Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc93f38-5896-4a75-87cd-091473542cb9.roa
File: 2dc93f38-5896-4a75-87cd-091473542cb9.roa (raw, json)
Hash identifier: CjX6TyWO9Rmic/VMHXCJDYmZrVqp+ALHPD8XHUshqGQ=
Subject key identifier: 64:5F:D8:71:1C:F3:9C:2D:42:43:57:F3:0D:0C:70:74:01:F7:4D:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0718543DB53155D73807A78B0F10BC59FFE56D5F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc93f38-5896-4a75-87cd-091473542cb9.roa
Signing time: Tue 09 Apr 2024 00:00:00 +0000
ROA not before: Tue 09 Apr 2024 00:00:00 +0000
ROA not after: Tue 14 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 12:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:18:54:3d:b5:31:55:d7:38:07:a7:8b:0f:10:bc:59:ff:e5:6d:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 9 00:00:00 2024 GMT
Not After : May 14 23:59:59 2024 GMT
Subject: serialNumber=1b6577038eb3df989779164157a37b9991279b44e73d6e073688b24db6e84ed7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4e:0f:2a:cd:5d:bb:a0:77:a1:44:71:eb:37:
7e:1d:92:e5:27:24:87:00:2e:4b:5e:09:48:39:bc:
a6:c4:5a:0c:06:ca:a5:e5:99:3f:26:2a:02:ec:30:
cc:1d:47:e8:e6:54:87:dd:0b:9e:e0:2a:cc:3d:4b:
3b:2b:99:db:62:f6:b5:f1:cd:e4:6c:8c:82:e2:57:
df:49:1a:69:c2:50:bd:68:88:5a:78:d7:e2:a9:9b:
70:7f:08:2c:cc:c4:ff:d1:1a:e3:ed:e1:98:6e:1b:
8e:06:0e:5d:2a:7f:2b:91:3b:28:c5:56:f7:ac:7e:
98:44:14:3b:3f:78:10:ec:f1:ba:13:03:ed:f6:d3:
7d:ef:1b:dc:93:c0:5a:a4:c7:59:3a:3b:80:ca:36:
e1:6f:1c:ea:ab:ae:2b:13:30:e4:fc:9b:c4:c0:28:
e0:45:fa:fc:60:98:5c:99:c1:87:83:f7:35:00:fa:
b9:a6:e3:22:20:05:f8:55:95:04:35:c8:d0:cb:c2:
2f:7c:16:7b:f0:20:f3:5a:15:ab:64:67:6c:67:81:
e5:b1:37:56:bf:dd:b7:57:47:ab:d1:6e:60:c8:68:
d7:c6:9b:cf:41:6a:ab:39:54:32:89:1d:2a:70:69:
b6:b3:10:a7:f0:5f:70:21:e6:bc:92:8f:36:b4:dd:
8c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:5F:D8:71:1C:F3:9C:2D:42:43:57:F3:0D:0C:70:74:01:F7:4D:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc93f38-5896-4a75-87cd-091473542cb9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:2000::/40
Signature Algorithm: sha256WithRSAEncryption
7a:ec:fb:91:27:7d:c3:98:96:c7:d5:35:12:54:c5:1d:6d:a5:
7c:40:55:ee:63:26:f0:8f:5f:76:7e:bc:04:36:8e:5c:49:7c:
4e:a4:b2:44:43:0a:d1:f4:be:c7:db:4d:d6:9d:75:78:04:2f:
56:7a:cb:a4:05:8d:9f:e2:4e:92:82:cd:33:9e:35:94:fc:3f:
98:ce:bc:e9:77:27:5f:6e:fd:c4:7a:b2:f3:f0:b4:00:ee:c1:
2d:1b:09:03:fe:e4:30:fd:02:e8:7c:40:3d:96:3c:d3:4d:0e:
87:70:fd:65:61:8f:f5:68:8d:d7:ae:04:a9:38:36:fc:ea:5b:
6f:25:cf:34:3c:88:31:1e:7d:60:b5:40:6b:80:c7:7f:1d:0a:
b6:02:65:8f:af:5c:a3:32:d8:8f:7b:38:fb:21:25:61:58:35:
8a:61:24:e9:72:5b:ee:35:dc:01:2a:d1:6b:b3:4a:d4:bb:a8:
2d:46:19:36:1a:6b:58:09:70:68:e7:b8:ff:56:57:75:48:cf:
fa:c4:15:cc:94:70:7f:de:1e:6c:32:33:0c:d6:9f:ea:f8:e4:
1c:1f:69:a7:5f:9e:06:60:17:d3:b7:44:12:f3:44:07:06:55:
49:1a:07:35:38:93:cc:76:9e:f0:52:7d:08:aa:86:6b:f4:fb:
83:d4:26:08
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBxhUPbUxVdc4B6eLDxC8Wf/lbV8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDkwMDAwMDBaFw0yNDA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiNjU3NzAzOGViM2RmOTg5Nzc5MTY0MTU3YTM3Yjk5OTEyNzliNDRlNzNk
NmUwNzM2ODhiMjRkYjZlODRlZDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhODyrNXbugd6FEces3fh2S5SckhwAuS14JSDm8psRaDAbKpeWZPyYqAuww
zB1H6OZUh90LnuAqzD1LOyuZ22L2tfHN5GyMguJX30kaacJQvWiIWnjX4qmbcH8I
LMzE/9Ea4+3hmG4bjgYOXSp/K5E7KMVW96x+mEQUOz94EOzxuhMD7fbTfe8b3JPA
WqTHWTo7gMo24W8c6quuKxMw5PybxMAo4EX6/GCYXJnBh4P3NQD6uabjIiAF+FWV
BDXI0MvCL3wWe/Ag81oVq2RnbGeB5bE3Vr/dt1dHq9FuYMho18abz0FqqzlUMokd
KnBptrMQp/BfcCHmvJKPNrTdjAUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRkX9hx
HPOcLUJDV/MNDHB0AfdNoDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmRjOTNmMzgtNTg5Ni00YTc1LTg3Y2QtMDkxNDczNTQyY2I5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HYg
MA0GCSqGSIb3DQEBCwUAA4IBAQB67PuRJ33DmJbH1TUSVMUdbaV8QFXuYybwj192
frwENo5cSXxOpLJEQwrR9L7H203WnXV4BC9WesukBY2f4k6Sgs0znjWU/D+Yzrzp
dydfbv3EerLz8LQA7sEtGwkD/uQw/QLofEA9ljzTTQ6HcP1lYY/1aI3XrgSpODb8
6ltvJc80PIgxHn1gtUBrgMd/HQq2AmWPr1yjMtiPezj7ISVhWDWKYSTpclvuNdwB
KtFrs0rUu6gtRhk2GmtYCXBo57j/Vld1SM/6xBXMlHB/3h5sMjMM1p/q+OQcH2mn
X54GYBfTt0QS80QHBlVJGgc1OJPMdp7wUn0IqoZr9PuD1CYI
-----END CERTIFICATE-----
Generated at Sun Apr 28 15:48:50 2024 by rpki-client on console-fra.rpki-client.org