Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27e57c8a-3f63-4773-a205-fef17d1cf1d1.roa
File: 27e57c8a-3f63-4773-a205-fef17d1cf1d1.roa (raw, json)
Hash identifier: yCrYjsKQkFeiBjnXPTfCuXGAMUFTin00A6NatDuNZtM=
Subject key identifier: ED:5B:BA:3E:09:01:08:5D:0E:EA:46:B3:33:B8:25:D5:E4:EF:3C:C9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4C1BCD2503C1185AC3B42042DEDD95CDDB19990D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27e57c8a-3f63-4773-a205-fef17d1cf1d1.roa
Signing time: Mon 30 Sep 2024 00:00:00 +0000
ROA not before: Mon 30 Sep 2024 00:00:00 +0000
ROA not after: Mon 04 Nov 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Oct 2024 14:16:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:1b:cd:25:03:c1:18:5a:c3:b4:20:42:de:dd:95:cd:db:19:99:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 30 00:00:00 2024 GMT
Not After : Nov 4 23:59:59 2024 GMT
Subject: serialNumber=b72712ee11e5b7f17805c4a3eea13667a962c9a8d0d2197658f8ca47d6355515, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:16:69:17:76:64:c5:80:cc:1f:47:30:89:cf:
c4:82:d0:41:50:9a:10:ad:d0:4a:f8:cd:8b:f0:74:
e7:35:7a:e6:84:12:fa:19:67:e9:ba:97:20:6d:fd:
f2:9b:42:08:f5:cc:5d:b7:ff:06:d7:6b:35:fd:c7:
4d:19:f6:4d:b8:6f:5a:8d:b6:33:7d:cf:10:1c:09:
ee:1b:59:9f:80:5d:67:1c:2d:ea:09:40:7a:c8:f8:
51:f2:45:a6:43:76:d5:3e:7f:07:57:c5:de:fb:ea:
ce:e1:6f:50:46:52:8b:68:09:3c:be:d4:2a:15:49:
56:74:24:59:e9:a8:78:73:8f:f8:66:5a:3e:12:d6:
45:1b:e0:16:0c:d8:d6:ea:d6:90:76:36:d2:a7:ee:
60:60:d8:04:58:bf:ea:4e:e0:05:dd:16:50:80:4d:
83:9d:df:71:48:e0:be:db:58:0a:a8:dd:aa:ac:9f:
32:49:80:51:af:b8:53:a5:54:d4:20:af:88:bd:b3:
c7:9e:fe:de:4c:dc:10:96:17:1f:80:6b:ea:54:ad:
e7:a3:19:99:79:34:31:2a:6f:6f:00:f6:bb:52:99:
ad:89:66:82:96:6e:ea:e2:ff:3d:2e:b4:3c:35:cf:
f8:34:06:e0:1f:5d:63:4f:ad:8b:6a:e0:4f:b7:90:
12:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:5B:BA:3E:09:01:08:5D:0E:EA:46:B3:33:B8:25:D5:E4:EF:3C:C9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27e57c8a-3f63-4773-a205-fef17d1cf1d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:5000::/40
Signature Algorithm: sha256WithRSAEncryption
7e:20:8f:08:79:e4:78:46:03:a1:66:a6:15:f0:92:2e:b7:b6:
66:80:25:b3:e3:64:95:71:fc:e4:f6:87:09:0c:95:d6:bf:2e:
61:cb:8f:cb:5d:12:73:7d:a3:0b:5d:85:e1:b0:b7:ce:d2:61:
14:cd:65:1f:9e:93:0c:09:55:fa:57:5c:d4:a7:56:8d:4e:f4:
00:79:f3:c0:1a:52:06:d7:52:a6:da:5b:2d:7a:a3:d1:0a:cd:
3a:9d:eb:c8:df:41:0d:a8:10:db:a3:e7:3b:54:3e:5b:4d:ba:
65:ec:7b:fd:3b:c3:81:d5:fe:7a:98:31:d6:ae:16:6c:d8:fd:
c9:96:e2:e7:3c:9a:e2:2d:2f:e3:d7:fd:2b:4e:ee:5a:7c:0a:
56:86:7c:60:44:3e:6a:d9:e0:d8:69:a2:25:b9:62:77:c0:73:
4e:3e:74:3d:23:d3:f6:89:67:d0:52:65:b4:bf:71:ad:13:8b:
a1:ec:d6:68:50:cd:cb:db:5f:48:fc:76:d8:cf:4b:64:06:ed:
3f:6b:6d:05:2a:c8:f8:66:2f:32:77:2a:f6:55:ba:32:40:e2:
2f:74:80:c2:08:97:63:69:68:10:31:c5:36:fc:64:e3:38:95:
a8:37:d8:8a:9f:84:8f:69:be:c9:b1:84:cf:74:87:c6:11:f5:
90:99:18:01
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTBvNJQPBGFrDtCBC3t2VzdsZmQ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA5MzAwMDAwMDBaFw0yNDExMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3MjcxMmVlMTFlNWI3ZjE3ODA1YzRhM2VlYTEzNjY3YTk2MmM5YThkMGQy
MTk3NjU4ZjhjYTQ3ZDYzNTU1MTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOwWaRd2ZMWAzB9HMInPxILQQVCaEK3QSvjNi/B05zV65oQS+hln6bqXIG39
8ptCCPXMXbf/BtdrNf3HTRn2TbhvWo22M33PEBwJ7htZn4BdZxwt6glAesj4UfJF
pkN21T5/B1fF3vvqzuFvUEZSi2gJPL7UKhVJVnQkWemoeHOP+GZaPhLWRRvgFgzY
1urWkHY20qfuYGDYBFi/6k7gBd0WUIBNg53fcUjgvttYCqjdqqyfMkmAUa+4U6VU
1CCviL2zx57+3kzcEJYXH4Br6lSt56MZmXk0MSpvbwD2u1KZrYlmgpZu6uL/PS60
PDXP+DQG4B9dY0+ti2rgT7eQEv8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTtW7o+
CQEIXQ7qRrMzuCXV5O88yTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjdlNTdjOGEtM2Y2My00NzczLWEyMDUtZmVmMTdkMWNmMWQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB+II8IeeR4RgOhZqYV8JIut7ZmgCWz42SVcfzk
9ocJDJXWvy5hy4/LXRJzfaMLXYXhsLfO0mEUzWUfnpMMCVX6V1zUp1aNTvQAefPA
GlIG11Km2lsteqPRCs06nevI30ENqBDbo+c7VD5bTbpl7Hv9O8OB1f56mDHWrhZs
2P3JluLnPJriLS/j1/0rTu5afApWhnxgRD5q2eDYaaIluWJ3wHNOPnQ9I9P2iWfQ
UmW0v3GtE4uh7NZoUM3L219I/HbYz0tkBu0/a20FKsj4Zi8ydyr2VboyQOIvdIDC
CJdjaWgQMcU2/GTjOJWoN9iKn4SPab7JsYTPdIfGEfWQmRgB
-----END CERTIFICATE-----
Generated at Wed Oct 9 18:18:04 2024 by rpki-client on console-fra.rpki-client.org