Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc93f38-5896-4a75-87cd-091473542cb9.roa
File: 2dc93f38-5896-4a75-87cd-091473542cb9.roa (raw, json)
Hash identifier: Zr3jGe0OatyW0hhNP/0pkjlgl8fkhhaULIYKhrpZMpQ=
Subject key identifier: EA:D0:6E:FC:A2:17:5F:EB:0A:54:1F:82:EF:34:28:C3:6C:76:15:E3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D4C2754ECF1AA8267E3FF55EC161E1146C4247C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc93f38-5896-4a75-87cd-091473542cb9.roa
Signing time: Fri 22 Nov 2024 00:00:00 +0000
ROA not before: Fri 22 Nov 2024 00:00:00 +0000
ROA not after: Fri 27 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:4c:27:54:ec:f1:aa:82:67:e3:ff:55:ec:16:1e:11:46:c4:24:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 22 00:00:00 2024 GMT
Not After : Dec 27 23:59:59 2024 GMT
Subject: serialNumber=0a0e39179cbba317a9772674aa6b632387ea9fc9254f5b914489b9f28df8f84a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:74:29:07:8a:a3:ea:0b:d8:d2:38:51:1d:18:
29:78:8b:2b:19:3a:da:25:04:36:a4:3d:2b:8d:83:
1f:85:7c:01:f1:7d:c3:7f:ae:a6:9f:5f:a4:69:0f:
90:c6:de:e0:4c:1f:02:3c:41:b8:76:3e:98:40:30:
aa:0f:40:49:ef:8c:33:98:e8:b8:96:b1:58:82:37:
7a:62:43:5a:09:39:ed:77:9f:53:de:c9:e0:95:75:
87:d8:80:3d:a5:82:97:81:bb:66:09:c4:b3:c3:77:
5a:31:fd:98:77:9c:fc:a7:9e:b7:06:d1:26:a7:d9:
ff:d4:bd:0c:bb:53:7e:2d:21:2c:2b:ed:af:df:b5:
ea:ea:fd:4b:20:7b:72:ec:85:9d:4d:4f:95:10:dc:
81:ed:b8:07:1b:d9:43:ed:77:49:36:84:52:06:4a:
ca:dd:11:a8:bb:fa:e3:64:7e:61:b1:31:3e:2c:69:
ac:d3:d3:ae:56:7a:db:b9:2a:97:21:45:d7:e2:73:
da:23:49:a1:1f:a5:8a:b9:32:0e:cc:6c:33:d3:f3:
1e:2f:9d:2e:39:66:4c:c2:d2:7d:e9:36:4c:43:8c:
5f:99:d1:da:4d:dc:81:22:b1:67:d6:5e:09:d5:e9:
93:d5:c0:d8:56:eb:82:8b:a5:a7:4e:4e:58:cc:f8:
df:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:D0:6E:FC:A2:17:5F:EB:0A:54:1F:82:EF:34:28:C3:6C:76:15:E3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc93f38-5896-4a75-87cd-091473542cb9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:2000::/40
Signature Algorithm: sha256WithRSAEncryption
a1:11:74:ef:f6:a7:87:fa:6c:10:89:ca:27:df:70:cb:bd:5d:
95:28:0e:3b:e3:88:ce:f4:b4:a3:1c:8b:fe:83:45:be:62:97:
9d:62:3d:e4:e8:54:d5:2c:c7:2d:d5:1c:3b:14:a5:40:c0:5a:
78:db:1e:ea:d4:b9:0e:76:4d:26:e5:67:de:c2:9f:d4:c3:86:
7a:9b:54:60:46:e8:30:06:a3:de:ed:66:63:34:ab:5e:48:d7:
35:e6:b1:22:76:1c:c3:ee:50:1a:45:38:8f:54:04:5e:bd:b6:
8e:b3:26:56:6d:74:82:b4:c3:ed:1d:64:e1:da:93:90:78:89:
7f:48:52:73:24:a6:a9:78:d7:25:3b:c9:f2:0f:2e:b0:b3:18:
17:b4:ef:48:aa:a8:11:e6:07:08:6b:82:10:18:a5:ca:0b:94:
9d:ec:09:5f:f4:e0:d2:2e:4c:ba:1e:e7:fa:10:c4:5c:4e:b4:
1c:de:d6:e8:a3:f4:e3:f0:40:dd:17:1f:5b:99:19:f8:81:e9:
f6:4a:a1:c1:b2:39:a8:0c:d0:d5:c5:ed:57:00:91:d1:c4:2e:
23:56:8e:4a:d6:01:65:73:a0:b8:27:47:cb:33:7e:37:2e:36:
93:93:dd:a1:63:58:61:99:7b:91:c7:97:46:ea:4d:58:42:44:
2c:c9:8e:4d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbUwnVOzxqoJn4/9V7BYeEUbEJHwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMjIwMDAwMDBaFw0yNDEyMjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhMGUzOTE3OWNiYmEzMTdhOTc3MjY3NGFhNmI2MzIzODdlYTlmYzkyNTRm
NWI5MTQ0ODliOWYyOGRmOGY4NGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI90KQeKo+oL2NI4UR0YKXiLKxk62iUENqQ9K42DH4V8AfF9w3+upp9fpGkP
kMbe4EwfAjxBuHY+mEAwqg9ASe+MM5jouJaxWII3emJDWgk57XefU97J4JV1h9iA
PaWCl4G7ZgnEs8N3WjH9mHec/KeetwbRJqfZ/9S9DLtTfi0hLCvtr9+16ur9SyB7
cuyFnU1PlRDcge24BxvZQ+13STaEUgZKyt0RqLv642R+YbExPixprNPTrlZ627kq
lyFF1+Jz2iNJoR+lirkyDsxsM9PzHi+dLjlmTMLSfek2TEOMX5nR2k3cgSKxZ9Ze
CdXpk9XA2Fbrgoulp05OWMz433sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTq0G78
ohdf6wpUH4LvNCjDbHYV4zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmRjOTNmMzgtNTg5Ni00YTc1LTg3Y2QtMDkxNDczNTQyY2I5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HYg
MA0GCSqGSIb3DQEBCwUAA4IBAQChEXTv9qeH+mwQicon33DLvV2VKA4744jO9LSj
HIv+g0W+YpedYj3k6FTVLMct1Rw7FKVAwFp42x7q1LkOdk0m5Wfewp/Uw4Z6m1Rg
RugwBqPe7WZjNKteSNc15rEidhzD7lAaRTiPVARevbaOsyZWbXSCtMPtHWTh2pOQ
eIl/SFJzJKapeNclO8nyDy6wsxgXtO9IqqgR5gcIa4IQGKXKC5Sd7Alf9ODSLky6
Huf6EMRcTrQc3tboo/Tj8EDdFx9bmRn4gen2SqHBsjmoDNDVxe1XAJHRxC4jVo5K
1gFlc6C4J0fLM343LjaTk92hY1hhmXuRx5dG6k1YQkQsyY5N
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:58:37 2024 by rpki-client on console-fra.rpki-client.org