmPOx0SpdhNbRG/RS9tJI5WzAPlFEKtLH2P3uV
ShWVVxL20YLO25KqpRccIEVEO1UOu4qGpW94A6Ft96Ff5kmm
-----END CERTIFICATE-----
Generated at Fri Apr 26 08:26:19 2024 by rpki-client on console-ams.rpki-client.org