Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
File: 1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa (raw, json)
Hash identifier: AIF1Rg1oAcRSJvvINxcf2L2zt+KhovxFubwFyUAHtCs=
Subject key identifier: C2:F0:2C:60:C9:4A:E6:71:40:C7:1E:7B:BE:30:07:94:38:52:35:14
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65C64CA3B7E4BB7C17BD11BF4A69128B7E765411
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:c6:4c:a3:b7:e4:bb:7c:17:bd:11:bf:4a:69:12:8b:7e:76:54:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=4167cf02548fc96235b25b9b2539ee1a84bd28e00f0a7cebca0952e1515d7d38, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:cf:3c:4e:ca:b3:75:77:9d:bb:02:f1:da:f0:
24:2e:f1:4b:2a:3c:65:c7:75:0b:9a:04:e7:df:07:
2a:0d:d7:b1:0d:33:67:56:f9:f8:e4:7a:87:a2:f4:
68:1f:4f:66:c0:2a:0b:59:77:12:bd:e1:99:5d:54:
30:e8:c0:a7:a6:70:f3:e7:06:b6:6d:50:17:e5:bc:
92:87:3c:02:b0:07:5e:e4:aa:0e:68:9b:5d:d8:ee:
51:70:49:75:c9:65:39:69:0f:bf:29:ec:4f:35:bb:
9d:65:37:53:d6:ab:66:5a:93:4a:6a:49:72:ee:f8:
5b:90:38:f5:b0:55:3a:5a:ca:ee:37:89:ca:b8:d3:
c3:b2:79:0a:59:32:9f:81:3c:d7:86:4c:73:8f:83:
e9:dd:81:77:40:bc:73:bf:d3:e1:cd:cc:2c:bb:9e:
a6:e7:b6:74:57:a6:38:09:29:d5:a3:db:7a:1a:86:
48:76:44:1c:10:23:6f:cd:8c:82:9e:1e:52:ff:6a:
44:aa:f5:e2:9a:47:80:be:4f:0a:37:8a:91:8c:52:
a4:a2:fd:19:ff:62:fa:d9:23:03:c1:e8:1d:db:be:
17:d7:15:6e:b7:8a:47:af:c7:db:14:9d:6f:d6:38:
ff:1e:b2:a1:46:fe:a9:f6:65:9d:90:81:70:06:32:
0d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:F0:2C:60:C9:4A:E6:71:40:C7:1E:7B:BE:30:07:94:38:52:35:14
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:6000::/40
Signature Algorithm: sha256WithRSAEncryption
3b:ba:79:6e:a7:b9:12:22:91:97:ad:5d:28:b4:8c:6d:29:aa:
af:88:a9:37:78:7e:f2:9b:f2:8e:a9:87:1d:a1:eb:51:a5:f4:
0e:96:44:27:d0:90:12:bf:34:71:7e:18:59:f1:b6:76:6b:52:
52:f0:c5:06:7b:56:8d:7c:ff:ca:88:05:d3:1c:30:15:ca:9f:
47:e2:25:42:64:8f:5f:eb:d2:97:fa:ee:d5:f7:95:a0:30:c6:
84:8d:8d:ef:5b:58:15:20:e6:34:50:51:65:63:f9:ac:9d:12:
e1:39:fb:1b:47:ab:77:dc:b8:4d:68:b7:fa:56:71:6e:8f:ba:
b2:13:2a:4b:35:51:af:32:eb:08:db:2f:fb:c0:64:4f:e6:ad:
4e:be:2a:c7:8b:c3:d9:e5:3a:22:c8:b2:09:3e:51:42:2b:a9:
2e:75:a0:98:be:32:b9:cc:29:76:66:e0:6b:fb:5f:49:3c:35:
40:65:98:73:f0:a0:7b:00:3a:d4:4e:fb:f5:66:1a:fa:c3:c5:
65:af:0e:c6:30:d1:84:50:44:41:af:3c:7b:a6:d3:e1:78:b1:
6c:85:21:96:59:95:c4:6b:6b:e1:86:89:84:62:89:68:8f:00:
c7:01:d3:8e:53:ee:59:a1:30:db:73:03:80:55:2d:49:60:ff:
66:42:c3:27
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZcZMo7fku3wXvRG/SmkSi352VBEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxNjdjZjAyNTQ4ZmM5NjIzNWIyNWI5YjI1MzllZTFhODRiZDI4ZTAwZjBh
N2NlYmNhMDk1MmUxNTE1ZDdkMzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTPPE7Ks3V3nbsC8drwJC7xSyo8Zcd1C5oE598HKg3XsQ0zZ1b5+OR6h6L0
aB9PZsAqC1l3Er3hmV1UMOjAp6Zw8+cGtm1QF+W8koc8ArAHXuSqDmibXdjuUXBJ
dcllOWkPvynsTzW7nWU3U9arZlqTSmpJcu74W5A49bBVOlrK7jeJyrjTw7J5Clky
n4E814ZMc4+D6d2Bd0C8c7/T4c3MLLuepue2dFemOAkp1aPbehqGSHZEHBAjb82M
gp4eUv9qRKr14ppHgL5PCjeKkYxSpKL9Gf9i+tkjA8HoHdu+F9cVbreKR6/H2xSd
b9Y4/x6yoUb+qfZlnZCBcAYyDesCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTC8Cxg
yUrmcUDHHnu+MAeUOFI1FDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWJhMmQwNjMtOTE1Yi00ZWY1LWIxYjgtMDBkNzNkYzhhMzFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRg
MA0GCSqGSIb3DQEBCwUAA4IBAQA7unlup7kSIpGXrV0otIxtKaqviKk3eH7ym/KO
qYcdoetRpfQOlkQn0JASvzRxfhhZ8bZ2a1JS8MUGe1aNfP/KiAXTHDAVyp9H4iVC
ZI9f69KX+u7V95WgMMaEjY3vW1gVIOY0UFFlY/msnRLhOfsbR6t33LhNaLf6VnFu
j7qyEypLNVGvMusI2y/7wGRP5q1OvirHi8PZ5ToiyLIJPlFCK6kudaCYvjK5zCl2
ZuBr+19JPDVAZZhz8KB7ADrUTvv1Zhr6w8Vlrw7GMNGEUERBrzx7ptPheLFshSGW
WZXEa2vhhomEYolojwDHAdOOU+5ZoTDbcwOAVS1JYP9mQsMn
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:09:33 2024 by rpki-client on console-ams.rpki-client.org