Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c820f01-3562-4b93-8081-8c9b4d28a11c.roa
File: 1c820f01-3562-4b93-8081-8c9b4d28a11c.roa (raw, json)
Hash identifier: RduEV3HaP5viBmpYNnel51vx2p497guxWvKDnOZYIrQ=
Subject key identifier: 91:E4:F6:97:B4:A2:C2:F6:F6:D7:17:B9:C5:6B:4E:3F:7C:2B:04:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5B77C054455ED7D14B8171C32DBCD78E4529FC97
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c820f01-3562-4b93-8081-8c9b4d28a11c.roa
Signing time: Mon 28 Oct 2024 00:00:00 +0000
ROA not before: Mon 28 Oct 2024 00:00:00 +0000
ROA not after: Mon 02 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:77:c0:54:45:5e:d7:d1:4b:81:71:c3:2d:bc:d7:8e:45:29:fc:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 28 00:00:00 2024 GMT
Not After : Dec 2 23:59:59 2024 GMT
Subject: serialNumber=f2fb160d9f12233567114045d1f40d3ea5dcb476fecc2ba127a1233112942685, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:64:c5:4f:89:db:be:d4:ae:56:66:e4:4d:cc:
cd:ac:f1:f1:a4:ad:64:8b:72:62:ec:a5:d6:01:4d:
1a:f1:85:d7:78:6a:60:c5:67:92:ac:34:f7:4d:bc:
e9:10:7c:39:a0:6e:51:85:8d:4c:dd:b9:20:20:bb:
a6:59:a1:e4:74:a5:27:af:5d:bb:1b:55:26:d5:2c:
cd:fa:d7:99:0f:e1:85:47:79:68:c7:33:b4:ad:c7:
71:af:cb:c7:36:c5:39:0c:85:15:ca:80:cc:8d:c1:
43:7f:31:2e:59:5f:d0:9d:35:cb:7a:39:4c:7b:6d:
25:62:f8:d6:53:8a:a1:a9:ea:91:ab:19:2d:8d:af:
bc:26:49:d5:eb:df:f8:79:b8:c8:b7:93:fc:62:99:
10:23:11:4c:76:2a:36:87:9b:81:c5:f0:09:bd:31:
ec:52:d2:cc:18:5e:ec:74:11:f3:c0:aa:92:fc:52:
d6:c4:77:22:8a:e7:bb:57:ba:d7:27:53:4b:5b:eb:
e2:3a:d8:ff:e7:de:d1:a7:64:20:53:79:22:63:e3:
52:d4:94:c6:42:ad:f5:c6:29:27:3b:8e:30:d1:1b:
e1:3c:8c:74:df:9a:7b:20:1a:f2:3b:1d:09:96:4b:
20:a7:6f:f7:f7:a1:a1:17:6e:46:83:63:cc:b1:72:
98:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:E4:F6:97:B4:A2:C2:F6:F6:D7:17:B9:C5:6B:4E:3F:7C:2B:04:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c820f01-3562-4b93-8081-8c9b4d28a11c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:1000::/40
Signature Algorithm: sha256WithRSAEncryption
33:b1:f3:4c:5f:39:4a:17:42:3b:6f:52:c6:2b:11:3d:b2:fc:
e3:11:cc:ed:ee:60:3b:28:cb:d2:55:00:67:5c:b7:ef:9e:f1:
c4:bf:c2:0a:9a:09:c4:b9:fb:23:c6:5d:23:c3:76:ac:64:40:
4d:6a:ce:dd:34:9a:9f:a0:6b:cb:7e:15:ff:70:7f:4c:81:ed:
7e:0d:e0:b5:9f:b0:d3:69:7b:d5:c0:2a:98:21:51:c5:2e:0b:
01:ea:4b:55:6c:ae:0b:74:e7:98:40:23:2e:84:8c:2b:89:ee:
b0:ee:e7:5d:64:b7:88:22:93:b4:cd:c6:a2:5a:68:c3:ad:b6:
09:47:6b:7d:7d:d4:92:62:5d:b9:0f:8a:61:0d:01:4c:6f:67:
cf:b3:60:4b:26:78:6e:73:56:8e:41:fb:79:83:3e:0c:dd:7f:
e6:f1:f3:48:c2:18:40:23:dd:f6:31:65:ce:9b:21:2a:c9:01:
c7:15:bc:c8:69:93:39:43:0b:8c:02:c9:ef:15:de:eb:65:ca:
2b:6d:41:18:6a:f3:2d:ac:30:e2:ff:dd:6c:29:7d:0e:ec:50:
c0:48:e4:e7:b4:d0:be:47:b9:ad:43:c6:f8:8a:b5:cf:39:fe:
10:10:d1:a5:ec:70:69:04:a9:bc:48:13:01:b9:69:9a:19:0d:
44:16:6a:7a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUW3fAVEVe19FLgXHDLbzXjkUp/JcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEwMjgwMDAwMDBaFw0yNDEyMDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyZmIxNjBkOWYxMjIzMzU2NzExNDA0NWQxZjQwZDNlYTVkY2I0NzZmZWNj
MmJhMTI3YTEyMzMxMTI5NDI2ODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9kxU+J277UrlZm5E3Mzazx8aStZItyYuyl1gFNGvGF13hqYMVnkqw09028
6RB8OaBuUYWNTN25ICC7plmh5HSlJ69duxtVJtUszfrXmQ/hhUd5aMcztK3Hca/L
xzbFOQyFFcqAzI3BQ38xLllf0J01y3o5THttJWL41lOKoanqkasZLY2vvCZJ1evf
+Hm4yLeT/GKZECMRTHYqNoebgcXwCb0x7FLSzBhe7HQR88CqkvxS1sR3Iornu1e6
1ydTS1vr4jrY/+fe0adkIFN5ImPjUtSUxkKt9cYpJzuOMNEb4TyMdN+aeyAa8jsd
CZZLIKdv9/ehoRduRoNjzLFymA0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSR5PaX
tKLC9vbXF7nFa04/fCsEajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWM4MjBmMDEtMzU2Mi00YjkzLTgwODEtOGM5YjRkMjhhMTFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FkQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAzsfNMXzlKF0I7b1LGKxE9svzjEczt7mA7KMvS
VQBnXLfvnvHEv8IKmgnEufsjxl0jw3asZEBNas7dNJqfoGvLfhX/cH9Mge1+DeC1
n7DTaXvVwCqYIVHFLgsB6ktVbK4LdOeYQCMuhIwrie6w7uddZLeIIpO0zcaiWmjD
rbYJR2t9fdSSYl25D4phDQFMb2fPs2BLJnhuc1aOQft5gz4M3X/m8fNIwhhAI932
MWXOmyEqyQHHFbzIaZM5QwuMAsnvFd7rZcorbUEYavMtrDDi/91sKX0O7FDASOTn
tNC+R7mtQ8b4irXPOf4QENGl7HBpBKm8SBMBuWmaGQ1EFmp6
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org