Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2030a8d8-88f9-4725-9c63-e7aaa9e49e8a.roa
File: 2030a8d8-88f9-4725-9c63-e7aaa9e49e8a.roa (raw, json)
Hash identifier: qtEPWToBEKiA/QV6oSVx6vFZ49jS+4zZM3Uh/hjQgoQ=
Subject key identifier: 4D:5F:B9:22:16:47:02:10:89:31:7A:51:2F:C8:36:53:1B:8D:AE:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A925CB786482A8639F357C4A863E628759CC857
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2030a8d8-88f9-4725-9c63-e7aaa9e49e8a.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:92:5c:b7:86:48:2a:86:39:f3:57:c4:a8:63:e6:28:75:9c:c8:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=e7fac41a53935744f1de80846e64e6853740c51b11d381b845ae3a6e2cddbf81, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:62:cd:ec:33:5c:ea:a2:4c:83:7f:f9:d1:55:
2a:b3:84:de:f7:a4:8a:f3:6f:fe:d1:86:d8:70:1b:
f3:c0:aa:c5:47:0c:f7:ed:6d:b4:8f:ed:32:28:04:
40:10:fc:67:5e:a3:3d:be:1e:fe:a9:f6:18:cc:41:
22:0f:ff:28:f8:eb:16:11:fd:f4:91:06:fe:3f:db:
ca:d6:66:7f:12:7a:d2:c7:0e:41:72:cc:3a:45:ad:
20:8b:d9:f4:c3:8f:f6:43:34:d0:6f:e9:9d:5f:15:
0f:67:7b:f6:aa:af:c1:43:09:02:ef:60:29:bb:cd:
42:3d:16:ed:b9:f1:b8:4d:e5:9b:6c:55:58:5d:46:
44:06:2e:62:00:c9:50:84:58:7b:bb:d5:cd:0f:be:
8a:57:82:5f:be:19:20:52:8c:17:90:8e:eb:42:4b:
96:2d:b4:f3:bb:49:83:55:0e:63:62:9c:a2:f8:8f:
54:2f:96:ef:df:33:2f:8c:79:48:4c:30:28:04:0c:
cf:26:a6:9b:4b:ac:95:c6:b1:04:6a:25:7b:37:3e:
4f:a7:8b:c9:c3:e9:f6:de:c2:64:01:8b:51:87:09:
57:f8:eb:6d:c3:14:df:8c:18:e3:00:40:ff:c4:cb:
e7:be:c7:34:fc:75:b6:f0:cf:78:6c:85:cd:8f:cd:
1a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:5F:B9:22:16:47:02:10:89:31:7A:51:2F:C8:36:53:1B:8D:AE:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2030a8d8-88f9-4725-9c63-e7aaa9e49e8a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:6000::/40
Signature Algorithm: sha256WithRSAEncryption
4e:b1:4b:8c:fc:0f:3c:5b:6b:fe:09:2d:d7:21:1a:69:70:12:
6e:fb:e5:8c:63:e3:fd:b7:21:0f:e0:4f:31:b2:bf:74:59:25:
12:58:b9:7b:f3:a1:7e:5e:87:68:65:30:6e:17:21:cb:aa:f1:
68:08:be:d6:b7:8b:65:90:b3:70:52:14:36:27:8d:08:0e:2e:
12:be:6f:f3:ad:b0:39:9f:44:07:63:a1:dd:c6:37:10:2c:7c:
6a:e9:4d:79:50:3e:05:f9:fa:4c:71:33:b5:24:c6:c6:8c:1b:
17:de:aa:09:09:f5:ff:11:86:f1:21:0b:a6:73:85:38:a0:28:
26:01:89:53:66:94:03:81:20:82:69:51:4b:bc:46:d4:fc:98:
b8:59:9a:04:d3:c8:9b:4e:5c:64:aa:68:6d:4e:1f:bf:bb:36:
e1:7b:17:e2:26:5f:ea:58:67:4f:30:45:bc:5c:e1:b6:7e:82:
aa:15:5e:15:84:c2:22:58:11:2b:f6:64:34:97:4e:17:95:5c:
84:90:93:ef:ff:c9:58:aa:2a:2b:d3:b4:da:4f:d3:5d:b7:7a:
ec:6d:c8:84:a6:20:23:6c:34:ea:01:b0:a4:71:7c:0b:05:83:
c3:5c:86:38:1b:67:28:be:81:1a:c3:dc:08:90:de:21:7a:19:
78:99:de:f7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWpJct4ZIKoY581fEqGPmKHWcyFcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3ZmFjNDFhNTM5MzU3NDRmMWRlODA4NDZlNjRlNjg1Mzc0MGM1MWIxMWQz
ODFiODQ1YWUzYTZlMmNkZGJmODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJhizewzXOqiTIN/+dFVKrOE3vekivNv/tGG2HAb88CqxUcM9+1ttI/tMigE
QBD8Z16jPb4e/qn2GMxBIg//KPjrFhH99JEG/j/bytZmfxJ60scOQXLMOkWtIIvZ
9MOP9kM00G/pnV8VD2d79qqvwUMJAu9gKbvNQj0W7bnxuE3lm2xVWF1GRAYuYgDJ
UIRYe7vVzQ++ileCX74ZIFKMF5CO60JLli2087tJg1UOY2KcoviPVC+W798zL4x5
SEwwKAQMzyamm0uslcaxBGolezc+T6eLycPp9t7CZAGLUYcJV/jrbcMU34wY4wBA
/8TL577HNPx1tvDPeGyFzY/NGucCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRNX7ki
FkcCEIkxelEvyDZTG42ueDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjAzMGE4ZDgtODhmOS00NzI1LTljNjMtZTdhYWE5ZTQ5ZThhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABg
MA0GCSqGSIb3DQEBCwUAA4IBAQBOsUuM/A88W2v+CS3XIRppcBJu++WMY+P9tyEP
4E8xsr90WSUSWLl786F+XodoZTBuFyHLqvFoCL7Wt4tlkLNwUhQ2J40IDi4Svm/z
rbA5n0QHY6HdxjcQLHxq6U15UD4F+fpMcTO1JMbGjBsX3qoJCfX/EYbxIQumc4U4
oCgmAYlTZpQDgSCCaVFLvEbU/Ji4WZoE08ibTlxkqmhtTh+/uzbhexfiJl/qWGdP
MEW8XOG2foKqFV4VhMIiWBEr9mQ0l04XlVyEkJPv/8lYqior07TaT9Ndt3rsbciE
piAjbDTqAbCkcXwLBYPDXIY4G2covoEaw9wIkN4hehl4md73
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:31 2024 by rpki-client on console-fra.rpki-client.org