Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
File: 11f67075-d744-49be-809b-fca0d72c41e0.roa (raw, json)
Hash identifier: zkvOTU05XDt3hHk1Rivuol//Tn3qHUP2bbemAY7uJGs=
Subject key identifier: EC:03:9C:ED:C0:5D:18:F0:CF:1D:A1:1A:EB:07:F9:F9:BA:7B:7A:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A8DF4F1B0B6B865A7283F4594DE510731B0B8C4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:8d:f4:f1:b0:b6:b8:65:a7:28:3f:45:94:de:51:07:31:b0:b8:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=17f2662f113e8fc8d14071706f21599b7ce035c5b6f473c519603cab874062ee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cf:49:1d:78:15:4a:b3:a3:d9:e8:8c:3f:0b:
ad:69:b4:24:b4:1b:03:e4:6e:de:3f:00:53:7a:25:
35:27:10:43:ed:d8:eb:cc:be:76:15:30:c4:c8:c1:
e5:ca:48:89:9b:53:28:7b:a6:12:e2:c1:d3:da:44:
ee:03:d0:17:ce:ce:95:2a:53:13:c3:82:51:84:d4:
76:86:97:ab:5e:bb:37:4c:5a:89:97:2b:e1:30:41:
28:ae:9c:b1:bb:ab:d5:4e:4b:83:24:52:a0:65:dd:
b1:aa:fa:11:41:22:19:7a:05:6a:ac:90:84:66:60:
34:f8:d4:04:a5:63:89:70:e6:9f:59:53:65:68:c3:
65:7e:1e:d0:73:56:7d:7b:72:80:7b:be:26:b5:6a:
6d:6a:7e:f2:c5:f8:1c:1b:13:a2:e3:f5:46:4b:6a:
35:96:f9:62:86:c7:ec:33:cf:25:79:3f:b0:cb:e3:
0d:68:2d:35:fc:79:de:20:72:32:63:89:7a:5d:28:
1b:75:a6:cf:e1:a5:8c:e9:92:97:39:bd:f3:28:07:
4f:ef:6c:eb:28:47:f8:4e:77:79:7b:b7:2c:68:18:
6b:78:70:23:e5:a7:3f:72:13:91:7b:eb:bb:de:8f:
07:75:07:a0:04:cf:c9:e4:9f:5b:51:37:68:a1:b0:
87:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:03:9C:ED:C0:5D:18:F0:CF:1D:A1:1A:EB:07:F9:F9:BA:7B:7A:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:2000::/40
Signature Algorithm: sha256WithRSAEncryption
7b:5c:24:65:3b:75:09:d9:e8:fe:6d:7f:97:4a:7d:fb:d6:f6:
6e:2e:57:95:95:7a:b0:8b:a2:cd:9d:01:8f:0c:dc:9b:02:f9:
fd:f8:dc:94:bc:e2:f5:b9:47:b8:b0:78:ce:b9:99:73:ed:d0:
b4:19:d3:8a:13:03:b2:22:d2:81:0c:a1:40:39:d7:45:00:af:
43:1f:a0:3d:cc:15:f8:4c:a8:b3:a5:0e:76:3b:b0:1d:a3:bc:
9a:8a:3d:4b:55:f9:28:64:a8:1d:bf:07:f8:53:df:bc:1c:ea:
0b:1f:f6:e1:7b:9a:6c:0c:d2:85:af:e1:2d:24:9c:cd:29:b8:
a4:77:19:4c:9c:3a:7d:ee:42:81:d1:d0:61:24:88:e3:9b:5a:
6e:32:47:0f:6c:76:5b:d1:1c:d0:47:98:3c:4d:37:83:ba:6e:
6a:01:9f:ac:32:7f:02:20:92:a7:42:78:58:c7:a7:45:96:bb:
42:aa:6f:78:02:bc:4c:0d:1a:df:e4:f4:bf:0a:d7:6c:6b:b3:
e6:e7:09:51:e7:22:7f:84:a3:fc:06:17:98:07:7c:bc:1b:94:
75:97:c4:07:87:82:7e:85:50:5f:0f:31:a8:b5:95:1e:5f:8b:
99:26:54:a5:af:68:03:2a:4e:b9:68:c4:6d:b2:ec:64:d2:c2:
80:ee:a7:89
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGo308bC2uGWnKD9FlN5RBzGwuMQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3ZjI2NjJmMTEzZThmYzhkMTQwNzE3MDZmMjE1OTliN2NlMDM1YzViNmY0
NzNjNTE5NjAzY2FiODc0MDYyZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLPSR14FUqzo9nojD8LrWm0JLQbA+Ru3j8AU3olNScQQ+3Y68y+dhUwxMjB
5cpIiZtTKHumEuLB09pE7gPQF87OlSpTE8OCUYTUdoaXq167N0xaiZcr4TBBKK6c
sbur1U5LgyRSoGXdsar6EUEiGXoFaqyQhGZgNPjUBKVjiXDmn1lTZWjDZX4e0HNW
fXtygHu+JrVqbWp+8sX4HBsTouP1RktqNZb5YobH7DPPJXk/sMvjDWgtNfx53iBy
MmOJel0oG3Wmz+GljOmSlzm98ygHT+9s6yhH+E53eXu3LGgYa3hwI+WnP3ITkXvr
u96PB3UHoATPyeSfW1E3aKGwh2ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTsA5zt
wF0Y8M8doRrrB/n5unt6WTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTFmNjcwNzUtZDc0NC00OWJlLTgwOWItZmNhMGQ3MmM0MWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hgg
MA0GCSqGSIb3DQEBCwUAA4IBAQB7XCRlO3UJ2ej+bX+XSn371vZuLleVlXqwi6LN
nQGPDNybAvn9+NyUvOL1uUe4sHjOuZlz7dC0GdOKEwOyItKBDKFAOddFAK9DH6A9
zBX4TKizpQ52O7Ado7yaij1LVfkoZKgdvwf4U9+8HOoLH/bhe5psDNKFr+EtJJzN
KbikdxlMnDp97kKB0dBhJIjjm1puMkcPbHZb0RzQR5g8TTeDum5qAZ+sMn8CIJKn
QnhYx6dFlrtCqm94ArxMDRrf5PS/Ctdsa7Pm5wlR5yJ/hKP8BheYB3y8G5R1l8QH
h4J+hVBfDzGotZUeX4uZJlSlr2gDKk65aMRtsuxk0sKA7qeJ
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:58:37 2024 by rpki-client on console-fra.rpki-client.org