Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
File: 2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa (raw, json)
Hash identifier: w5qdyDTY9eRuAWvLWpHo3p99fXPh1XJdB6G/18ylmwU=
Subject key identifier: 21:4A:35:7F:ED:7E:99:27:20:34:2D:86:A9:70:16:A2:51:69:96:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4180E6A2D3C5A982E7D003B68B23F0F62AA0C3C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:80:e6:a2:d3:c5:a9:82:e7:d0:03:b6:8b:23:f0:f6:2a:a0:c3:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=5a92599616bd7c28ccf1bfce5c499c83ae1676a56035b3b9ae03813325cb1205, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a1:fb:0c:27:69:9c:71:b3:5c:b8:e3:bc:6f:
69:16:8e:3c:d8:ac:aa:b1:1c:95:ce:9d:d2:c9:e8:
88:29:0d:7a:12:db:d9:2f:6d:59:07:71:31:5e:cd:
b3:b9:30:4f:b6:f3:ff:24:31:51:b6:8f:26:44:29:
42:2d:e3:c2:40:71:21:e6:05:40:8e:a2:81:ac:7c:
25:54:09:2b:86:5c:be:0e:f1:88:28:f3:08:f4:85:
e9:c4:f4:14:71:cc:b5:ba:ea:59:b0:5c:9d:19:a7:
f0:05:a1:58:44:5b:06:14:d3:5b:84:4b:ac:4d:dd:
25:b1:11:35:b7:6a:1d:f8:ca:75:14:76:de:c0:11:
6f:02:e0:47:8e:7a:0f:0d:2b:58:24:26:94:ee:23:
bb:e4:b9:e5:5a:9f:90:a3:24:c8:0f:46:c0:e6:6d:
d2:e8:a3:52:ba:a7:bd:54:e5:d1:04:99:eb:9a:31:
0f:ab:fc:8a:ed:32:ac:c2:cb:fd:a0:95:aa:01:ce:
68:44:fa:8d:c1:e5:a4:18:04:dc:c3:84:b0:c9:35:
e0:6e:bf:a6:88:cc:0e:d4:24:f9:05:09:3e:d8:76:
5f:4e:02:ea:b2:b7:8f:a2:98:7e:ac:a4:17:91:7f:
a6:38:93:c0:d1:31:ef:9c:bc:0b:d3:46:de:99:23:
c3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:4A:35:7F:ED:7E:99:27:20:34:2D:86:A9:70:16:A2:51:69:96:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:a000::/40
Signature Algorithm: sha256WithRSAEncryption
61:95:6b:ba:58:c7:d6:98:61:b2:f6:bb:53:35:a8:68:97:b2:
76:15:68:e6:12:e9:a0:28:7e:12:12:ec:c6:41:f1:77:fb:82:
14:f3:b0:e7:5e:f3:02:37:02:97:35:6b:68:e4:fd:c4:be:83:
30:0b:73:da:7e:2d:97:aa:78:ac:f6:aa:3d:be:b8:a7:8f:f6:
04:95:ad:73:34:f2:66:ed:e7:d8:4b:11:0d:50:a2:fb:d7:11:
88:b1:18:d1:01:a1:cb:db:63:0a:d2:d4:28:86:68:3c:0a:17:
2f:b9:ca:4f:f9:f4:13:0b:ad:a6:b5:56:4b:d6:27:a6:aa:fb:
cf:33:0c:ae:4a:46:3e:d3:b9:ae:bf:7b:e4:f1:d7:42:d0:a8:
cd:c5:a8:47:ff:aa:ce:94:05:85:53:e0:8d:fd:47:05:21:8d:
95:6f:66:d7:04:59:2f:09:03:d8:9f:03:e6:6c:58:40:14:dc:
92:25:e9:35:06:e7:ca:18:c4:d3:5e:c3:d1:b5:99:47:51:e0:
55:be:8b:ab:0d:45:40:bc:7f:5a:9b:55:85:cc:43:dc:9b:57:
c4:19:ec:87:98:9f:bf:1b:9d:14:7b:13:4a:53:4f:25:f9:b0:
59:5d:8a:30:4c:ed:ac:3d:54:2a:fb:03:c7:bf:68:b3:d8:29:
06:29:10:87
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQYDmotPFqYLn0AO2iyPw9iqgw8kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhOTI1OTk2MTZiZDdjMjhjY2YxYmZjZTVjNDk5YzgzYWUxNjc2YTU2MDM1
YjNiOWFlMDM4MTMzMjVjYjEyMDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmh+wwnaZxxs1y447xvaRaOPNisqrEclc6d0snoiCkNehLb2S9tWQdxMV7N
s7kwT7bz/yQxUbaPJkQpQi3jwkBxIeYFQI6igax8JVQJK4Zcvg7xiCjzCPSF6cT0
FHHMtbrqWbBcnRmn8AWhWERbBhTTW4RLrE3dJbERNbdqHfjKdRR23sARbwLgR456
Dw0rWCQmlO4ju+S55VqfkKMkyA9GwOZt0uijUrqnvVTl0QSZ65oxD6v8iu0yrMLL
/aCVqgHOaET6jcHlpBgE3MOEsMk14G6/pojMDtQk+QUJPth2X04C6rK3j6KYfqyk
F5F/pjiTwNEx75y8C9NG3pkjw3kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQhSjV/
7X6ZJyA0LYapcBaiUWmWBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmRjN2I1NjQtYzNlMS00OWVmLWE3OGMtZjM2ZjQxMzliNDNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hig
MA0GCSqGSIb3DQEBCwUAA4IBAQBhlWu6WMfWmGGy9rtTNahol7J2FWjmEumgKH4S
EuzGQfF3+4IU87DnXvMCNwKXNWto5P3EvoMwC3Pafi2Xqnis9qo9vrinj/YEla1z
NPJm7efYSxENUKL71xGIsRjRAaHL22MK0tQohmg8ChcvucpP+fQTC62mtVZL1iem
qvvPMwyuSkY+07muv3vk8ddC0KjNxahH/6rOlAWFU+CN/UcFIY2Vb2bXBFkvCQPY
nwPmbFhAFNySJek1BufKGMTTXsPRtZlHUeBVvourDUVAvH9am1WFzEPcm1fEGeyH
mJ+/G50UexNKU08l+bBZXYowTO2sPVQq+wPHv2iz2CkGKRCH
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:44 2024 by rpki-client on console-ams.rpki-client.org