Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa
File: 33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa (raw, json)
Hash identifier: sP5gHsZ8cFhxDln1OAhkD5cOJuxbk0JWAVorEZnFn0Y=
Subject key identifier: C2:EA:53:B1:9D:E9:84:18:2D:D4:EB:C3:34:B5:5E:C8:B3:35:78:C7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3DCEC3CFA1B686E85CF127E3EE0E2358D67FE97A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:ce:c3:cf:a1:b6:86:e8:5c:f1:27:e3:ee:0e:23:58:d6:7f:e9:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=eb05ae1c6a5b93e30962611fa5c5f71bf65624bfe1d8e0510c197235227210fc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2a:60:ea:5a:35:06:6d:f3:d0:53:da:19:b9:
6a:de:29:7b:fb:f1:c7:f2:c3:e5:cf:4d:9a:35:a2:
2a:c2:be:05:f9:6d:ee:46:97:6f:b5:00:1e:5a:9c:
79:3f:0f:df:6b:68:5e:80:fc:32:a3:c4:ec:e1:c0:
5f:c5:33:90:ee:21:2b:fd:66:c2:f5:2f:53:7a:22:
56:bd:3b:7a:4b:60:83:58:71:ca:5f:03:da:d8:9e:
06:3e:bc:75:bc:21:ac:c4:ca:76:c9:a1:71:65:6a:
e8:18:5f:d1:54:5f:82:98:bf:44:6e:d1:64:59:fa:
a2:23:f7:3d:3a:7c:98:59:26:82:e3:9d:0b:8a:42:
a3:df:b8:04:38:b9:7c:09:4e:32:cc:24:b5:4c:f4:
c7:60:2a:a4:cd:d9:d0:08:4d:07:ef:15:f1:15:54:
a6:08:15:c3:75:e1:59:ca:4d:22:ae:7d:98:53:16:
84:b2:88:c8:82:9b:ba:cd:e6:68:1d:43:1b:47:6a:
36:a3:eb:73:ce:5c:bd:47:bf:eb:b8:65:26:e6:3c:
66:f0:60:87:34:14:e9:05:e5:f5:8a:d2:2b:45:28:
a9:6a:3f:90:a4:ab:f1:3b:01:0d:13:d6:5b:73:14:
26:60:0b:74:97:48:2a:3e:99:04:78:00:36:95:f2:
f1:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:EA:53:B1:9D:E9:84:18:2D:D4:EB:C3:34:B5:5E:C8:B3:35:78:C7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:6000::/40
Signature Algorithm: sha256WithRSAEncryption
b3:fb:0a:95:c6:7e:32:9f:42:00:44:6f:0f:93:45:d9:42:02:
b8:51:1c:60:67:eb:8c:c8:41:21:d8:fe:11:8e:87:bd:d3:6b:
16:93:cf:3c:62:57:7e:33:22:ef:87:4d:47:b8:f4:7d:d2:f5:
db:7a:64:c5:59:41:af:b6:0e:da:73:6d:4e:5b:b2:12:0a:0c:
6c:2a:e0:ae:21:da:d4:95:ab:b4:5e:7d:3f:f5:cf:b4:fd:ca:
a1:68:7d:59:19:19:96:3c:9a:41:84:0c:ee:f2:67:5b:09:56:
29:23:9c:9e:1d:ca:03:c8:f1:c9:ce:7a:33:54:de:50:63:4b:
80:f3:bb:36:9b:83:09:f6:5f:6f:78:e5:c5:c7:5a:d5:04:79:
a7:64:81:6d:59:15:17:72:b7:bc:0c:70:d2:cc:15:2f:5a:21:
22:de:54:40:13:16:92:80:0b:0c:fe:f1:54:a0:22:f3:59:88:
f5:56:39:92:ee:6c:13:46:a0:d1:85:b0:65:26:f9:62:37:7e:
60:ff:3e:37:79:af:72:c8:3c:8a:02:79:75:32:f6:76:a5:c0:
a4:97:22:2d:bf:25:4b:32:f4:b5:f9:45:bd:6f:66:6b:e7:14:
de:1a:9c:4b:a4:1c:d9:fd:4d:06:62:a8:fa:9a:d6:d9:f6:41:
54:a5:db:34
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPc7Dz6G2huhc8Sfj7g4jWNZ/6XowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGViMDVhZTFjNmE1YjkzZTMwOTYyNjExZmE1YzVmNzFiZjY1NjI0YmZlMWQ4
ZTA1MTBjMTk3MjM1MjI3MjEwZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANMqYOpaNQZt89BT2hm5at4pe/vxx/LD5c9NmjWiKsK+Bflt7kaXb7UAHlqc
eT8P32toXoD8MqPE7OHAX8UzkO4hK/1mwvUvU3oiVr07ektgg1hxyl8D2tieBj68
dbwhrMTKdsmhcWVq6Bhf0VRfgpi/RG7RZFn6oiP3PTp8mFkmguOdC4pCo9+4BDi5
fAlOMswktUz0x2AqpM3Z0AhNB+8V8RVUpggVw3XhWcpNIq59mFMWhLKIyIKbus3m
aB1DG0dqNqPrc85cvUe/67hlJuY8ZvBghzQU6QXl9YrSK0UoqWo/kKSr8TsBDRPW
W3MUJmALdJdIKj6ZBHgANpXy8ccCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTC6lOx
nemEGC3U68M0tV7IszV4xzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzNmNDQyZTEtNzY2ZS00NjFkLWEzYjktMmIwZmQwMWIwOGNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hhg
MA0GCSqGSIb3DQEBCwUAA4IBAQCz+wqVxn4yn0IARG8Pk0XZQgK4URxgZ+uMyEEh
2P4Rjoe902sWk888Yld+MyLvh01HuPR90vXbemTFWUGvtg7ac21OW7ISCgxsKuCu
IdrUlau0Xn0/9c+0/cqhaH1ZGRmWPJpBhAzu8mdbCVYpI5yeHcoDyPHJznozVN5Q
Y0uA87s2m4MJ9l9veOXFx1rVBHmnZIFtWRUXcre8DHDSzBUvWiEi3lRAExaSgAsM
/vFUoCLzWYj1VjmS7mwTRqDRhbBlJvliN35g/z43ea9yyDyKAnl1MvZ2pcCklyIt
vyVLMvS1+UW9b2Zr5xTeGpxLpBzZ/U0GYqj6mtbZ9kFUpds0
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:27 2024 by rpki-client on console-ams.rpki-client.org