Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
File: 2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa (raw, json)
Hash identifier: NjDCgU73a3rBW2iQiff41fs7NPwPCCHTS91Kr9dwZT0=
Subject key identifier: 7E:4A:24:BB:66:1F:A4:54:56:DB:AB:30:BE:44:45:AB:97:0E:7C:72
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2E8FD052B8656F116FA17623FE3BB68F86DF0590
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:8f:d0:52:b8:65:6f:11:6f:a1:76:23:fe:3b:b6:8f:86:df:05:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=9be77b3dc7e9b17a1ca38434cfa53c4e6798913008d4ea686f6d59e8672f6b20, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fa:66:fd:eb:7a:39:4f:72:80:b8:1a:3c:1e:
23:5d:a0:80:0a:80:0c:65:40:bf:07:b5:6a:5c:2e:
18:82:75:9c:7b:02:25:a9:f4:54:eb:b9:1f:00:c6:
b3:5d:bb:55:50:1d:44:79:de:c4:e9:5f:8e:67:85:
2d:26:76:29:ab:10:35:59:55:ea:b7:ac:ad:6b:60:
cc:89:ac:15:87:f3:da:c5:7f:2c:2b:1e:d6:dd:06:
fa:e5:92:61:35:9a:f8:8a:a1:70:1e:cb:90:31:36:
5c:e2:44:20:ed:41:2f:1f:fd:6f:8a:9b:0d:3f:af:
89:47:3e:a9:47:bf:fe:07:cc:3f:8e:7d:7b:c5:7c:
01:d5:47:13:39:ee:3d:f4:1f:f9:70:6f:f5:3e:b2:
3a:c8:e0:85:d2:60:96:dd:03:a6:83:e1:01:7c:42:
21:12:00:6a:64:0e:11:6a:0e:3a:97:3c:90:02:d5:
56:f9:35:42:39:47:88:de:7a:21:09:70:38:6e:26:
21:8f:14:93:28:54:16:19:7c:d6:51:21:0f:28:d1:
cf:d8:f0:62:13:a5:b2:67:48:d5:04:84:4d:a2:ad:
9c:3f:19:49:86:07:b5:6f:6c:15:b5:0c:62:0b:68:
b9:f1:ee:fd:b7:e6:fc:db:b4:17:2e:57:3c:df:e8:
c0:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:4A:24:BB:66:1F:A4:54:56:DB:AB:30:BE:44:45:AB:97:0E:7C:72
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:9000::/40
Signature Algorithm: sha256WithRSAEncryption
ac:22:84:e8:17:08:7c:8c:7e:57:e0:0b:94:37:4e:9e:b1:84:
77:a9:57:59:f6:d1:ba:4c:ef:ee:58:fd:9a:9e:cd:7e:41:3a:
10:51:2d:2c:1c:df:db:cd:f5:01:99:0b:cc:43:ad:d9:29:ed:
4d:fe:45:4f:72:2e:cf:5b:5e:89:c8:03:54:51:65:6c:b0:60:
c6:5a:62:b6:32:a7:e4:c4:5c:80:03:bf:f9:14:45:38:86:01:
12:2b:4c:40:b0:bd:b5:41:39:b7:fd:b1:cd:ea:35:6a:c4:03:
d6:80:9a:a3:b0:19:a2:73:62:59:6b:b9:c5:5c:f7:09:15:11:
d3:89:81:41:56:af:b4:db:d9:86:e6:b0:b0:2d:55:13:a3:2c:
1a:71:e4:62:d3:7c:da:7f:45:4e:64:37:03:9f:8c:a1:b8:a0:
a5:89:aa:d3:18:b0:a3:a6:8b:a7:79:28:94:dc:bf:50:99:d7:
18:65:19:27:50:ea:78:ec:de:f8:83:7f:19:4a:81:88:4c:6a:
a9:68:fa:c1:0e:d2:36:98:26:4f:af:9f:cb:b5:5f:26:98:74:
07:e3:a1:cf:02:c8:b1:17:e6:26:e8:29:f7:4e:64:3f:18:c7:
53:e5:2e:18:a6:6d:b1:f4:12:d1:4a:40:83:59:5c:10:43:95:
d6:d0:42:54
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULo/QUrhlbxFvoXYj/ju2j4bfBZAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDliZTc3YjNkYzdlOWIxN2ExY2EzODQzNGNmYTUzYzRlNjc5ODkxMzAwOGQ0
ZWE2ODZmNmQ1OWU4NjcyZjZiMjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKj6Zv3rejlPcoC4GjweI12ggAqADGVAvwe1alwuGIJ1nHsCJan0VOu5HwDG
s127VVAdRHnexOlfjmeFLSZ2KasQNVlV6resrWtgzImsFYfz2sV/LCse1t0G+uWS
YTWa+IqhcB7LkDE2XOJEIO1BLx/9b4qbDT+viUc+qUe//gfMP459e8V8AdVHEznu
PfQf+XBv9T6yOsjghdJglt0DpoPhAXxCIRIAamQOEWoOOpc8kALVVvk1QjlHiN56
IQlwOG4mIY8UkyhUFhl81lEhDyjRz9jwYhOlsmdI1QSETaKtnD8ZSYYHtW9sFbUM
YgtoufHu/bfm/Nu0Fy5XPN/owLMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR+SiS7
Zh+kVFbbqzC+REWrlw58cjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmRmYjIwMmYtNjIwMi00OGRhLWEzYjMtOTRmMWFjMDAwYmM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCsIoToFwh8jH5X4AuUN06esYR3qVdZ9tG6TO/u
WP2ans1+QToQUS0sHN/bzfUBmQvMQ63ZKe1N/kVPci7PW16JyANUUWVssGDGWmK2
MqfkxFyAA7/5FEU4hgESK0xAsL21QTm3/bHN6jVqxAPWgJqjsBmic2JZa7nFXPcJ
FRHTiYFBVq+029mG5rCwLVUToywaceRi03zaf0VOZDcDn4yhuKCliarTGLCjpoun
eSiU3L9QmdcYZRknUOp47N74g38ZSoGITGqpaPrBDtI2mCZPr5/LtV8mmHQH46HP
AsixF+Ym6Cn3TmQ/GMdT5S4Ypm2x9BLRSkCDWVwQQ5XW0EJU
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:58:37 2024 by rpki-client on console-fra.rpki-client.org