Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24bf98f1-8ee0-4c43-b78c-44132a94c1a5.roa
File: 24bf98f1-8ee0-4c43-b78c-44132a94c1a5.roa (raw, json)
Hash identifier: xsqqBFfcge/9fT8EuPWMccWH92ppCVx8ph+4r14aQ2Y=
Subject key identifier: AA:82:27:79:29:F1:57:32:9A:38:85:94:C2:24:D0:CB:D6:0F:AA:A7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7DEE3229C669062117CCCEB7F100DB84A55939E2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24bf98f1-8ee0-4c43-b78c-44132a94c1a5.roa
Signing time: Tue 09 Apr 2024 00:00:00 +0000
ROA not before: Tue 09 Apr 2024 00:00:00 +0000
ROA not after: Tue 14 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:ee:32:29:c6:69:06:21:17:cc:ce:b7:f1:00:db:84:a5:59:39:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 9 00:00:00 2024 GMT
Not After : May 14 23:59:59 2024 GMT
Subject: serialNumber=2bfe77db7e92ec65ba00859ea1ea61ee6d24e83d0f0ace37b0bc27434985616e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:12:6d:44:e1:f6:b5:26:07:93:8d:47:90:03:
00:86:5d:bd:70:9b:93:8b:43:e8:05:d9:53:ba:61:
18:a3:02:4f:8c:cf:18:6d:94:3e:b9:ac:68:c6:d3:
32:da:c6:46:e9:e2:d7:1d:d6:41:87:09:2e:19:76:
82:38:b4:86:af:60:a4:7d:f2:03:15:8f:e4:29:fc:
a9:c6:b3:f8:b0:dd:5b:1a:5b:ef:b2:af:50:f2:a0:
ee:29:3c:88:07:bc:e6:7f:9e:4f:30:f6:05:f5:19:
fa:8f:67:6b:7c:9e:69:fb:fc:03:0e:49:25:e3:d3:
58:97:e9:d8:b4:8d:16:a3:5f:9f:f0:c1:fc:4b:7c:
59:85:26:81:4a:22:b9:8c:c4:03:26:ad:c9:84:b4:
7a:9f:df:0e:dc:17:9e:f0:bc:9d:86:85:ef:22:b1:
0f:98:65:66:38:d3:54:1a:f4:83:4b:8c:31:28:0c:
52:f7:60:bf:d3:e4:ac:19:17:86:3e:39:67:ed:28:
80:bf:94:65:61:a9:1f:0c:1a:7a:87:c1:10:b4:42:
7d:db:72:c8:24:3a:f1:5e:df:49:b9:95:ac:9b:70:
12:c6:35:9c:12:ec:0e:0d:af:5e:dd:54:82:b7:83:
cf:7c:78:98:ac:ca:5c:de:99:cd:25:16:ff:fc:71:
f1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:82:27:79:29:F1:57:32:9A:38:85:94:C2:24:D0:CB:D6:0F:AA:A7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24bf98f1-8ee0-4c43-b78c-44132a94c1a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:5000::/40
Signature Algorithm: sha256WithRSAEncryption
91:b4:45:a7:d5:c3:5a:20:c6:3f:0f:16:1a:4a:b5:79:a7:e4:
c3:a4:e3:ec:83:3c:fc:d5:11:1b:ef:99:b4:9f:04:e5:9f:50:
08:37:2c:9b:0a:d2:04:06:9d:15:40:f5:6f:ac:e0:19:e1:7b:
81:2b:b5:98:38:5a:09:9d:fe:31:0a:37:4f:9f:08:37:d7:92:
85:c1:b9:b3:57:b2:7c:64:b2:34:f1:23:f0:b4:91:b3:82:f0:
7a:6d:49:fd:f1:17:6f:ec:6a:c6:ab:86:2d:ee:2f:80:f6:31:
54:82:5d:6e:6e:3e:9c:12:46:84:0d:39:5d:74:f4:80:9c:bb:
c1:71:cd:26:4e:4e:50:3b:01:ba:2b:d8:30:ab:57:d3:19:89:
bf:11:02:87:eb:ca:14:24:3e:1b:e6:1a:58:0f:7e:4a:7c:85:
1e:9d:c0:5a:18:ec:c4:15:7f:48:2b:0d:c0:93:80:4b:32:21:
aa:da:f0:bf:89:b8:22:7d:14:9d:13:38:b5:d3:b6:8e:f0:bb:
9b:11:e8:6e:04:59:cb:33:e7:38:83:ea:bb:68:8b:45:82:70:
7b:95:d4:9e:b8:03:88:f2:2b:43:ae:df:3a:97:a3:97:c1:2a:
d2:af:52:2e:5a:b3:ec:8e:3a:be:a8:82:fc:83:8d:29:9e:be:
1b:ad:11:5b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfe4yKcZpBiEXzM638QDbhKVZOeIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDkwMDAwMDBaFw0yNDA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiZmU3N2RiN2U5MmVjNjViYTAwODU5ZWExZWE2MWVlNmQyNGU4M2QwZjBh
Y2UzN2IwYmMyNzQzNDk4NTYxNmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJwSbUTh9rUmB5ONR5ADAIZdvXCbk4tD6AXZU7phGKMCT4zPGG2UPrmsaMbT
MtrGRuni1x3WQYcJLhl2gji0hq9gpH3yAxWP5Cn8qcaz+LDdWxpb77KvUPKg7ik8
iAe85n+eTzD2BfUZ+o9na3yeafv8Aw5JJePTWJfp2LSNFqNfn/DB/Et8WYUmgUoi
uYzEAyatyYS0ep/fDtwXnvC8nYaF7yKxD5hlZjjTVBr0g0uMMSgMUvdgv9PkrBkX
hj45Z+0ogL+UZWGpHwwaeofBELRCfdtyyCQ68V7fSbmVrJtwEsY1nBLsDg2vXt1U
greDz3x4mKzKXN6ZzSUW//xx8c0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSqgid5
KfFXMpo4hZTCJNDL1g+qpzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjRiZjk4ZjEtOGVlMC00YzQzLWI3OGMtNDQxMzJhOTRjMWE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HZQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCRtEWn1cNaIMY/DxYaSrV5p+TDpOPsgzz81REb
75m0nwTln1AINyybCtIEBp0VQPVvrOAZ4XuBK7WYOFoJnf4xCjdPnwg315KFwbmz
V7J8ZLI08SPwtJGzgvB6bUn98Rdv7GrGq4Yt7i+A9jFUgl1ubj6cEkaEDTlddPSA
nLvBcc0mTk5QOwG6K9gwq1fTGYm/EQKH68oUJD4b5hpYD35KfIUencBaGOzEFX9I
Kw3Ak4BLMiGq2vC/ibgifRSdEzi107aO8LubEehuBFnLM+c4g+q7aItFgnB7ldSe
uAOI8itDrt86l6OXwSrSr1IuWrPsjjq+qIL8g40pnr4brRFb
-----END CERTIFICATE-----
Generated at Sat Apr 27 17:54:23 2024 by rpki-client on console-ams.rpki-client.org