Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
File: 21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa (raw, json)
Hash identifier: Ub7RVzxJD+07r6JisJvh6GRzhyjB+ATo6UCM9sMEYP8=
Subject key identifier: 82:BC:F8:53:C2:69:7C:3F:28:30:69:39:BE:E7:22:DC:0D:B8:E6:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 18507AD1AF5FB6C8552772C860D3EEF1213C1F7A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:50:7a:d1:af:5f:b6:c8:55:27:72:c8:60:d3:ee:f1:21:3c:1f:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=3144c5e57311ad96ad3aae6c32b5638c63f5d587dce34eab41aae1344be625f7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:56:81:92:0f:17:d5:db:d2:c6:a1:c6:c8:e4:
10:d7:68:4b:87:31:1f:d8:89:fa:0a:82:c8:66:ef:
55:9d:16:6b:7f:29:51:31:27:14:76:1f:4f:01:dd:
a5:cb:21:d4:20:30:0e:10:13:91:63:c3:83:00:38:
66:be:3a:c5:0a:4c:f4:49:4e:7e:17:24:e6:13:8a:
9b:26:94:98:90:e1:62:99:29:24:b9:40:ea:d1:aa:
4b:da:da:84:2c:80:a7:34:66:4f:2d:20:61:ef:f9:
c9:56:b7:07:76:e2:d4:3f:b7:28:cd:7c:e7:11:32:
6a:05:22:a3:2d:ba:71:c2:7b:38:b2:71:e1:4a:3f:
a9:b1:46:2e:0a:8f:99:32:42:4b:79:71:f7:ce:3d:
53:08:8f:9b:1b:cb:88:7a:fc:b6:f9:2d:5d:fa:cc:
df:5d:1d:20:a1:80:39:4e:f5:2e:4b:dc:70:e6:2b:
3d:a2:e1:4b:54:5f:8f:b4:d5:6d:f4:27:43:27:1c:
6e:08:e3:64:f5:8d:fe:bd:9a:c6:0e:15:93:26:25:
dc:98:dd:30:4c:f5:34:b8:a2:7b:4a:d6:a6:85:9e:
31:46:c1:64:07:ec:8d:b7:c8:8b:28:29:ad:f1:0a:
2e:68:9c:f4:23:e0:eb:8f:d9:0c:55:c5:d1:11:66:
c2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:BC:F8:53:C2:69:7C:3F:28:30:69:39:BE:E7:22:DC:0D:B8:E6:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:4000::/40
Signature Algorithm: sha256WithRSAEncryption
0a:6d:3c:9a:9e:a6:a2:c8:e4:1c:67:1b:dc:e5:a2:d4:b5:4c:
5a:8a:46:72:f7:42:68:2f:59:63:b8:e4:35:7e:1b:4e:3a:3c:
72:b1:cd:f7:08:38:01:fc:28:9a:88:ca:2b:3b:67:59:02:0d:
1a:e4:c6:91:9c:1a:e4:c9:ca:96:fb:c5:ae:cb:59:a0:08:fb:
0f:c9:9d:6a:b3:9f:82:7e:cd:7b:ff:64:8e:ef:df:a2:1a:1a:
2c:16:07:5f:57:a4:54:2a:3e:c2:3d:e6:21:7b:1e:79:2a:2b:
66:86:84:1f:4e:cd:30:95:62:8a:60:12:28:50:26:77:ee:dc:
a6:fe:94:13:7e:0d:d6:ed:e5:44:ee:a3:3b:30:33:99:3e:e0:
30:03:90:fd:70:ca:43:59:8a:b0:ed:dd:bb:1e:4e:fe:27:5e:
a8:5c:48:8f:ab:f9:75:9c:70:82:33:4c:34:28:7a:b9:fc:b4:
54:75:b8:6f:71:2a:61:45:b7:80:ee:72:14:22:6d:83:d5:fb:
91:c5:e7:43:6d:fd:20:75:82:bc:11:44:0d:7a:70:76:c2:6c:
f4:a0:f2:53:30:a7:f3:a5:b3:66:1d:b2:a5:9e:8d:92:d8:c5:
af:33:5c:e5:4c:1b:1f:14:81:ce:fa:86:72:d9:6a:c5:40:63:
6b:45:a4:9a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGFB60a9ftshVJ3LIYNPu8SE8H3owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxNDRjNWU1NzMxMWFkOTZhZDNhYWU2YzMyYjU2MzhjNjNmNWQ1ODdkY2Uz
NGVhYjQxYWFlMTM0NGJlNjI1ZjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFWgZIPF9Xb0sahxsjkENdoS4cxH9iJ+gqCyGbvVZ0Wa38pUTEnFHYfTwHd
pcsh1CAwDhATkWPDgwA4Zr46xQpM9ElOfhck5hOKmyaUmJDhYpkpJLlA6tGqS9ra
hCyApzRmTy0gYe/5yVa3B3bi1D+3KM185xEyagUioy26ccJ7OLJx4Uo/qbFGLgqP
mTJCS3lx9849UwiPmxvLiHr8tvktXfrM310dIKGAOU71LkvccOYrPaLhS1Rfj7TV
bfQnQyccbgjjZPWN/r2axg4VkyYl3JjdMEz1NLiie0rWpoWeMUbBZAfsjbfIiygp
rfEKLmic9CPg64/ZDFXF0RFmwt8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSCvPhT
wml8PygwaTm+5yLcDbjmkDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjFlMmY1YzgtZTAxMi00NGQwLWE2ZjItYzRhMDY1YjNiOTU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRA
MA0GCSqGSIb3DQEBCwUAA4IBAQAKbTyanqaiyOQcZxvc5aLUtUxaikZy90JoL1lj
uOQ1fhtOOjxysc33CDgB/CiaiMorO2dZAg0a5MaRnBrkycqW+8Wuy1mgCPsPyZ1q
s5+Cfs17/2SO79+iGhosFgdfV6RUKj7CPeYhex55KitmhoQfTs0wlWKKYBIoUCZ3
7tym/pQTfg3W7eVE7qM7MDOZPuAwA5D9cMpDWYqw7d27Hk7+J16oXEiPq/l1nHCC
M0w0KHq5/LRUdbhvcSphRbeA7nIUIm2D1fuRxedDbf0gdYK8EUQNenB2wmz0oPJT
MKfzpbNmHbKlno2S2MWvM1zlTBsfFIHO+oZy2WrFQGNrRaSa
-----END CERTIFICATE-----
Generated at Fri Apr 19 01:16:39 2024 by rpki-client on console-fra.rpki-client.org