Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27e57c8a-3f63-4773-a205-fef17d1cf1d1.roa
File: 27e57c8a-3f63-4773-a205-fef17d1cf1d1.roa (raw, json)
Hash identifier: CXQ6v4oAwKNGCOOC1PInWV9Qq+ZZFFd9p5YxAabczwI=
Subject key identifier: 92:91:AD:5A:C5:D9:13:72:D0:39:15:5F:BD:CA:8B:92:E2:FA:E8:E6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F72A9B5DA4FDE8025858B87D6EF35BA0E5C84BF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27e57c8a-3f63-4773-a205-fef17d1cf1d1.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:72:a9:b5:da:4f:de:80:25:85:8b:87:d6:ef:35:ba:0e:5c:84:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=17ccd73e86b1f3d78bfbdaa01ebfc283501e9ea585791bf32645e5abe8a1a68b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4d:25:f7:bc:b0:0a:d1:85:f9:32:28:72:a0:
aa:de:ae:a0:b4:17:e3:04:52:4c:13:c2:c1:3b:30:
05:9a:01:c4:fe:93:17:08:51:e7:3a:e7:43:c8:47:
49:37:66:32:32:ab:b0:29:c8:3b:37:41:aa:ef:9a:
19:43:d6:f4:59:b0:0e:7a:71:ae:a1:aa:8e:7a:5a:
af:25:ce:26:7c:75:f2:b1:72:1e:87:15:83:0d:1e:
8b:15:ca:d8:f6:d1:fc:9d:cb:09:b7:89:40:c4:8d:
e8:46:71:c4:4d:22:eb:b9:ec:95:40:b6:20:57:32:
43:95:f9:e8:b2:91:91:3d:f2:f7:f8:bc:cc:fb:9a:
d5:4b:e5:20:e6:3d:4d:c0:ae:6f:e8:41:7b:ed:6f:
23:3b:ec:33:4c:b1:aa:db:35:e7:86:f7:75:db:40:
30:57:a8:51:d0:74:c1:0b:7c:c1:93:9c:99:c3:7c:
ca:7b:5d:31:03:98:b5:e0:19:a3:4d:fe:f4:55:f7:
a3:82:5b:dd:32:30:98:37:e7:a4:ed:09:d4:28:28:
e7:f9:90:19:58:a8:f1:74:15:1d:4e:5a:3c:42:5c:
fe:9a:4f:5a:2e:75:33:d3:15:ac:16:66:0e:55:c1:
aa:83:95:dc:ba:2f:20:1c:5e:b6:ce:37:90:f9:14:
56:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:91:AD:5A:C5:D9:13:72:D0:39:15:5F:BD:CA:8B:92:E2:FA:E8:E6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27e57c8a-3f63-4773-a205-fef17d1cf1d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:5000::/40
Signature Algorithm: sha256WithRSAEncryption
49:d2:86:77:ed:12:da:5f:55:67:5b:f5:d3:84:11:a7:be:3f:
3d:20:bc:d4:a9:e1:ef:39:68:6c:01:c9:8b:3c:85:72:d8:d4:
94:84:88:99:e1:42:6c:df:f6:17:da:54:c9:4f:e1:11:48:cc:
82:a3:f5:f5:d8:24:ba:98:7c:8d:bb:65:ee:78:78:3d:0c:ba:
aa:02:f4:50:d5:c9:6a:65:95:49:54:7e:eb:f3:3f:11:2e:3a:
6a:a0:25:a0:ad:4a:0a:7e:75:00:ed:3b:ea:04:4d:a3:1a:fb:
fe:8c:05:4b:c5:3e:cf:03:ce:dd:5f:21:c7:eb:ce:24:54:d3:
fa:f0:f8:38:dc:11:a4:02:71:d3:2f:fa:e4:b6:0e:e4:e8:fd:
dd:3c:d7:67:3d:70:d3:48:b0:24:27:e2:00:37:bf:d9:cb:51:
03:40:9e:09:cd:5f:6a:cb:89:1f:6e:26:2e:65:63:2c:73:51:
da:3f:ae:6e:9d:0f:53:62:ef:4e:4c:c4:e3:ca:90:5a:1d:50:
9c:aa:3d:55:e0:a1:f1:d0:db:cd:22:af:14:76:1c:e0:8c:5d:
d1:69:6f:d5:e1:10:22:3e:d4:7b:bd:d6:18:c8:60:2e:0f:0b:
78:76:cf:09:98:7d:d9:2e:54:de:c3:a2:e1:84:a0:31:13:65:
54:4a:45:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUX3KptdpP3oAlhYuH1u81ug5chL8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3Y2NkNzNlODZiMWYzZDc4YmZiZGFhMDFlYmZjMjgzNTAxZTllYTU4NTc5
MWJmMzI2NDVlNWFiZThhMWE2OGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdNJfe8sArRhfkyKHKgqt6uoLQX4wRSTBPCwTswBZoBxP6TFwhR5zrnQ8hH
STdmMjKrsCnIOzdBqu+aGUPW9FmwDnpxrqGqjnparyXOJnx18rFyHocVgw0eixXK
2PbR/J3LCbeJQMSN6EZxxE0i67nslUC2IFcyQ5X56LKRkT3y9/i8zPua1UvlIOY9
TcCub+hBe+1vIzvsM0yxqts154b3ddtAMFeoUdB0wQt8wZOcmcN8yntdMQOYteAZ
o03+9FX3o4Jb3TIwmDfnpO0J1Cgo5/mQGVio8XQVHU5aPEJc/ppPWi51M9MVrBZm
DlXBqoOV3LovIBxets43kPkUVlUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSSka1a
xdkTctA5FV+9youS4vro5jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjdlNTdjOGEtM2Y2My00NzczLWEyMDUtZmVmMTdkMWNmMWQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBJ0oZ37RLaX1VnW/XThBGnvj89ILzUqeHvOWhs
AcmLPIVy2NSUhIiZ4UJs3/YX2lTJT+ERSMyCo/X12CS6mHyNu2XueHg9DLqqAvRQ
1clqZZVJVH7r8z8RLjpqoCWgrUoKfnUA7TvqBE2jGvv+jAVLxT7PA87dXyHH684k
VNP68Pg43BGkAnHTL/rktg7k6P3dPNdnPXDTSLAkJ+IAN7/Zy1EDQJ4JzV9qy4kf
biYuZWMsc1HaP65unQ9TYu9OTMTjypBaHVCcqj1V4KHx0NvNIq8UdhzgjF3RaW/V
4RAiPtR7vdYYyGAuDwt4ds8JmH3ZLlTew6LhhKAxE2VUSkUD
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:58:37 2024 by rpki-client on console-fra.rpki-client.org