Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24bf98f1-8ee0-4c43-b78c-44132a94c1a5.roa
File: 24bf98f1-8ee0-4c43-b78c-44132a94c1a5.roa (raw, json)
Hash identifier: 6nvv9ygJFekRentewa/Fdrb07ghIjklPWuodosVgaWo=
Subject key identifier: 96:00:D0:B5:BB:2B:E4:3E:75:2A:20:E8:5C:B7:2A:68:6F:ED:20:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 55C895C6F81E9F84FD987EA70219141ABA5D1B69
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24bf98f1-8ee0-4c43-b78c-44132a94c1a5.roa
Signing time: Fri 22 Nov 2024 00:00:00 +0000
ROA not before: Fri 22 Nov 2024 00:00:00 +0000
ROA not after: Fri 27 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:c8:95:c6:f8:1e:9f:84:fd:98:7e:a7:02:19:14:1a:ba:5d:1b:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 22 00:00:00 2024 GMT
Not After : Dec 27 23:59:59 2024 GMT
Subject: serialNumber=39a70d80a854e06a97217a6892cda379880bd24c4e0eab71e08fe6e70979c3bb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c5:6d:47:7f:fd:07:a0:40:9c:45:9a:3a:1d:
29:bb:68:95:ba:78:3d:d3:a0:08:b5:ca:66:00:85:
2c:dc:aa:0d:d0:88:4f:d1:e1:b7:ad:1e:e9:ec:df:
8e:4d:57:4c:a4:92:ba:ba:4e:c7:6a:b5:fc:d2:ee:
25:25:5a:fe:bc:7e:b3:cf:ff:f1:93:1b:9e:fd:2b:
69:1f:55:fd:44:e8:85:1f:bd:5f:88:7a:98:63:5b:
35:db:24:b8:49:3d:c1:69:2b:14:b3:96:a4:5d:bb:
ed:4c:7d:3c:6b:c5:a8:46:aa:c0:dd:7b:f0:ed:32:
0b:8e:a1:16:05:bb:5d:7c:1c:e7:0a:74:41:33:58:
0d:8a:e6:cc:df:60:88:c9:93:3a:57:1d:90:89:22:
18:95:aa:35:e3:c9:1c:d5:8b:e1:09:2c:56:c9:00:
63:c8:f8:99:13:da:d5:f4:52:6b:16:f8:dc:6f:a2:
15:82:06:6b:35:8e:4b:1f:e3:d2:7a:63:38:e2:ce:
92:a8:a5:80:c4:e0:27:a7:b0:8a:40:37:b4:02:1a:
7f:ba:7d:41:f9:e9:c1:b1:64:e9:6f:bc:da:79:3e:
61:fe:31:c4:05:23:f9:18:7f:a0:56:0c:d9:40:b9:
95:22:90:11:a5:ed:28:a7:c0:19:c7:45:f8:49:1b:
52:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:00:D0:B5:BB:2B:E4:3E:75:2A:20:E8:5C:B7:2A:68:6F:ED:20:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24bf98f1-8ee0-4c43-b78c-44132a94c1a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:5000::/40
Signature Algorithm: sha256WithRSAEncryption
38:9f:b1:95:bb:e2:4c:54:60:2b:ae:19:3e:d1:fe:9a:86:32:
e5:81:88:7c:ad:32:34:f4:8d:5a:6b:f3:83:8c:e0:26:8a:0a:
21:7e:08:bf:69:fb:9e:6a:a1:7b:fe:57:d3:09:2f:93:57:bc:
f4:2d:1b:e6:de:84:c4:0d:12:24:d7:46:bd:88:e2:e4:1d:0f:
b4:c9:81:ae:c2:11:59:5e:34:4a:f6:7c:28:30:74:8a:04:08:
e5:49:d0:74:a8:dc:11:0f:59:9c:c3:c8:2e:59:28:b0:03:46:
3e:70:79:95:9f:31:af:0f:a5:b8:84:69:01:9d:28:40:1e:95:
a1:df:c6:65:98:0b:f9:de:c0:5e:13:e4:cf:44:25:cb:39:15:
a5:41:f9:3e:77:0b:b6:e5:a8:4c:8a:fd:9e:ac:65:18:08:60:
d8:80:ae:bd:b4:95:75:31:7b:31:3d:03:d5:c2:08:42:49:30:
fb:51:ca:31:f8:cb:19:35:2b:06:83:90:3a:e3:f4:7d:11:1f:
a9:5e:fb:3f:c2:9f:de:70:92:fd:3b:cf:a5:86:9c:98:ba:f2:
3f:6e:86:46:e5:d9:e5:e9:fe:78:da:0a:45:33:96:c7:11:59:
f9:7a:fc:36:48:d8:6d:e9:3b:6e:d0:db:e7:b4:fe:76:4a:75:
1d:79:ca:ad
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVciVxvgen4T9mH6nAhkUGrpdG2kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMjIwMDAwMDBaFw0yNDEyMjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5YTcwZDgwYTg1NGUwNmE5NzIxN2E2ODkyY2RhMzc5ODgwYmQyNGM0ZTBl
YWI3MWUwOGZlNmU3MDk3OWMzYmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/FbUd//QegQJxFmjodKbtolbp4PdOgCLXKZgCFLNyqDdCIT9Hht60e6ezf
jk1XTKSSurpOx2q1/NLuJSVa/rx+s8//8ZMbnv0raR9V/UTohR+9X4h6mGNbNdsk
uEk9wWkrFLOWpF277Ux9PGvFqEaqwN178O0yC46hFgW7XXwc5wp0QTNYDYrmzN9g
iMmTOlcdkIkiGJWqNePJHNWL4QksVskAY8j4mRPa1fRSaxb43G+iFYIGazWOSx/j
0npjOOLOkqilgMTgJ6ewikA3tAIaf7p9QfnpwbFk6W+82nk+Yf4xxAUj+Rh/oFYM
2UC5lSKQEaXtKKfAGcdF+EkbUpcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSWANC1
uyvkPnUqIOhctypob+0gEzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjRiZjk4ZjEtOGVlMC00YzQzLWI3OGMtNDQxMzJhOTRjMWE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HZQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA4n7GVu+JMVGArrhk+0f6ahjLlgYh8rTI09I1a
a/ODjOAmigohfgi/afueaqF7/lfTCS+TV7z0LRvm3oTEDRIk10a9iOLkHQ+0yYGu
whFZXjRK9nwoMHSKBAjlSdB0qNwRD1mcw8guWSiwA0Y+cHmVnzGvD6W4hGkBnShA
HpWh38ZlmAv53sBeE+TPRCXLORWlQfk+dwu25ahMiv2erGUYCGDYgK69tJV1MXsx
PQPVwghCSTD7Ucox+MsZNSsGg5A64/R9ER+pXvs/wp/ecJL9O8+lhpyYuvI/boZG
5dnl6f542gpFM5bHEVn5evw2SNht6Ttu0NvntP52SnUdecqt
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:44 2024 by rpki-client on console-ams.rpki-client.org