Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/376be0fe-aebc-4855-80a4-ea95cf413b51.roa
File: 376be0fe-aebc-4855-80a4-ea95cf413b51.roa (raw, json)
Hash identifier: fUx4vMoZvn794lrUdcF8ZLKOe7OUDPxtK152oNa56dQ=
Subject key identifier: 76:B7:03:A9:F6:46:44:1F:51:B7:4F:99:7F:89:D3:27:DE:F6:A4:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 246305E48B7BE0BB67F01F810AB94B0626C6F0D7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/376be0fe-aebc-4855-80a4-ea95cf413b51.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:63:05:e4:8b:7b:e0:bb:67:f0:1f:81:0a:b9:4b:06:26:c6:f0:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=8d4c3d08a0430df5e0b873d673b98086e2ec6260de157b58c85edea358209168, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:6c:43:2b:85:39:26:89:32:45:fa:42:f5:f4:
63:d3:20:86:b5:bc:ca:1e:60:8a:35:5b:cb:00:73:
5b:e1:1a:5e:bc:39:3f:16:0b:0d:d7:f7:b0:1c:95:
9a:0f:75:97:0d:05:2f:9f:d3:42:86:f3:bd:9b:4f:
ba:e8:17:e0:04:c8:b9:af:9a:9b:72:e4:d6:f5:8b:
32:fd:1c:70:f5:4c:1f:e4:c1:1b:76:58:72:68:84:
31:c3:1e:f2:9d:a8:fc:0b:a7:db:b7:19:96:02:2b:
cd:f0:c6:a6:6e:15:61:45:88:f8:57:3b:06:09:f3:
f5:46:64:f0:76:a4:c8:68:99:67:52:69:f7:9e:4e:
e9:3f:e4:db:5a:5d:e3:74:d8:c9:b5:aa:f5:67:ca:
67:d3:59:70:b8:24:74:c7:4b:ca:07:5d:8d:c5:1a:
d9:69:ba:2a:43:0e:3d:e3:f7:35:1e:21:64:3a:89:
9e:9d:c6:86:7e:49:5a:f7:d2:31:36:90:4d:f8:7d:
50:14:a0:6c:21:4f:33:bb:fb:1d:f4:33:7b:13:ae:
5e:8b:2b:a1:d6:35:c6:cb:1e:9d:a6:10:31:33:ce:
60:38:1f:b6:7a:00:d0:bb:70:82:d9:55:35:69:11:
1d:87:b3:5b:ed:8e:30:28:d3:09:1e:68:89:e9:ca:
86:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B7:03:A9:F6:46:44:1F:51:B7:4F:99:7F:89:D3:27:DE:F6:A4:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/376be0fe-aebc-4855-80a4-ea95cf413b51.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:5000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:34:24:58:7c:2c:e8:79:17:a2:36:3f:c2:68:9c:6d:65:2d:
6d:ab:19:70:9f:70:25:15:c0:17:35:ec:60:c3:2d:61:f0:3f:
4d:e5:12:ba:6f:64:56:d2:37:94:96:71:42:69:ce:ae:39:de:
6c:6e:39:d8:99:6e:ca:ef:28:c9:f7:b9:53:00:64:e7:6e:a9:
c6:ea:80:63:a4:46:8a:35:43:38:42:7f:e8:d4:50:55:b5:9e:
0e:83:14:d3:75:ff:fb:47:dc:b0:3e:88:77:eb:f7:96:f8:85:
54:e5:99:8a:cd:78:9e:c7:39:d9:cd:20:67:a3:49:7e:28:34:
c0:cf:6d:64:ff:d0:6a:fc:4e:12:a0:6f:61:df:ee:83:4f:39:
5d:49:ed:90:1c:6c:d4:34:77:12:ba:5a:8d:ca:96:05:0a:72:
0d:62:61:d8:21:02:98:48:3e:75:0c:42:43:dc:b5:a5:ff:d5:
8a:02:45:95:8a:93:24:8b:0d:25:3c:df:b1:1b:47:78:d9:4e:
26:a3:b2:78:ed:d3:98:28:ff:bf:cb:23:99:a7:e4:6e:83:fc:
7f:72:02:25:81:f3:75:64:d9:a1:e6:e3:61:c4:b3:d2:f1:9b:
0d:d0:15:6f:d3:58:5c:53:08:93:67:5d:bb:72:4f:78:cc:5f:
c4:20:eb:5f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJGMF5It74Ltn8B+BCrlLBibG8NcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkNGMzZDA4YTA0MzBkZjVlMGI4NzNkNjczYjk4MDg2ZTJlYzYyNjBkZTE1
N2I1OGM4NWVkZWEzNTgyMDkxNjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOBsQyuFOSaJMkX6QvX0Y9MghrW8yh5gijVbywBzW+EaXrw5PxYLDdf3sByV
mg91lw0FL5/TQobzvZtPuugX4ATIua+am3Lk1vWLMv0ccPVMH+TBG3ZYcmiEMcMe
8p2o/Aun27cZlgIrzfDGpm4VYUWI+Fc7Bgnz9UZk8HakyGiZZ1Jp955O6T/k21pd
43TYybWq9WfKZ9NZcLgkdMdLygddjcUa2Wm6KkMOPeP3NR4hZDqJnp3Ghn5JWvfS
MTaQTfh9UBSgbCFPM7v7HfQzexOuXosrodY1xssenaYQMTPOYDgftnoA0LtwgtlV
NWkRHYezW+2OMCjTCR5oienKhkUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR2twOp
9kZEH1G3T5l/idMn3vak3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mzc2YmUwZmUtYWViYy00ODU1LTgwYTQtZWE5NWNmNDEzYjUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDBNCRYfCzoeReiNj/CaJxtZS1tqxlwn3AlFcAX
Nexgwy1h8D9N5RK6b2RW0jeUlnFCac6uOd5sbjnYmW7K7yjJ97lTAGTnbqnG6oBj
pEaKNUM4Qn/o1FBVtZ4OgxTTdf/7R9ywPoh36/eW+IVU5ZmKzXiexznZzSBno0l+
KDTAz21k/9Bq/E4SoG9h3+6DTzldSe2QHGzUNHcSulqNypYFCnINYmHYIQKYSD51
DEJD3LWl/9WKAkWVipMkiw0lPN+xG0d42U4mo7J47dOYKP+/yyOZp+Rug/x/cgIl
gfN1ZNmh5uNhxLPS8ZsN0BVv01hcUwiTZ127ck94zF/EIOtf
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:31 2024 by rpki-client on console-fra.rpki-client.org