Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa
File: 22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa (raw, json)
Hash identifier: uFCGFkBRrGT5X/8o/FX3/91tibdnggvwtoDej4Ms5iw=
Subject key identifier: 37:10:73:43:44:CC:A5:3A:70:65:96:A5:30:80:45:1F:4F:92:49:C8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6AC07A071290C13E4AED92CC2226D3FF3F0248F6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:c0:7a:07:12:90:c1:3e:4a:ed:92:cc:22:26:d3:ff:3f:02:48:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=2c77d8f07c79fd4f6f2ea71705258a52291162682bd51cfa687c4406579e196f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0a:dd:bd:14:2e:69:17:55:49:83:11:bb:c6:
b5:37:bc:62:d3:db:d8:14:3c:29:60:5c:7d:22:f1:
ab:45:5f:53:3b:1d:57:dc:88:89:c6:e6:ec:0e:a2:
d7:47:30:90:ac:74:b5:47:52:91:e9:2d:3c:23:c4:
98:93:1d:cb:dc:a9:dc:b8:44:a0:1d:12:a6:dd:6a:
35:aa:0e:4e:c7:db:f2:2c:14:94:57:c1:1b:63:d1:
63:30:a9:f3:2a:7c:26:f2:83:95:88:50:e2:c8:82:
65:da:89:df:31:cd:f5:13:57:20:73:88:73:3e:a7:
14:4d:a7:18:10:f2:6e:ed:71:c2:e5:45:0e:8c:01:
a5:08:49:d9:5a:55:51:7f:55:9e:d2:73:14:09:04:
ce:cc:b0:9a:23:ff:05:14:42:60:ac:5e:78:82:82:
2d:4c:ff:62:ea:02:29:ac:6e:f9:13:6b:16:4e:41:
03:c0:5a:f4:20:c9:44:ad:01:a6:a2:6a:55:85:aa:
52:9d:00:85:42:8a:9d:86:19:8c:d3:69:a0:bf:c8:
50:be:61:08:53:2c:46:b2:07:71:9c:da:00:e2:cd:
87:02:76:14:df:c4:15:6c:81:b8:32:2f:09:25:8f:
d4:12:70:84:bd:bc:7c:1a:dd:5c:d9:37:2d:d4:be:
9f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:10:73:43:44:CC:A5:3A:70:65:96:A5:30:80:45:1F:4F:92:49:C8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:4000::/40
Signature Algorithm: sha256WithRSAEncryption
7c:43:67:d9:7d:34:37:08:a9:69:f5:bb:b1:9a:57:23:72:48:
37:fd:f8:df:7b:d7:b6:f5:08:68:65:0a:01:87:33:27:89:9d:
b2:0e:71:f0:a5:24:45:c9:24:69:3d:8e:52:80:cb:06:a4:70:
5f:29:90:2e:6e:5b:3b:a0:07:04:17:f5:5f:db:53:f5:a5:b8:
39:a3:0b:c9:0b:f3:f4:1b:8e:80:3d:2e:3e:2f:b7:c8:d4:3d:
d0:f3:94:13:d0:d7:fe:09:9b:bd:0b:a5:34:5e:60:5f:da:84:
71:ec:77:b6:77:59:53:cb:bc:02:d2:78:1b:97:4c:3e:5b:b7:
a3:45:5d:ea:65:80:fc:eb:68:ab:d7:69:8b:0c:9c:1e:86:e2:
3d:73:90:f7:b2:fb:ea:0b:68:d6:e3:f4:7a:cd:a9:d2:c1:89:
8f:31:32:b8:3a:29:5f:e1:99:76:a1:1f:63:8f:ee:d9:a6:e0:
af:9c:4f:fa:f5:d4:ed:f7:17:cf:0e:89:95:fc:19:43:82:b4:
0c:53:2e:5e:3e:25:a4:7c:bb:be:aa:f5:3c:d7:cc:dc:f5:c0:
1c:6d:95:1d:d3:f9:45:45:92:4d:a2:ae:76:01:c2:8b:5a:11:
fc:e1:73:04:1e:9f:49:e4:0f:42:d6:a1:c3:c2:4d:23:ad:42:
dd:76:9c:04
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUasB6BxKQwT5K7ZLMIibT/z8CSPYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjNzdkOGYwN2M3OWZkNGY2ZjJlYTcxNzA1MjU4YTUyMjkxMTYyNjgyYmQ1
MWNmYTY4N2M0NDA2NTc5ZTE5NmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQK3b0ULmkXVUmDEbvGtTe8YtPb2BQ8KWBcfSLxq0VfUzsdV9yIicbm7A6i
10cwkKx0tUdSkektPCPEmJMdy9yp3LhEoB0Spt1qNaoOTsfb8iwUlFfBG2PRYzCp
8yp8JvKDlYhQ4siCZdqJ3zHN9RNXIHOIcz6nFE2nGBDybu1xwuVFDowBpQhJ2VpV
UX9VntJzFAkEzsywmiP/BRRCYKxeeIKCLUz/YuoCKaxu+RNrFk5BA8Ba9CDJRK0B
pqJqVYWqUp0AhUKKnYYZjNNpoL/IUL5hCFMsRrIHcZzaAOLNhwJ2FN/EFWyBuDIv
CSWP1BJwhL28fBrdXNk3LdS+n9UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ3EHND
RMylOnBllqUwgEUfT5JJyDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjJjYjIwYmMtODA2My00MTY5LTllNGItYTNhZDI5YWVlZGM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FBA
MA0GCSqGSIb3DQEBCwUAA4IBAQB8Q2fZfTQ3CKlp9buxmlcjckg3/fjfe9e29Qho
ZQoBhzMniZ2yDnHwpSRFySRpPY5SgMsGpHBfKZAubls7oAcEF/Vf21P1pbg5owvJ
C/P0G46APS4+L7fI1D3Q85QT0Nf+CZu9C6U0XmBf2oRx7He2d1lTy7wC0ngbl0w+
W7ejRV3qZYD862ir12mLDJwehuI9c5D3svvqC2jW4/R6zanSwYmPMTK4Oilf4Zl2
oR9jj+7ZpuCvnE/69dTt9xfPDomV/BlDgrQMUy5ePiWkfLu+qvU818zc9cAcbZUd
0/lFRZJNoq52AcKLWhH84XMEHp9J5A9C1qHDwk0jrULddpwE
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:31:26 2024 by rpki-client on console-fra.rpki-client.org