Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ef44119-0cae-4a43-ad5a-98103c19e39b.roa
File: 1ef44119-0cae-4a43-ad5a-98103c19e39b.roa (raw, json)
Hash identifier: 49mr3sKHoMZksSL+0UDBHf6W1dkK1Os8B5KkJt9QItU=
Subject key identifier: 4E:75:32:28:8C:51:8F:56:15:D6:A3:7F:24:48:83:AE:C7:F7:9C:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F40DC340C8FF3840C933F42CB35ED8E99F34947
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ef44119-0cae-4a43-ad5a-98103c19e39b.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:40:dc:34:0c:8f:f3:84:0c:93:3f:42:cb:35:ed:8e:99:f3:49:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=d02e272d86ace9a1b5a3445d61b6d81193fa6124211878060d7d37934ad0ab7a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:37:09:1d:cd:1f:a0:8f:b5:d2:1a:af:4b:77:
5b:06:10:1b:b9:4c:e0:ff:fc:d9:a4:a9:1a:b9:b1:
6d:3e:24:09:68:2a:d2:e6:7c:53:99:3b:f7:aa:ae:
17:9a:96:66:9b:9c:f4:af:d7:1e:a4:ba:f7:c6:15:
e8:c3:18:33:a9:b3:1a:24:a5:6d:d9:20:54:30:d0:
fe:b2:fb:2c:e6:aa:50:3c:6e:d9:d3:96:23:6a:6f:
bb:b3:72:9b:4a:f7:c5:7a:58:b0:d0:8f:33:52:98:
4a:97:ae:0b:02:26:01:10:c4:82:31:1a:75:97:e2:
30:ed:56:ad:59:1a:9a:f1:be:21:88:12:2f:81:96:
82:f8:b1:f6:a4:e4:16:1e:83:8c:74:36:ef:5f:aa:
d8:2f:4c:05:37:67:5b:79:05:0e:99:b5:db:e2:b0:
c4:6f:fe:14:5e:7a:43:04:5a:d6:2b:e4:7d:5d:6d:
5f:8f:bb:54:cf:5d:0e:26:9f:3d:a2:15:3a:2c:a1:
48:a8:7e:48:ad:6d:c4:d4:43:b9:4f:bc:f8:73:6c:
5e:7a:6c:16:b7:22:fd:a2:3f:c3:9e:04:f7:a6:a8:
1f:96:6e:93:ec:cf:5d:16:53:39:f8:33:f2:15:e2:
10:07:c9:a3:26:0a:94:e7:37:6f:b9:c4:04:0e:13:
50:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:75:32:28:8C:51:8F:56:15:D6:A3:7F:24:48:83:AE:C7:F7:9C:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ef44119-0cae-4a43-ad5a-98103c19e39b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:e000::/40
Signature Algorithm: sha256WithRSAEncryption
7d:75:b4:ad:ec:36:2c:45:fd:64:dc:40:e8:34:e5:34:56:dd:
3d:ba:21:df:28:1f:7b:46:92:75:1b:36:0b:53:3b:1b:91:77:
06:bb:93:de:72:2c:1e:4e:48:09:c6:92:64:c0:67:8e:4a:3e:
24:fd:56:8b:a6:f1:c8:bf:df:6c:7e:79:a2:da:d9:46:62:bb:
97:f9:6a:e1:87:38:5f:a3:b4:80:e4:f9:e0:29:0d:aa:1c:49:
9d:74:34:f1:33:68:92:85:16:5a:bc:ad:79:b5:f2:7b:e9:c2:
65:63:5d:08:88:95:bb:dc:41:ef:05:12:9a:48:a7:d7:f8:64:
61:30:b9:4d:33:30:a5:18:03:c9:b6:48:2c:10:c4:1b:12:0e:
e4:a9:cc:c0:df:b1:72:7b:ed:cd:20:3a:5f:a5:f5:0e:3e:81:
ab:3e:94:ec:a0:b3:71:de:e6:6b:b6:b7:5e:e6:03:ca:e9:af:
64:a1:28:03:57:81:a6:9f:84:6d:9c:b5:f0:3d:f7:70:9d:de:
ea:ca:95:fc:80:09:c7:cc:76:05:3b:6e:5d:04:64:0a:ae:d9:
81:d5:1e:a7:25:12:11:c8:1d:84:bc:3c:d0:10:8c:4c:66:1b:
55:ed:3a:4d:b1:fb:18:67:a7:61:e3:87:cb:b3:c5:3e:19:b4:
62:c0:7c:3b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUD0DcNAyP84QMkz9CyzXtjpnzSUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwMmUyNzJkODZhY2U5YTFiNWEzNDQ1ZDYxYjZkODExOTNmYTYxMjQyMTE4
NzgwNjBkN2QzNzkzNGFkMGFiN2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ83CR3NH6CPtdIar0t3WwYQG7lM4P/82aSpGrmxbT4kCWgq0uZ8U5k796qu
F5qWZpuc9K/XHqS698YV6MMYM6mzGiSlbdkgVDDQ/rL7LOaqUDxu2dOWI2pvu7Ny
m0r3xXpYsNCPM1KYSpeuCwImARDEgjEadZfiMO1WrVkamvG+IYgSL4GWgvix9qTk
Fh6DjHQ271+q2C9MBTdnW3kFDpm12+KwxG/+FF56QwRa1ivkfV1tX4+7VM9dDiaf
PaIVOiyhSKh+SK1txNRDuU+8+HNsXnpsFrci/aI/w54E96aoH5Zuk+zPXRZTOfgz
8hXiEAfJoyYKlOc3b7nEBA4TUKcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBROdTIo
jFGPVhXWo38kSIOux/eclzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWVmNDQxMTktMGNhZS00YTQzLWFkNWEtOTgxMDNjMTllMzliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HLg
MA0GCSqGSIb3DQEBCwUAA4IBAQB9dbSt7DYsRf1k3EDoNOU0Vt09uiHfKB97RpJ1
GzYLUzsbkXcGu5PeciweTkgJxpJkwGeOSj4k/VaLpvHIv99sfnmi2tlGYruX+Wrh
hzhfo7SA5PngKQ2qHEmddDTxM2iShRZavK15tfJ76cJlY10IiJW73EHvBRKaSKfX
+GRhMLlNMzClGAPJtkgsEMQbEg7kqczA37Fye+3NIDpfpfUOPoGrPpTsoLNx3uZr
trde5gPK6a9koSgDV4Gmn4RtnLXwPfdwnd7qypX8gAnHzHYFO25dBGQKrtmB1R6n
JRIRyB2EvDzQEIxMZhtV7TpNsfsYZ6dh44fLs8U+GbRiwHw7
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:32 2024 by rpki-client on console-fra.rpki-client.org