Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa
File: 1d9a8425-e89b-4598-a680-84c5b341edfd.roa (raw, json)
Hash identifier: WLV+alTsfYXPevt2baxOBBTl+E3wIvJugOzMs2q9EsA=
Subject key identifier: 38:55:50:92:CA:CC:1A:85:2E:04:28:0D:9F:1D:C1:3A:0A:45:C8:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6436B727E2C05380D6D6F73650E0AB8CF2601142
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:36:b7:27:e2:c0:53:80:d6:d6:f7:36:50:e0:ab:8c:f2:60:11:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=e57cf4915ce3f6a69f27bd56a1a59722a70bb21558868ff5fb4e3129ef9a5867, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2a:78:01:dd:1a:8d:a0:5e:f8:a2:67:f7:d4:
2c:14:de:18:16:29:99:3f:75:0f:6f:68:d1:88:c8:
5f:3a:c8:16:2c:7d:ab:92:88:75:86:cc:e7:56:6a:
df:65:28:a7:56:b6:66:d4:10:3b:ac:32:14:69:8d:
eb:af:ff:e0:f9:9a:60:6e:75:99:15:80:27:4b:5d:
af:e3:a9:e5:a2:23:8f:b7:47:4f:8b:d6:7b:c7:cf:
2c:3f:06:03:29:ed:f9:6d:56:a8:8c:0c:39:ce:f4:
fe:ab:46:53:ff:cc:ea:06:ff:79:ab:53:76:e1:5d:
37:b6:cf:8f:27:6b:80:40:1e:11:d8:84:d0:d7:1c:
b5:42:9b:18:de:7c:16:de:2c:db:ea:29:33:e7:93:
38:ac:1e:00:98:0d:95:c7:21:50:ef:d1:84:63:71:
5e:fd:86:d8:a7:28:c0:bc:9a:f6:c1:54:55:ef:4a:
9b:68:9d:39:01:f0:da:21:f4:fd:62:55:f6:84:ff:
98:0a:55:72:62:55:81:8a:42:f1:7d:98:c5:48:3f:
66:fe:93:d9:88:7e:c4:4c:c7:6b:89:b4:2f:a3:27:
27:75:ac:c9:80:32:a2:e0:99:2f:e1:55:1f:1c:24:
b8:a3:e5:d7:e0:0f:84:26:57:84:27:3b:f7:a8:4d:
b8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:55:50:92:CA:CC:1A:85:2E:04:28:0D:9F:1D:C1:3A:0A:45:C8:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:2000::/40
Signature Algorithm: sha256WithRSAEncryption
ae:2a:33:43:65:85:e1:33:2e:95:fe:76:b8:fc:f7:3f:07:7c:
67:09:8e:94:90:80:4e:22:26:46:e4:c7:01:c2:85:26:2d:ec:
d5:33:b2:d2:99:d9:fb:28:1c:5e:c2:fd:52:36:ad:ea:7e:1f:
d2:9f:54:b2:78:11:d1:51:b6:3e:59:b9:cd:d7:0b:60:d4:07:
18:0e:96:32:00:2b:43:98:42:1a:83:8f:c8:b2:66:a4:99:e0:
fe:42:c3:ef:06:7d:02:59:d5:dd:c9:14:c0:cb:dc:8f:59:9c:
0d:ed:ee:fc:dd:99:b2:1c:da:5f:a6:54:22:af:a1:53:88:0f:
f1:95:26:ae:5a:ce:1b:22:11:44:4a:b8:e5:55:3d:b9:87:e4:
3f:15:c4:22:8d:f0:4a:2e:b2:1f:94:b5:63:a3:3c:04:6e:7e:
55:c8:22:d7:22:af:a5:9a:f2:e9:0a:57:8e:d9:30:da:b3:b0:
9d:31:59:ce:ac:cf:8a:d6:d7:c2:15:37:e2:dd:0a:4c:f2:fa:
d1:80:16:60:bc:88:ea:13:ab:15:b4:ee:47:35:b9:a4:77:e2:
57:28:16:dc:8f:f6:0e:b3:9c:e2:06:55:36:7e:fe:55:7e:e8:
2c:95:02:12:d3:aa:cb:c4:f5:5d:1b:92:85:83:3e:16:2a:28:
72:18:0c:63
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZDa3J+LAU4DW1vc2UOCrjPJgEUIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1N2NmNDkxNWNlM2Y2YTY5ZjI3YmQ1NmExYTU5NzIyYTcwYmIyMTU1ODg2
OGZmNWZiNGUzMTI5ZWY5YTU4NjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIgqeAHdGo2gXviiZ/fULBTeGBYpmT91D29o0YjIXzrIFix9q5KIdYbM51Zq
32Uop1a2ZtQQO6wyFGmN66//4PmaYG51mRWAJ0tdr+Op5aIjj7dHT4vWe8fPLD8G
Aynt+W1WqIwMOc70/qtGU//M6gb/eatTduFdN7bPjydrgEAeEdiE0NcctUKbGN58
Ft4s2+opM+eTOKweAJgNlcchUO/RhGNxXv2G2KcowLya9sFUVe9Km2idOQHw2iH0
/WJV9oT/mApVcmJVgYpC8X2YxUg/Zv6T2Yh+xEzHa4m0L6MnJ3WsyYAyouCZL+FV
HxwkuKPl1+APhCZXhCc796hNuN8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ4VVCS
yswahS4EKA2fHcE6CkXI3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWQ5YTg0MjUtZTg5Yi00NTk4LWE2ODAtODRjNWIzNDFlZGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FAg
MA0GCSqGSIb3DQEBCwUAA4IBAQCuKjNDZYXhMy6V/na4/Pc/B3xnCY6UkIBOIiZG
5McBwoUmLezVM7LSmdn7KBxewv1SNq3qfh/Sn1SyeBHRUbY+WbnN1wtg1AcYDpYy
ACtDmEIag4/IsmakmeD+QsPvBn0CWdXdyRTAy9yPWZwN7e783ZmyHNpfplQir6FT
iA/xlSauWs4bIhFESrjlVT25h+Q/FcQijfBKLrIflLVjozwEbn5VyCLXIq+lmvLp
CleO2TDas7CdMVnOrM+K1tfCFTfi3QpM8vrRgBZgvIjqE6sVtO5HNbmkd+JXKBbc
j/YOs5ziBlU2fv5VfugslQIS06rLxPVdG5KFgz4WKihyGAxj
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org