Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3711d18e-8589-4699-9cf4-2646a99f3614.roa
File: 3711d18e-8589-4699-9cf4-2646a99f3614.roa (raw, json)
Hash identifier: QW9oOiuCalHfQ2SwrsFwY9HBUhyEX6VdIIqGCoyTCXo=
Subject key identifier: F2:4D:B2:30:AB:9D:63:E7:A8:E7:7B:73:D5:61:9F:ED:55:89:40:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68C472E295D96219E52A5BE565BFBBB30A8F0AB0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3711d18e-8589-4699-9cf4-2646a99f3614.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:c4:72:e2:95:d9:62:19:e5:2a:5b:e5:65:bf:bb:b3:0a:8f:0a:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=3406df2fb2b2dc9297b676f3a3ad4e4cdf28e97b6a32da692a1472c0dee83f0d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8e:b4:1d:49:7f:61:47:ca:98:97:22:11:d4:
e5:5d:17:66:29:d9:07:41:af:dc:c8:80:0a:af:86:
f6:ff:f4:08:aa:a9:f3:ed:da:b9:11:58:91:0b:3d:
1b:84:d9:d5:9d:3f:f7:c3:f7:58:ec:ae:67:dd:60:
95:6e:5e:51:cd:53:7a:a6:70:cc:f0:72:d7:5e:df:
52:eb:14:a2:c7:03:de:fb:5e:dc:03:66:5f:4c:85:
47:dd:38:92:a0:1e:fe:ff:6d:c2:6f:b3:d9:80:3d:
a5:8e:e3:4b:c9:34:7f:26:0f:77:87:35:e1:39:79:
7a:d3:fc:ea:04:8e:9f:b1:1e:35:9c:73:42:e3:ee:
4c:34:49:4a:4d:94:88:30:35:d8:c0:31:c7:0b:cb:
9a:40:37:cd:ed:00:b0:5e:a8:88:6d:23:90:81:fe:
92:8e:83:44:cf:5b:72:1e:84:3f:0d:31:4b:73:16:
57:78:d1:62:9e:91:97:42:eb:0b:4d:92:22:6d:6d:
6a:e1:a3:45:d5:07:0e:96:49:29:33:28:77:02:70:
20:74:3a:94:57:cf:0f:c2:87:f9:39:04:28:3d:5a:
f3:37:a1:22:8d:8d:c1:91:22:07:39:6a:cb:0b:eb:
e5:47:5e:5a:9c:71:81:d0:51:3f:1e:79:ad:c1:1e:
db:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:4D:B2:30:AB:9D:63:E7:A8:E7:7B:73:D5:61:9F:ED:55:89:40:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3711d18e-8589-4699-9cf4-2646a99f3614.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4000::/40
Signature Algorithm: sha256WithRSAEncryption
4d:69:ea:89:23:b3:84:c6:af:76:06:9e:5b:16:f1:00:d7:49:
57:b6:fb:a3:8b:45:5a:e7:f3:2a:30:0a:ef:4b:2b:07:51:fa:
59:d6:f2:b5:f1:83:48:fc:d5:8d:30:01:81:4b:b0:98:49:67:
5d:fd:1e:b7:46:08:02:5b:9b:9e:8d:96:7b:09:c0:46:8a:72:
72:58:40:68:87:06:f8:90:ce:e3:56:f5:5b:08:e3:b5:86:47:
e1:66:4e:e7:ab:f6:17:af:86:89:cd:8a:5c:5e:bc:21:5e:dd:
67:5a:4e:be:46:c6:ca:f7:68:71:76:d2:4f:31:f0:c4:ad:11:
f0:4d:8b:74:da:05:32:42:cd:ea:19:3e:d5:6b:a3:05:69:be:
48:43:fc:85:ea:f4:db:0e:e2:3c:49:0d:6f:6d:28:50:50:12:
75:b5:6b:82:f6:e5:3a:d4:28:cf:26:9b:93:f7:d1:8b:3d:80:
0b:20:2d:da:9b:a4:fe:d9:c1:d2:a0:2c:4e:bd:c5:30:6b:7f:
ca:73:8b:c1:74:0f:a7:6b:e0:fc:30:e7:4e:4a:22:2e:c1:34:
67:a5:ec:87:51:b5:79:44:50:cd:00:12:09:e0:f6:90:42:8f:
65:d0:d2:d8:e4:88:1a:3c:7d:84:30:17:d8:8b:0b:c0:16:6b:
b8:dd:54:05
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaMRy4pXZYhnlKlvlZb+7swqPCrAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0MDZkZjJmYjJiMmRjOTI5N2I2NzZmM2EzYWQ0ZTRjZGYyOGU5N2I2YTMy
ZGE2OTJhMTQ3MmMwZGVlODNmMGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWOtB1Jf2FHypiXIhHU5V0XZinZB0Gv3MiACq+G9v/0CKqp8+3auRFYkQs9
G4TZ1Z0/98P3WOyuZ91glW5eUc1TeqZwzPBy117fUusUoscD3vte3ANmX0yFR904
kqAe/v9twm+z2YA9pY7jS8k0fyYPd4c14Tl5etP86gSOn7EeNZxzQuPuTDRJSk2U
iDA12MAxxwvLmkA3ze0AsF6oiG0jkIH+ko6DRM9bch6EPw0xS3MWV3jRYp6Rl0Lr
C02SIm1tauGjRdUHDpZJKTModwJwIHQ6lFfPD8KH+TkEKD1a8zehIo2NwZEiBzlq
ywvr5UdeWpxxgdBRPx55rcEe28ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTyTbIw
q51j56jne3PVYZ/tVYlAeTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzcxMWQxOGUtODU4OS00Njk5LTljZjQtMjY0NmE5OWYzNjE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9A
MA0GCSqGSIb3DQEBCwUAA4IBAQBNaeqJI7OExq92Bp5bFvEA10lXtvuji0Va5/Mq
MArvSysHUfpZ1vK18YNI/NWNMAGBS7CYSWdd/R63RggCW5uejZZ7CcBGinJyWEBo
hwb4kM7jVvVbCOO1hkfhZk7nq/YXr4aJzYpcXrwhXt1nWk6+RsbK92hxdtJPMfDE
rRHwTYt02gUyQs3qGT7Va6MFab5IQ/yF6vTbDuI8SQ1vbShQUBJ1tWuC9uU61CjP
JpuT99GLPYALIC3am6T+2cHSoCxOvcUwa3/Kc4vBdA+na+D8MOdOSiIuwTRnpeyH
UbV5RFDNABIJ4PaQQo9l0NLY5IgaPH2EMBfYiwvAFmu43VQF
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:44 2024 by rpki-client on console-ams.rpki-client.org