Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d6c805-f312-4cce-8017-ebfd2169880d.roa
File: 25d6c805-f312-4cce-8017-ebfd2169880d.roa (raw, json)
Hash identifier: uUMIgeUfK290VdW1CKsDWpu+c9NcI003tQH3ct3GU5k=
Subject key identifier: 0E:33:A5:D1:8E:46:97:13:CF:92:9C:2F:42:B7:0D:BC:74:02:B2:33
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0EBD420FC66F63E05C0C931FB9AA9877499E8A10
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d6c805-f312-4cce-8017-ebfd2169880d.roa
Signing time: Fri 06 Sep 2024 00:00:00 +0000
ROA not before: Fri 06 Sep 2024 00:00:00 +0000
ROA not after: Fri 11 Oct 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Sep 2024 20:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:bd:42:0f:c6:6f:63:e0:5c:0c:93:1f:b9:aa:98:77:49:9e:8a:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 6 00:00:00 2024 GMT
Not After : Oct 11 23:59:59 2024 GMT
Subject: serialNumber=21373570b02948032193d5aad0110c68951be0ddafd3fe5906bc1374ed20b2b9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c4:13:d5:80:d4:e9:a9:7e:72:38:7a:2f:c0:
36:e2:b3:09:10:3a:b9:55:1e:fa:2c:44:e8:47:a6:
33:92:32:23:7a:4e:f6:c9:a9:68:08:51:b6:0c:c9:
67:5e:89:34:5a:8f:46:5e:f6:cf:33:3a:90:dd:1a:
7e:4d:83:43:a1:44:20:a3:ec:7b:21:2c:fa:ae:3e:
8e:41:cb:97:d8:e5:2d:b6:7c:f3:80:1c:9b:0b:fc:
f4:64:06:57:49:ef:f5:75:ef:93:a2:99:5d:76:22:
ec:13:99:76:13:b0:81:b2:07:9c:b8:5a:37:12:7b:
29:2a:4c:6d:74:24:49:83:01:6c:70:70:58:d1:cf:
69:5a:90:64:c7:e1:60:6d:32:18:6a:57:cd:56:b4:
58:3f:bb:d8:7a:16:21:cf:c1:29:73:6f:52:3c:53:
8a:1e:3e:d7:db:42:47:01:7e:58:a5:4a:80:ce:07:
84:5b:e1:6d:93:a5:7a:2d:6f:1d:10:81:2e:c9:c5:
b9:9e:0a:74:28:19:93:61:7f:be:93:44:62:d3:99:
ff:c5:b6:7c:4f:07:4e:f8:7b:18:e2:a7:e5:09:31:
f9:4b:44:1d:60:85:6f:0d:65:15:4b:72:fd:9b:d8:
c9:07:45:8f:c0:7a:7f:74:14:a8:f3:4b:78:29:d0:
1b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:33:A5:D1:8E:46:97:13:CF:92:9C:2F:42:B7:0D:BC:74:02:B2:33
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d6c805-f312-4cce-8017-ebfd2169880d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:6000::/40
Signature Algorithm: sha256WithRSAEncryption
b1:1a:ad:37:2f:5e:28:67:1b:3b:e9:c9:61:75:c3:cc:19:a6:
5a:1e:de:d0:9b:97:22:ea:3a:1c:27:10:88:95:3e:e3:19:6c:
e7:92:0d:ac:1b:30:a8:29:32:01:af:73:80:ad:87:0d:4c:8e:
0c:75:0a:da:92:7a:9e:12:e3:dc:a0:b3:86:fd:95:83:32:1b:
d0:73:5a:15:6d:aa:80:4b:05:87:74:27:24:3a:b6:8c:51:1b:
52:16:c1:4b:19:3f:b1:30:5e:8c:19:0f:14:2b:c1:98:e6:d4:
c0:a9:ab:7a:79:79:26:cc:a4:d6:4b:e0:26:f4:68:2e:20:e5:
ce:0b:6b:b7:7e:89:4c:b7:31:3d:51:7b:1f:bf:b7:ca:3d:57:
e5:eb:34:5f:34:c2:bb:41:c8:f2:31:ef:e3:16:50:7d:4e:75:
f6:22:f7:83:26:b2:fc:59:de:4e:3f:aa:43:58:b8:51:68:5b:
86:7b:aa:7a:75:37:e3:6b:52:f2:21:a5:75:e8:84:69:47:5c:
b3:63:de:90:6c:e5:e5:f2:1f:47:6d:86:bf:bb:55:bc:77:b1:
60:88:57:15:d9:34:56:0b:1a:a0:b1:d3:0e:55:7b:58:71:fe:
0d:c2:27:18:48:72:4f:ec:86:f7:31:e0:8d:ee:cb:f4:fe:af:
3b:95:21:39
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDr1CD8ZvY+BcDJMfuaqYd0meihAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA5MDYwMDAwMDBaFw0yNDEwMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxMzczNTcwYjAyOTQ4MDMyMTkzZDVhYWQwMTEwYzY4OTUxYmUwZGRhZmQz
ZmU1OTA2YmMxMzc0ZWQyMGIyYjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvEE9WA1OmpfnI4ei/ANuKzCRA6uVUe+ixE6EemM5IyI3pO9smpaAhRtgzJ
Z16JNFqPRl72zzM6kN0afk2DQ6FEIKPseyEs+q4+jkHLl9jlLbZ884Acmwv89GQG
V0nv9XXvk6KZXXYi7BOZdhOwgbIHnLhaNxJ7KSpMbXQkSYMBbHBwWNHPaVqQZMfh
YG0yGGpXzVa0WD+72HoWIc/BKXNvUjxTih4+19tCRwF+WKVKgM4HhFvhbZOlei1v
HRCBLsnFuZ4KdCgZk2F/vpNEYtOZ/8W2fE8HTvh7GOKn5Qkx+UtEHWCFbw1lFUty
/ZvYyQdFj8B6f3QUqPNLeCnQGxECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQOM6XR
jkaXE8+SnC9Ctw28dAKyMzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjVkNmM4MDUtZjMxMi00Y2NlLTgwMTctZWJmZDIxNjk4ODBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Flg
MA0GCSqGSIb3DQEBCwUAA4IBAQCxGq03L14oZxs76clhdcPMGaZaHt7Qm5ci6joc
JxCIlT7jGWznkg2sGzCoKTIBr3OArYcNTI4MdQraknqeEuPcoLOG/ZWDMhvQc1oV
baqASwWHdCckOraMURtSFsFLGT+xMF6MGQ8UK8GY5tTAqat6eXkmzKTWS+Am9Ggu
IOXOC2u3folMtzE9UXsfv7fKPVfl6zRfNMK7QcjyMe/jFlB9TnX2IveDJrL8Wd5O
P6pDWLhRaFuGe6p6dTfja1LyIaV16IRpR1yzY96QbOXl8h9HbYa/u1W8d7FgiFcV
2TRWCxqgsdMOVXtYcf4NwicYSHJP7Ib3MeCN7sv0/q87lSE5
-----END CERTIFICATE-----
Generated at Sat Sep 7 01:39:48 2024 by rpki-client on console-ams.rpki-client.org