Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ff17242-6969-405d-8fb0-659ea027b7bd.roa
File: 2ff17242-6969-405d-8fb0-659ea027b7bd.roa (raw, json)
Hash identifier: tfaUPRWh12TtNP+expPJt0HS4AlK9pxh9K6LnhaHTEQ=
Subject key identifier: B8:A7:67:AE:E4:D5:63:6E:FE:09:B9:C1:C2:F6:2F:B5:FF:E3:1B:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7900F927676ECA6F940F84AD30DB855282994A2E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ff17242-6969-405d-8fb0-659ea027b7bd.roa
Signing time: Fri 22 Nov 2024 00:00:00 +0000
ROA not before: Fri 22 Nov 2024 00:00:00 +0000
ROA not after: Fri 27 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:00:f9:27:67:6e:ca:6f:94:0f:84:ad:30:db:85:52:82:99:4a:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 22 00:00:00 2024 GMT
Not After : Dec 27 23:59:59 2024 GMT
Subject: serialNumber=38af190afa7ca9a8726f810919e7c5bafe8745649c29d431b59c896cd8cc4cb1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ea:91:0a:29:4e:6f:dc:e7:80:77:6e:c2:10:
91:cf:01:9a:f5:f0:7a:52:87:10:0a:a3:e1:f0:20:
c0:c1:f5:dc:5e:75:81:7c:78:1a:a5:aa:15:a1:36:
1b:33:9c:f6:14:04:e7:91:b2:67:25:ec:81:21:b9:
e1:0e:15:76:4d:06:71:5a:b1:85:26:0f:e2:1e:e9:
cf:a4:b8:18:aa:a3:36:2e:2e:91:3e:06:dd:32:88:
ae:c2:73:63:62:16:ab:b1:ce:d7:39:4e:19:66:9d:
ff:00:a6:76:01:c0:6c:a8:0d:25:04:44:c2:5b:05:
cb:4a:63:84:7d:6f:77:e7:99:4f:6b:f2:91:62:0b:
40:e4:b8:da:19:56:e7:43:bb:f1:5a:0f:62:cf:75:
64:1d:0d:f9:d5:0b:18:cd:20:63:39:84:e3:05:85:
5b:5f:f0:86:31:26:ce:8f:e9:e5:9c:ab:7a:00:35:
ef:78:3f:88:05:99:6e:0d:92:19:8e:2f:9a:31:c1:
e0:3e:87:9d:7b:50:a1:67:27:03:8f:12:8f:b9:03:
5c:e0:bc:1d:bb:ea:87:a5:3e:64:94:09:1e:ee:6a:
21:92:ac:99:1c:2b:54:e0:76:83:ff:38:7b:25:45:
2b:c2:70:dd:d1:de:6e:e7:fa:74:17:f9:bb:1e:91:
a0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A7:67:AE:E4:D5:63:6E:FE:09:B9:C1:C2:F6:2F:B5:FF:E3:1B:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ff17242-6969-405d-8fb0-659ea027b7bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:8000::/40
Signature Algorithm: sha256WithRSAEncryption
5f:11:84:45:ea:e9:64:de:ae:eb:ce:82:73:47:3c:fa:54:74:
9b:1f:8d:9b:5f:9d:b0:ff:ae:12:f7:09:d8:e2:cb:49:f8:56:
38:7e:34:f5:ff:33:de:e0:de:70:f7:06:37:83:61:82:c7:d7:
64:5d:04:80:9f:6e:ca:e7:dd:ee:1d:99:4e:8c:3b:59:c6:e7:
b6:89:93:6b:cd:47:08:bc:32:f6:f7:33:14:05:63:a3:01:e9:
65:22:e7:b5:8d:1f:3b:9b:e6:95:17:c8:f7:de:5d:5a:70:e2:
47:05:b7:bf:4d:4f:cf:39:aa:ea:04:d2:52:d1:5a:0a:13:95:
51:7d:59:77:6d:1a:58:8c:c6:81:8b:38:ac:63:9f:4a:91:90:
97:ee:8e:51:b6:58:9e:e8:1f:6f:d9:e4:da:be:7e:bc:de:78:
96:d9:36:26:aa:80:80:58:de:d1:e9:e7:15:c8:0c:54:e8:bb:
a4:91:8c:fa:92:10:5d:19:7f:1d:66:4e:9e:f9:74:27:35:d0:
69:e4:f8:9c:0a:31:b8:54:8c:c6:6b:82:0c:c0:05:c3:d5:30:
43:2b:f9:14:37:d0:ba:8f:1f:b3:29:ce:bb:94:1f:b6:26:98:
cb:57:54:05:49:67:2f:af:3b:72:96:2b:ab:d6:df:ea:fb:80:
bd:98:1c:5c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeQD5J2duym+UD4StMNuFUoKZSi4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMjIwMDAwMDBaFw0yNDEyMjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4YWYxOTBhZmE3Y2E5YTg3MjZmODEwOTE5ZTdjNWJhZmU4NzQ1NjQ5YzI5
ZDQzMWI1OWM4OTZjZDhjYzRjYjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMTqkQopTm/c54B3bsIQkc8BmvXwelKHEAqj4fAgwMH13F51gXx4GqWqFaE2
GzOc9hQE55GyZyXsgSG54Q4Vdk0GcVqxhSYP4h7pz6S4GKqjNi4ukT4G3TKIrsJz
Y2IWq7HO1zlOGWad/wCmdgHAbKgNJQREwlsFy0pjhH1vd+eZT2vykWILQOS42hlW
50O78VoPYs91ZB0N+dULGM0gYzmE4wWFW1/whjEmzo/p5ZyregA173g/iAWZbg2S
GY4vmjHB4D6HnXtQoWcnA48Sj7kDXOC8Hbvqh6U+ZJQJHu5qIZKsmRwrVOB2g/84
eyVFK8Jw3dHebuf6dBf5ux6RoGECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS4p2eu
5NVjbv4JucHC9i+1/+MbWTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmZmMTcyNDItNjk2OS00MDVkLThmYjAtNjU5ZWEwMjdiN2JkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSA
MA0GCSqGSIb3DQEBCwUAA4IBAQBfEYRF6ulk3q7rzoJzRzz6VHSbH42bX52w/64S
9wnY4stJ+FY4fjT1/zPe4N5w9wY3g2GCx9dkXQSAn27K593uHZlOjDtZxue2iZNr
zUcIvDL29zMUBWOjAellIue1jR87m+aVF8j33l1acOJHBbe/TU/POarqBNJS0VoK
E5VRfVl3bRpYjMaBizisY59KkZCX7o5Rtlie6B9v2eTavn683niW2TYmqoCAWN7R
6ecVyAxU6LukkYz6khBdGX8dZk6e+XQnNdBp5PicCjG4VIzGa4IMwAXD1TBDK/kU
N9C6jx+zKc67lB+2JpjLV1QFSWcvrztyliur1t/q+4C9mBxc
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:58:38 2024 by rpki-client on console-fra.rpki-client.org