Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1b5e6f71-4060-48b0-9837-ac3b3d259906.roa
File: 1b5e6f71-4060-48b0-9837-ac3b3d259906.roa (raw, json)
Hash identifier: vVFjzjIBgIDM1V+j443XRMd0xomxosyBx1eZq+Sc6do=
Subject key identifier: B8:06:B4:5F:09:7B:5C:E9:B3:D9:F5:25:37:82:C6:B1:6B:B6:8E:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6B7258B8F51CE0EFA66640CC55A22FCB778E30
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1b5e6f71-4060-48b0-9837-ac3b3d259906.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:72:58:b8:f5:1c:e0:ef:a6:66:40:cc:55:a2:2f:cb:77:8e:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=3e435ca7fd297d3dfc4da016b30ed6a99b5de1350c733a6e553d79128e3e4303, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:18:57:bc:49:68:14:ad:4b:86:eb:b5:d0:3c:
5b:e5:82:61:a5:27:6b:ca:d4:fd:ee:f6:47:13:bc:
56:8c:f9:4a:b0:ad:87:7b:57:ee:54:8d:3f:22:5b:
4b:ef:d8:98:e1:eb:6b:ea:7e:b8:9b:b8:37:50:06:
f9:20:b9:19:d4:a6:ac:c3:15:a9:53:a6:36:c8:ae:
bb:50:90:3e:11:52:90:75:45:59:35:93:1c:d3:d3:
0c:30:2a:8d:ab:f7:11:2b:68:76:92:22:58:0b:64:
47:a7:db:11:17:98:c1:8c:2d:ee:a3:5b:91:12:08:
1a:97:51:d2:87:09:8c:53:a8:d7:41:39:d0:2d:9e:
13:18:de:7c:f2:3c:b0:76:be:9b:f0:76:cd:e0:f8:
94:aa:d8:da:90:a6:0b:b5:7e:2e:9c:cd:8a:ec:c6:
cf:83:9a:3c:5c:48:6b:38:5f:dd:50:be:05:59:cc:
ea:33:3a:d8:74:96:65:45:a2:eb:af:d9:06:0d:04:
55:2d:04:a7:c9:34:91:1e:7c:e3:9a:27:90:f3:4d:
e9:e7:2b:f0:ec:12:97:2c:27:40:24:ea:9c:3b:a0:
cf:80:8f:10:f9:3b:43:bd:00:eb:a6:1b:4b:19:6e:
61:aa:ec:df:9d:07:be:60:53:27:a1:b3:1a:ce:58:
78:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:06:B4:5F:09:7B:5C:E9:B3:D9:F5:25:37:82:C6:B1:6B:B6:8E:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1b5e6f71-4060-48b0-9837-ac3b3d259906.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2000::/40
Signature Algorithm: sha256WithRSAEncryption
01:ff:82:e1:97:31:3e:fd:34:20:67:a3:7f:2b:1a:1c:1c:24:
b0:13:6a:06:63:8d:1a:5d:ac:9e:5f:c1:cd:84:b0:09:7b:06:
be:81:f5:5e:26:7f:be:19:df:b1:c3:f9:46:67:47:fc:9d:13:
42:52:0d:5f:4b:1b:d4:25:5d:56:c4:cb:c4:20:6e:e2:f9:93:
2a:10:8b:dd:4a:42:d5:54:db:6e:28:42:49:7f:0b:7c:c1:a7:
95:26:1b:04:3b:cc:1f:2b:2d:29:a3:c5:09:3b:83:52:7b:8a:
1a:48:ca:21:de:75:7a:aa:e6:95:17:26:38:7e:cf:ab:95:1c:
83:6d:5a:a8:83:ab:c6:00:75:3c:e9:9d:16:f2:04:8c:46:7b:
35:8d:68:62:27:a3:f4:86:b8:e1:11:33:cc:17:66:a0:6b:92:
05:2c:55:f7:18:36:55:24:40:bf:6d:70:7e:c2:32:2d:1b:2d:
ff:d8:07:62:ca:b4:87:17:a3:40:bc:71:0e:c6:70:57:73:43:
1b:4f:aa:9c:c9:2b:0e:60:47:89:d2:c0:d1:19:64:ff:d7:b8:
d7:b7:8a:6e:35:07:d1:c4:82:ec:0e:06:dc:09:be:47:18:0a:
fd:e2:99:e6:b1:a2:96:fa:aa:45:81:7f:3c:26:0f:a9:10:5d:
28:bb:cb:32
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgITa3JYuPUc4O+mZkDMVaIvy3eOMDANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI0MTExOTAwMDAwMFoXDTI0MTIyNDIzNTk1OVowejFJMEcGA1UE
BRNAM2U0MzVjYTdmZDI5N2QzZGZjNGRhMDE2YjMwZWQ2YTk5YjVkZTEzNTBjNzMz
YTZlNTUzZDc5MTI4ZTNlNDMwMzEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuBhXvEloFK1Lhuu10Dxb5YJhpSdrytT97vZHE7xWjPlKsK2He1fuVI0/IltL
79iY4etr6n64m7g3UAb5ILkZ1KaswxWpU6Y2yK67UJA+EVKQdUVZNZMc09MMMCqN
q/cRK2h2kiJYC2RHp9sRF5jBjC3uo1uREggal1HShwmMU6jXQTnQLZ4TGN588jyw
dr6b8HbN4PiUqtjakKYLtX4unM2K7MbPg5o8XEhrOF/dUL4FWczqMzrYdJZlRaLr
r9kGDQRVLQSnyTSRHnzjmieQ803p5yvw7BKXLCdAJOqcO6DPgI8Q+TtDvQDrphtL
GW5hquzfnQe+YFMnobMazlh4LwIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFLgGtF8J
e1zps9n1JTeCxrFrto4AMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC8x
YjVlNmY3MS00MDYwLTQ4YjAtOTgzNy1hYzNiM2QyNTk5MDYucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXQciAw
DQYJKoZIhvcNAQELBQADggEBAAH/guGXMT79NCBno38rGhwcJLATagZjjRpdrJ5f
wc2EsAl7Br6B9V4mf74Z37HD+UZnR/ydE0JSDV9LG9QlXVbEy8QgbuL5kyoQi91K
QtVU224oQkl/C3zBp5UmGwQ7zB8rLSmjxQk7g1J7ihpIyiHedXqq5pUXJjh+z6uV
HINtWqiDq8YAdTzpnRbyBIxGezWNaGIno/SGuOERM8wXZqBrkgUsVfcYNlUkQL9t
cH7CMi0bLf/YB2LKtIcXo0C8cQ7GcFdzQxtPqpzJKw5gR4nSwNEZZP/XuNe3im41
B9HEguwOBtwJvkcYCv3imeaxopb6qkWBfzwmD6kQXSi7yzI=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org