Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
File: 183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa (raw, json)
Hash identifier: Kj6Az3V/eKtdtci9zKXDYEPYtAVHhXdw+nHwatteVOg=
Subject key identifier: 04:E8:48:E0:8A:EC:BD:D9:67:6C:38:D0:08:94:ED:61:85:89:71:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67D67D256CFB17CCA579C1E9E8A381E68373F068
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 12:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:d6:7d:25:6c:fb:17:cc:a5:79:c1:e9:e8:a3:81:e6:83:73:f0:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=963ac1509d494d3f6e1ad605bf4decf6c7c8a7d7dbfbbb49543f7d8565d12d1c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:77:bf:c7:6b:79:53:b4:75:0f:72:6e:b7:64:
ff:7b:67:1d:a3:bb:71:ff:76:7f:f7:3d:98:fb:4f:
db:bc:bb:49:ef:50:d1:4c:4b:d3:d4:06:5f:66:b9:
77:8a:4c:81:63:0a:8b:9b:ed:af:b5:f3:ba:86:27:
de:74:81:c2:ff:76:dc:30:71:49:47:74:0d:98:89:
67:3d:2f:b2:9e:bd:da:2d:91:e9:d4:f9:fa:35:41:
65:c6:87:e5:27:db:93:f0:5f:2d:a4:58:e2:73:2b:
dd:c6:63:8a:06:72:7a:90:9f:28:90:c8:6a:87:11:
ea:fa:2a:3c:9b:76:9e:94:70:50:7a:31:67:f6:fa:
07:87:af:b7:48:4d:03:2b:e6:b3:9e:39:a0:67:bf:
53:0b:ae:1c:b3:35:22:77:4e:9e:72:8d:0f:88:4d:
2d:10:f9:24:3e:de:33:f4:ff:c8:a8:47:b0:b9:c9:
aa:a8:b4:e0:b2:a4:d9:4b:8a:08:f3:31:f4:18:40:
26:89:53:98:67:24:ef:54:c9:8d:92:c1:9a:0d:29:
88:1d:76:aa:c9:98:51:46:67:d4:da:19:cc:d8:2b:
8f:cd:7c:13:a2:2b:7d:7e:5a:e0:63:c4:a3:11:b3:
25:6b:58:b5:2d:3a:34:da:15:7c:d3:57:62:a7:d3:
10:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:E8:48:E0:8A:EC:BD:D9:67:6C:38:D0:08:94:ED:61:85:89:71:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/183eb583-3fb3-4c3a-badb-9fe0a4e50fd2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:1000::/40
Signature Algorithm: sha256WithRSAEncryption
b8:54:d7:31:61:f4:a8:c6:d1:60:97:89:6c:80:5b:03:e7:26:
87:2e:25:2c:30:58:ec:5a:a8:49:4f:47:57:7b:0a:c0:3e:d7:
e4:e9:1f:0c:3b:97:d1:1a:67:b2:81:c5:ab:23:c0:d1:c0:86:
bc:ca:08:a8:3b:9c:8c:87:0c:bd:38:b4:d0:23:8c:60:68:17:
6e:9e:28:78:30:2f:f2:1d:23:bb:9d:7c:59:87:73:73:c6:f6:
13:88:50:a9:72:0f:5d:c0:6b:60:f2:cf:6d:a8:99:3e:28:66:
21:2c:7f:21:9c:66:d7:1d:cc:1a:67:2f:86:a3:f9:c7:ec:ad:
76:f8:32:cb:f1:53:48:24:9a:66:8b:45:c5:be:58:90:9a:3a:
0a:e9:81:37:9a:bb:d8:ba:b9:b0:37:19:51:fb:42:f7:66:be:
29:86:75:45:78:55:70:83:e5:62:10:f5:30:39:b9:3d:2a:e0:
3e:de:0f:21:99:ae:4d:56:8f:de:b0:6d:01:69:67:af:55:7e:
79:55:ed:0a:ae:f1:0b:7a:96:e0:aa:e5:65:f8:c2:27:36:c6:
c7:09:c4:3c:f1:b1:ab:27:8a:65:26:81:44:05:81:55:94:e0:
4d:48:93:19:b2:87:1e:4e:eb:84:41:47:e8:70:77:c3:c2:7a:
bf:94:cf:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZ9Z9JWz7F8ylecHp6KOB5oNz8GgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2M2FjMTUwOWQ0OTRkM2Y2ZTFhZDYwNWJmNGRlY2Y2YzdjOGE3ZDdkYmZi
YmI0OTU0M2Y3ZDg1NjVkMTJkMWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALt3v8dreVO0dQ9ybrdk/3tnHaO7cf92f/c9mPtP27y7Se9Q0UxL09QGX2a5
d4pMgWMKi5vtr7XzuoYn3nSBwv923DBxSUd0DZiJZz0vsp692i2R6dT5+jVBZcaH
5Sfbk/BfLaRY4nMr3cZjigZyepCfKJDIaocR6voqPJt2npRwUHoxZ/b6B4evt0hN
Ayvms545oGe/UwuuHLM1IndOnnKND4hNLRD5JD7eM/T/yKhHsLnJqqi04LKk2UuK
CPMx9BhAJolTmGck71TJjZLBmg0piB12qsmYUUZn1NoZzNgrj818E6IrfX5a4GPE
oxGzJWtYtS06NNoVfNNXYqfTECsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQE6Ejg
iuy92WdsONAIlO1hhYlxBzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTgzZWI1ODMtM2ZiMy00YzNhLWJhZGItOWZlMGE0ZTUwZmQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC4VNcxYfSoxtFgl4lsgFsD5yaHLiUsMFjsWqhJ
T0dXewrAPtfk6R8MO5fRGmeygcWrI8DRwIa8ygioO5yMhwy9OLTQI4xgaBdunih4
MC/yHSO7nXxZh3NzxvYTiFCpcg9dwGtg8s9tqJk+KGYhLH8hnGbXHcwaZy+Go/nH
7K12+DLL8VNIJJpmi0XFvliQmjoK6YE3mrvYurmwNxlR+0L3Zr4phnVFeFVwg+Vi
EPUwObk9KuA+3g8hma5NVo/esG0BaWevVX55Ve0KrvELepbgquVl+MInNsbHCcQ8
8bGrJ4plJoFEBYFVlOBNSJMZsoceTuuEQUfocHfDwnq/lM+c
-----END CERTIFICATE-----
Generated at Sun Apr 28 15:48:50 2024 by rpki-client on console-fra.rpki-client.org