Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
File: 21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa (raw, json)
Hash identifier: CShmdqwTnMkuTfa2eapdDBGFVN6wIg2qQ6GSLQUnkj0=
Subject key identifier: B5:DE:9F:4A:7F:91:78:38:E9:EE:43:7A:34:6D:3A:66:C3:CB:F6:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74EC9318DA0B88CECB30CDD3C27777596C1CDDA4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:ec:93:18:da:0b:88:ce:cb:30:cd:d3:c2:77:77:59:6c:1c:dd:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=5644356714517e0da8fd631a1bc583efc9a334cb2cbc1c1ae925809950fc575e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:48:28:1d:ed:b4:b5:a1:d0:a3:ef:07:13:8d:
84:d7:a8:a4:95:0b:46:9c:7b:dd:f1:91:39:69:6c:
92:bb:ec:1f:20:e7:6f:71:12:5e:d8:12:44:49:c1:
c2:88:f3:95:59:95:e9:fb:24:cd:01:3d:17:ef:0e:
83:bb:b4:27:07:9b:11:07:f0:7a:b5:4e:61:41:9c:
bd:9a:6a:c2:3b:5e:3d:14:e3:64:11:71:00:4b:26:
e2:7b:e6:d4:22:24:ba:a5:7c:0d:1f:c1:4b:fe:ed:
78:c6:a3:d7:92:53:1b:af:69:a8:2c:78:87:8d:c5:
b3:34:81:a3:28:1c:50:ff:d5:35:29:47:d4:c4:70:
ef:5c:a0:65:e5:d5:3e:f6:a9:37:59:3a:b6:87:92:
50:8c:17:57:d0:d5:a2:08:b2:01:f5:04:78:f2:8a:
10:97:60:ad:7d:53:c2:f6:19:72:4e:26:5f:da:3c:
0b:59:fb:d1:c5:12:29:fc:41:a3:b1:fd:a0:a3:5c:
49:fa:26:a4:43:2b:eb:17:af:58:16:25:e4:e3:47:
1f:e2:73:59:a8:27:7d:3a:40:27:4b:27:84:e4:32:
39:db:f7:5d:da:da:fd:00:9c:dd:ab:01:11:44:dd:
44:74:9c:4b:aa:a9:dd:c5:0d:d0:20:b8:2d:cc:62:
57:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:DE:9F:4A:7F:91:78:38:E9:EE:43:7A:34:6D:3A:66:C3:CB:F6:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:4000::/40
Signature Algorithm: sha256WithRSAEncryption
3e:33:dd:1b:55:73:49:99:cd:95:eb:3d:e9:4c:84:f7:a3:43:
fd:64:b7:04:21:83:95:72:85:77:22:17:ee:29:65:6d:5c:37:
28:6b:66:a8:24:67:4e:f9:1f:02:7f:62:44:66:56:69:c9:4c:
7d:d5:ef:18:32:50:79:b5:59:16:a6:e0:22:aa:86:48:51:77:
83:6e:88:15:20:a6:94:86:ff:4b:6c:2f:30:3b:cd:dc:c9:96:
f0:1f:9e:50:80:4e:ef:2a:f0:97:24:d5:72:ab:33:5d:fd:99:
15:93:ca:72:b0:1b:af:3d:ed:9b:87:8d:d4:f1:72:ff:b1:c9:
4d:90:ad:aa:d9:f4:ad:76:8f:d7:04:84:9c:ee:96:aa:de:13:
df:88:75:82:bb:ee:db:dc:38:7d:19:a0:ba:e9:63:81:9e:26:
17:fd:67:40:02:41:6b:85:c9:b5:3d:9f:9e:1b:63:1a:f1:5c:
84:b1:c8:9d:b8:6e:30:3d:1b:af:ba:19:4b:31:1e:cb:6b:08:
05:c4:59:26:e7:a9:5b:ac:74:82:58:06:2b:ab:6e:55:63:80:
9b:7d:1c:f3:ca:83:d2:17:2a:9c:7e:2d:39:34:6f:e6:dd:0b:
d8:65:19:f2:5a:e8:b4:64:f0:61:b5:9c:78:61:44:e3:dd:22:
b1:5a:7f:73
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdOyTGNoLiM7LMM3Twnd3WWwc3aQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2NDQzNTY3MTQ1MTdlMGRhOGZkNjMxYTFiYzU4M2VmYzlhMzM0Y2IyY2Jj
MWMxYWU5MjU4MDk5NTBmYzU3NWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANhIKB3ttLWh0KPvBxONhNeopJULRpx73fGROWlskrvsHyDnb3ESXtgSREnB
wojzlVmV6fskzQE9F+8Og7u0JwebEQfwerVOYUGcvZpqwjtePRTjZBFxAEsm4nvm
1CIkuqV8DR/BS/7teMaj15JTG69pqCx4h43FszSBoygcUP/VNSlH1MRw71ygZeXV
PvapN1k6toeSUIwXV9DVogiyAfUEePKKEJdgrX1TwvYZck4mX9o8C1n70cUSKfxB
o7H9oKNcSfompEMr6xevWBYl5ONHH+JzWagnfTpAJ0snhOQyOdv3Xdra/QCc3asB
EUTdRHScS6qp3cUN0CC4LcxiV8UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS13p9K
f5F4OOnuQ3o0bTpmw8v2MDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjFlMmY1YzgtZTAxMi00NGQwLWE2ZjItYzRhMDY1YjNiOTU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRA
MA0GCSqGSIb3DQEBCwUAA4IBAQA+M90bVXNJmc2V6z3pTIT3o0P9ZLcEIYOVcoV3
IhfuKWVtXDcoa2aoJGdO+R8Cf2JEZlZpyUx91e8YMlB5tVkWpuAiqoZIUXeDbogV
IKaUhv9LbC8wO83cyZbwH55QgE7vKvCXJNVyqzNd/ZkVk8pysBuvPe2bh43U8XL/
sclNkK2q2fStdo/XBISc7paq3hPfiHWCu+7b3Dh9GaC66WOBniYX/WdAAkFrhcm1
PZ+eG2Ma8VyEsciduG4wPRuvuhlLMR7LawgFxFkm56lbrHSCWAYrq25VY4CbfRzz
yoPSFyqcfi05NG/m3QvYZRnyWui0ZPBhtZx4YUTj3SKxWn9z
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:44 2024 by rpki-client on console-ams.rpki-client.org