Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/29da5eb1-a285-413c-a29c-911e1f05356b.roa
File: 29da5eb1-a285-413c-a29c-911e1f05356b.roa (raw, json)
Hash identifier: m5OCvHOt5/OBV/CXQ/vOpQxGZT678ZPg2rCSbKrzb80=
Subject key identifier: 62:B9:FA:30:D5:09:BC:08:E0:2F:8A:5C:EA:91:19:72:DC:F6:21:0F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 44D2046AA8DE7EC91E3660DE1C6715867C09AD56
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/29da5eb1-a285-413c-a29c-911e1f05356b.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Apr 2024 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:d2:04:6a:a8:de:7e:c9:1e:36:60:de:1c:67:15:86:7c:09:ad:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=008d97a67c905fab0d3f7d5a0280da4519b27d8237d87f1839d09c21aaea754a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7c:55:25:61:1d:39:d8:fb:64:f4:86:b8:43:
be:70:04:d6:3a:5d:b7:75:86:df:3c:f9:30:ea:40:
70:89:cb:56:7f:15:b5:04:1a:a3:42:2d:f4:2d:15:
10:92:47:9c:d4:53:6e:89:64:9a:20:f7:e0:77:f1:
ef:96:a4:9b:46:08:c9:e6:2a:30:7f:53:77:a3:cb:
95:64:9d:5c:14:09:c0:1a:b0:25:5e:35:1f:91:4f:
7e:33:fa:13:e6:9b:f3:4b:e0:a7:cb:2c:16:7c:62:
6f:5a:16:5f:57:12:6d:c1:29:73:fc:2c:9a:97:82:
4f:8e:87:d2:69:ab:46:e8:e1:de:de:fb:e2:18:20:
c7:e1:a0:43:9d:6f:3a:1f:0c:58:c6:11:8c:31:91:
83:e0:6a:6c:18:98:96:d7:6b:a3:61:cf:3a:04:3f:
74:95:02:d2:60:02:f4:cf:07:5f:6b:92:1a:01:97:
c9:a6:c2:ca:48:2b:da:77:7c:c5:06:13:1c:cf:74:
f3:cf:2a:dd:5f:ad:3d:68:27:51:a6:81:a4:2e:a7:
2f:4b:fb:ad:d9:52:e7:9b:b5:71:09:c5:ff:37:08:
e3:d3:02:1c:14:91:e5:bc:76:18:6c:0e:a9:d9:0a:
82:28:31:60:c9:ca:34:02:10:1c:5f:66:30:25:fd:
e3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B9:FA:30:D5:09:BC:08:E0:2F:8A:5C:EA:91:19:72:DC:F6:21:0F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/29da5eb1-a285-413c-a29c-911e1f05356b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c:e000::/40
Signature Algorithm: sha256WithRSAEncryption
b5:eb:2f:25:ee:ac:09:b2:ed:69:19:d9:fc:9d:b0:08:23:48:
91:5f:19:81:60:75:4a:ae:90:b4:43:fa:98:ba:06:96:4d:7c:
1a:1a:a4:50:49:dc:3c:c4:e2:af:aa:e0:0c:c7:3d:b9:f9:18:
0f:b1:2d:ef:03:62:1c:ae:2b:39:4f:df:f9:d8:46:34:2c:c2:
c4:d2:82:49:f7:30:0d:bd:c3:87:80:6f:57:f8:64:2d:5f:b2:
66:d4:52:ea:fe:9d:5a:e2:aa:a2:fa:b3:75:8f:1d:36:31:6c:
e6:82:35:ef:37:98:38:2b:da:9c:dd:22:9b:c3:b2:65:f8:ce:
bb:bd:04:8e:07:f3:8d:67:d2:2d:fd:27:b4:64:ad:ec:2e:ce:
26:9d:a4:b2:7f:2c:fe:33:d1:77:57:5f:bd:a6:35:82:47:74:
c2:6c:86:4f:84:e3:1e:11:8e:30:a0:db:26:7c:31:de:2a:46:
92:34:5c:8f:d5:bc:26:87:25:56:37:39:a7:76:46:ee:8c:56:
a8:5b:f8:83:7b:f6:4a:c7:2d:f2:fb:fe:84:78:33:79:6f:9b:
7b:ad:ab:1f:f5:20:a0:9a:b1:dc:48:c1:92:0d:d4:c7:c5:c9:
6c:fc:a1:bc:d7:0c:4d:87:ae:ca:df:41:41:ac:6d:dc:b5:8e:
67:7f:a3:59
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURNIEaqjefskeNmDeHGcVhnwJrVYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwOGQ5N2E2N2M5MDVmYWIwZDNmN2Q1YTAyODBkYTQ1MTliMjdkODIzN2Q4
N2YxODM5ZDA5YzIxYWFlYTc1NGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJ8VSVhHTnY+2T0hrhDvnAE1jpdt3WG3zz5MOpAcInLVn8VtQQao0It9C0V
EJJHnNRTbolkmiD34Hfx75akm0YIyeYqMH9Td6PLlWSdXBQJwBqwJV41H5FPfjP6
E+ab80vgp8ssFnxib1oWX1cSbcEpc/wsmpeCT46H0mmrRujh3t774hggx+GgQ51v
Oh8MWMYRjDGRg+BqbBiYltdro2HPOgQ/dJUC0mAC9M8HX2uSGgGXyabCykgr2nd8
xQYTHM90888q3V+tPWgnUaaBpC6nL0v7rdlS55u1cQnF/zcI49MCHBSR5bx2GGwO
qdkKgigxYMnKNAIQHF9mMCX945UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRiufow
1Qm8COAvilzqkRly3PYhDzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjlkYTVlYjEtYTI4NS00MTNjLWEyOWMtOTExZTFmMDUzNTZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hzg
MA0GCSqGSIb3DQEBCwUAA4IBAQC16y8l7qwJsu1pGdn8nbAII0iRXxmBYHVKrpC0
Q/qYugaWTXwaGqRQSdw8xOKvquAMxz25+RgPsS3vA2Icris5T9/52EY0LMLE0oJJ
9zANvcOHgG9X+GQtX7Jm1FLq/p1a4qqi+rN1jx02MWzmgjXvN5g4K9qc3SKbw7Jl
+M67vQSOB/ONZ9It/Se0ZK3sLs4mnaSyfyz+M9F3V1+9pjWCR3TCbIZPhOMeEY4w
oNsmfDHeKkaSNFyP1bwmhyVWNzmndkbujFaoW/iDe/ZKxy3y+/6EeDN5b5t7rasf
9SCgmrHcSMGSDdTHxcls/KG81wxNh67K30FBrG3ctY5nf6NZ
-----END CERTIFICATE-----
Generated at Thu Apr 18 02:44:33 2024 by rpki-client on console-fra.rpki-client.org