Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e8ff46f-71d1-4144-ae66-7a9b70606834.roa
File: 2e8ff46f-71d1-4144-ae66-7a9b70606834.roa (raw, json)
Hash identifier: cgn6/LN0OLQXmwtAuVvXp580PIjPKIQP38oHZ8zC/eU=
Subject key identifier: 4D:D3:07:78:0B:90:FE:4B:4C:70:06:E4:F2:93:CE:D7:48:89:1F:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45A9D33014A8ED8530AC2F16F26FE9F2A88AD6A1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e8ff46f-71d1-4144-ae66-7a9b70606834.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 08:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:a9:d3:30:14:a8:ed:85:30:ac:2f:16:f2:6f:e9:f2:a8:8a:d6:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=de1d921e38ff1fe5fb6bb85e65a82ff8777cf3cb733062ed72d0ac7a9bdd0735, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a4:f4:36:6c:c9:37:ba:5f:41:7b:54:19:65:
bd:cf:53:b6:f6:ae:8d:e1:6c:a2:33:4e:18:54:0f:
b5:82:06:f8:15:a5:a4:97:c5:c8:ea:08:5e:c0:cb:
39:17:13:13:97:a1:d4:38:0a:82:91:3e:3f:69:8f:
ca:ea:7b:a4:fc:00:f9:3e:bb:3d:cf:d6:b0:e9:c9:
04:ed:be:aa:99:23:34:27:dc:35:39:14:2e:f6:53:
ca:df:21:4c:55:9e:b7:cc:22:06:8e:f8:7f:bd:8a:
ac:b4:c0:14:94:05:37:20:eb:fe:6c:0b:0c:da:61:
d5:b7:c5:15:1d:d8:4c:ab:01:5e:32:fd:fc:be:52:
b8:3d:66:35:16:08:54:c0:ee:ec:ee:12:cb:7e:7f:
2d:a7:8a:1e:8e:c2:15:21:a1:e7:e0:d6:63:0f:7b:
60:00:63:2d:ab:a2:ba:b7:81:70:73:c5:19:a2:12:
6d:5d:8c:07:d6:eb:1a:8f:9e:a4:0d:cd:5b:b5:a9:
5f:ec:0b:f1:54:e2:5c:c8:e9:55:94:5c:7b:ac:5a:
35:40:6f:1a:99:c6:a3:bf:cc:51:b4:35:a0:60:77:
95:6a:b1:68:b0:6b:92:9b:67:f9:d9:30:1e:88:8b:
57:77:01:a4:ba:22:e5:62:42:7a:52:61:a3:3c:34:
24:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:D3:07:78:0B:90:FE:4B:4C:70:06:E4:F2:93:CE:D7:48:89:1F:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e8ff46f-71d1-4144-ae66-7a9b70606834.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:9000::/40
Signature Algorithm: sha256WithRSAEncryption
c5:45:2b:df:48:f6:54:c1:53:2e:79:83:91:b4:55:3c:1c:4f:
ea:3c:5f:fe:4a:93:a7:47:1a:88:96:6c:04:61:d4:21:fc:92:
4a:d4:12:83:d9:e7:30:d3:87:26:fb:ed:a8:cc:03:fc:16:a9:
ce:e4:b3:21:c7:10:54:4f:50:e1:50:27:2f:f0:ed:f0:6b:35:
d2:33:2a:f6:59:01:e1:3a:80:33:e0:57:ca:87:60:d7:e5:00:
9d:f7:00:e0:a0:18:26:f4:a2:18:2a:f5:b0:7a:f1:62:b0:52:
62:1a:ca:70:1b:76:7f:50:47:84:d5:6a:4d:87:70:3f:45:1b:
6b:58:86:ce:47:2e:d0:ce:e0:ec:41:50:66:b3:9f:b7:52:6a:
16:23:64:87:e7:ae:ef:80:f8:4c:fd:58:79:fe:86:d7:ed:52:
b2:8f:fd:6a:0d:8f:2f:26:d1:ab:5f:05:36:fc:32:bc:4d:98:
a2:ae:78:8f:a5:0e:e1:55:4f:a3:c1:08:ca:7b:b7:17:10:cd:
d3:f3:4a:c5:d6:e6:ec:53:02:2b:08:f2:d0:b9:12:28:27:5d:
b0:31:77:87:04:5e:a1:65:29:b7:9b:99:04:0a:b5:79:ce:76:
f5:4d:36:46:75:1b:12:f1:c6:39:6b:87:95:1a:2a:e2:dc:4a:
07:5f:8d:09
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURanTMBSo7YUwrC8W8m/p8qiK1qEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlMWQ5MjFlMzhmZjFmZTVmYjZiYjg1ZTY1YTgyZmY4Nzc3Y2YzY2I3MzMw
NjJlZDcyZDBhYzdhOWJkZDA3MzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALak9DZsyTe6X0F7VBllvc9TtvaujeFsojNOGFQPtYIG+BWlpJfFyOoIXsDL
ORcTE5eh1DgKgpE+P2mPyup7pPwA+T67Pc/WsOnJBO2+qpkjNCfcNTkULvZTyt8h
TFWet8wiBo74f72KrLTAFJQFNyDr/mwLDNph1bfFFR3YTKsBXjL9/L5SuD1mNRYI
VMDu7O4Sy35/LaeKHo7CFSGh5+DWYw97YABjLauiureBcHPFGaISbV2MB9brGo+e
pA3NW7WpX+wL8VTiXMjpVZRce6xaNUBvGpnGo7/MUbQ1oGB3lWqxaLBrkptn+dkw
HoiLV3cBpLoi5WJCelJhozw0JHsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRN0wd4
C5D+S0xwBuTyk87XSIkfxDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmU4ZmY0NmYtNzFkMS00MTQ0LWFlNjYtN2E5YjcwNjA2ODM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDFRSvfSPZUwVMueYORtFU8HE/qPF/+SpOnRxqI
lmwEYdQh/JJK1BKD2ecw04cm++2ozAP8FqnO5LMhxxBUT1DhUCcv8O3wazXSMyr2
WQHhOoAz4FfKh2DX5QCd9wDgoBgm9KIYKvWwevFisFJiGspwG3Z/UEeE1WpNh3A/
RRtrWIbORy7QzuDsQVBms5+3UmoWI2SH567vgPhM/Vh5/obX7VKyj/1qDY8vJtGr
XwU2/DK8TZiirniPpQ7hVU+jwQjKe7cXEM3T80rF1ubsUwIrCPLQuRIoJ12wMXeH
BF6hZSm3m5kECrV5znb1TTZGdRsS8cY5a4eVGiri3EoHX40J
-----END CERTIFICATE-----
Generated at Fri Apr 26 13:36:03 2024 by rpki-client on console-ams.rpki-client.org