Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa
File: 38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa (raw, json)
Hash identifier: eE1lV6K5GP3fDZakEp6YopSc6WBCXconeLwB5Z3m7AU=
Subject key identifier: C8:F8:9F:76:F9:55:66:98:C5:AB:C3:D5:8C:7A:81:24:55:A9:94:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7BB127C09FD419724DD148148B2E87D4EA76178D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:b1:27:c0:9f:d4:19:72:4d:d1:48:14:8b:2e:87:d4:ea:76:17:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=d6e223594c7bae870a21ce5bc6743141786861aa50e01d9b5d00fc4010444df4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5c:05:06:9c:01:8d:18:2e:d7:18:2b:1e:9c:
51:6c:aa:14:e0:f7:f6:cb:e6:b6:77:db:b3:af:01:
fe:a9:b2:d0:a3:d0:29:a0:ad:82:8b:0f:96:52:ba:
22:b3:9a:cc:b8:27:65:c6:56:3f:f7:00:5a:45:64:
1d:88:31:4e:c1:67:9c:89:77:3b:50:63:c7:24:88:
26:42:c5:69:55:37:fa:c2:72:ad:97:69:d9:90:f3:
38:3e:1d:46:9f:40:71:00:57:9f:c1:2a:58:e1:d6:
29:90:3f:e0:f8:c1:de:11:46:12:34:7a:35:a5:35:
4c:48:f9:c8:78:e4:33:d5:24:7e:8e:9c:2b:9c:d2:
89:5c:da:21:92:56:24:46:7a:b0:7c:95:1c:2f:d9:
c6:d8:33:41:26:61:27:13:3d:39:27:68:ea:fc:95:
8b:0f:57:ab:47:fc:9a:05:82:a2:28:61:45:25:d1:
08:eb:34:62:b9:f9:5f:b2:b7:7a:fe:09:1b:d7:35:
d4:08:bb:95:29:58:ec:a2:c3:d0:7f:ee:dd:ae:5a:
32:3c:4f:0e:96:37:1f:a5:aa:4d:72:1f:18:8e:ae:
e0:ab:e1:a7:2e:97:54:82:c7:d9:5d:b1:85:50:9a:
38:f7:5d:12:f3:c4:2b:ea:de:df:3a:88:01:85:86:
35:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F8:9F:76:F9:55:66:98:C5:AB:C3:D5:8C:7A:81:24:55:A9:94:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:6000::/40
Signature Algorithm: sha256WithRSAEncryption
72:74:13:a6:af:7e:39:19:27:72:5e:20:2b:f2:cf:8c:0b:04:
81:79:44:c8:ac:16:95:fa:89:bb:fe:82:a4:b5:74:30:04:e4:
0d:0e:cd:e1:49:73:b2:4a:53:8d:6b:6f:aa:5b:45:71:2f:fb:
72:42:60:0a:96:a1:00:7b:14:53:e5:b3:06:34:34:89:66:e5:
c8:8d:31:7e:f1:26:36:eb:3a:db:25:8d:71:b2:c4:20:b0:a5:
ff:fb:d1:15:f1:db:64:30:50:73:c9:b4:19:c3:4c:d2:73:bf:
4a:d1:94:c7:7f:d3:0d:d0:a7:3a:08:7f:76:53:85:82:61:44:
cf:51:fd:d8:53:d4:b7:54:97:eb:49:21:86:32:4e:b5:36:e6:
d7:5d:69:36:1e:0d:b8:b5:66:6d:23:95:c3:37:d7:3c:23:f3:
74:e2:53:6e:82:2b:32:bb:82:a3:4d:c3:55:7f:77:ba:44:49:
0b:50:f3:3b:5c:f7:06:9c:64:91:37:20:69:5f:5c:cf:82:d8:
f5:66:dd:31:2a:69:47:6c:9f:93:d6:bf:04:76:4b:a7:db:a9:
b0:e0:63:14:87:88:30:ea:97:a2:69:3d:4d:d7:42:a8:cf:1f:
a7:cf:0c:73:9e:be:3f:6b:c6:bb:16:08:60:b4:0b:a5:01:c3:
63:47:47:6d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUe7EnwJ/UGXJN0UgUiy6H1Op2F40wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2ZTIyMzU5NGM3YmFlODcwYTIxY2U1YmM2NzQzMTQxNzg2ODYxYWE1MGUw
MWQ5YjVkMDBmYzQwMTA0NDRkZjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVcBQacAY0YLtcYKx6cUWyqFOD39svmtnfbs68B/qmy0KPQKaCtgosPllK6
IrOazLgnZcZWP/cAWkVkHYgxTsFnnIl3O1BjxySIJkLFaVU3+sJyrZdp2ZDzOD4d
Rp9AcQBXn8EqWOHWKZA/4PjB3hFGEjR6NaU1TEj5yHjkM9Ukfo6cK5zSiVzaIZJW
JEZ6sHyVHC/ZxtgzQSZhJxM9OSdo6vyViw9Xq0f8mgWCoihhRSXRCOs0Yrn5X7K3
ev4JG9c11Ai7lSlY7KLD0H/u3a5aMjxPDpY3H6WqTXIfGI6u4Kvhpy6XVILH2V2x
hVCaOPddEvPEK+re3zqIAYWGNWUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTI+J92
+VVmmMWrw9WMeoEkVamUajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzhmOWMwZjAtYTEwOS00ODVjLWJkMmQtMmUxYTQ0MGI4NjRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVg
MA0GCSqGSIb3DQEBCwUAA4IBAQBydBOmr345GSdyXiAr8s+MCwSBeUTIrBaV+om7
/oKktXQwBOQNDs3hSXOySlONa2+qW0VxL/tyQmAKlqEAexRT5bMGNDSJZuXIjTF+
8SY26zrbJY1xssQgsKX/+9EV8dtkMFBzybQZw0zSc79K0ZTHf9MN0Kc6CH92U4WC
YUTPUf3YU9S3VJfrSSGGMk61NubXXWk2Hg24tWZtI5XDN9c8I/N04lNugisyu4Kj
TcNVf3e6REkLUPM7XPcGnGSRNyBpX1zPgtj1Zt0xKmlHbJ+T1r8Edkun26mw4GMU
h4gw6peiaT1N10Kozx+nzwxznr4/a8a7FghgtAulAcNjR0dt
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:32 2024 by rpki-client on console-ams.rpki-client.org