Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa
File: 38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa (raw, json)
Hash identifier: //PTndXoJ0AMy92db4CNI+DRzTQk9CemGATcOdpYtmc=
Subject key identifier: 17:76:26:2B:D2:C4:FC:CE:41:41:78:CF:3A:EA:5D:5E:C6:6F:5D:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07CB797AF8B0A4DDDF2F5315E108D21C6705F9AA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa
Signing time: Tue 23 Apr 2024 00:00:00 +0000
ROA not before: Tue 23 Apr 2024 00:00:00 +0000
ROA not after: Tue 28 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:cb:79:7a:f8:b0:a4:dd:df:2f:53:15:e1:08:d2:1c:67:05:f9:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 23 00:00:00 2024 GMT
Not After : May 28 23:59:59 2024 GMT
Subject: serialNumber=6e85290eef0203c68e8df3f8587d26d1da2962d6334de44394fdaf4a8a53c4e3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ca:9d:38:32:94:da:b9:57:18:c0:6a:50:6b:
08:e9:a6:05:a9:b4:16:cf:21:b8:7e:2a:2c:65:9f:
b5:20:74:7e:b2:19:c0:7a:8a:0b:5e:aa:61:d8:bb:
ab:8a:a6:2e:06:1b:8e:9a:4f:f0:0e:b9:47:52:e6:
41:73:de:6e:6d:a4:73:4b:2a:8c:16:67:2c:bb:64:
e5:28:cc:ba:e2:53:56:8a:5c:c6:44:0e:bd:76:0a:
ec:37:88:c9:2a:fe:c8:11:70:86:07:eb:15:e2:4b:
93:59:48:e8:44:af:f5:5b:cc:26:a2:9e:83:9b:57:
07:02:f1:45:3a:91:29:66:54:6b:13:12:f9:32:d4:
83:a1:f4:bc:7e:cb:a4:a1:8f:ea:36:41:7b:ec:ee:
4e:ee:ea:1b:4c:96:59:9b:41:ac:29:a7:a7:ac:9e:
82:09:ad:e2:2e:d6:6e:d0:69:3a:d3:dd:fa:8b:73:
5b:49:16:d8:12:1c:16:db:e3:01:a0:f2:40:76:0d:
1b:24:4c:63:8a:52:79:62:78:75:c3:5c:0f:31:93:
04:d7:7e:e0:4f:d1:aa:a5:47:62:8d:59:5b:25:46:
e9:cd:7a:92:db:e4:63:cb:2e:39:8b:9c:b3:27:b4:
a9:07:e7:01:02:e3:48:44:78:d7:7a:a0:9f:bf:8b:
f0:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:76:26:2B:D2:C4:FC:CE:41:41:78:CF:3A:EA:5D:5E:C6:6F:5D:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:6000::/40
Signature Algorithm: sha256WithRSAEncryption
93:22:96:f6:a8:68:b1:0c:bd:66:6b:b6:e7:b4:c5:93:d7:a9:
7b:34:03:69:d5:56:2b:92:0d:8d:85:71:3a:d6:fa:95:58:fd:
33:d0:aa:b8:7e:30:35:8b:05:3f:da:0e:53:88:35:6c:73:3e:
0a:44:af:4c:14:33:0a:65:60:14:a3:87:0d:a2:b8:d5:6a:da:
90:60:b8:3e:a5:e4:f5:e8:e7:bc:88:23:73:47:8a:3a:3d:f9:
d7:b0:5c:4f:6c:1f:74:ad:51:ce:a2:2a:4d:e9:41:f3:12:bd:
94:17:7e:3f:ad:d5:63:fd:3d:06:0e:2e:75:c4:34:56:33:2b:
b9:5d:d0:f5:00:69:43:f2:e0:56:90:49:2f:79:2b:03:26:46:
41:6b:b1:78:3e:b5:a0:fe:5d:fe:31:25:8e:69:f3:56:89:b5:
ee:8f:20:00:f1:3d:4d:19:c7:ff:cb:e8:28:95:61:30:dd:db:
5c:d0:f8:e3:00:83:6b:fc:c6:d1:97:c0:6e:27:b4:cb:39:8f:
6c:f1:d4:f0:6b:61:81:e9:b1:43:22:db:66:e9:18:b9:dc:5a:
67:ab:2a:8e:55:3d:e4:84:e0:ad:ec:1a:38:21:30:f3:5f:c6:
09:8c:cb:d2:15:81:f6:d3:0d:3d:3a:c0:e9:99:b9:c0:57:4b:
78:d6:3d:e8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUB8t5eviwpN3fL1MV4QjSHGcF+aowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjMwMDAwMDBaFw0yNDA1MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDZlODUyOTBlZWYwMjAzYzY4ZThkZjNmODU4N2QyNmQxZGEyOTYyZDYzMzRk
ZTQ0Mzk0ZmRhZjRhOGE1M2M0ZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbKnTgylNq5VxjAalBrCOmmBam0Fs8huH4qLGWftSB0frIZwHqKC16qYdi7
q4qmLgYbjppP8A65R1LmQXPebm2kc0sqjBZnLLtk5SjMuuJTVopcxkQOvXYK7DeI
ySr+yBFwhgfrFeJLk1lI6ESv9VvMJqKeg5tXBwLxRTqRKWZUaxMS+TLUg6H0vH7L
pKGP6jZBe+zuTu7qG0yWWZtBrCmnp6yeggmt4i7WbtBpOtPd+otzW0kW2BIcFtvj
AaDyQHYNGyRMY4pSeWJ4dcNcDzGTBNd+4E/RqqVHYo1ZWyVG6c16ktvkY8suOYuc
sye0qQfnAQLjSER413qgn7+L8OMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQXdiYr
0sT8zkFBeM866l1exm9dkDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzhmOWMwZjAtYTEwOS00ODVjLWJkMmQtMmUxYTQ0MGI4NjRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVg
MA0GCSqGSIb3DQEBCwUAA4IBAQCTIpb2qGixDL1ma7bntMWT16l7NANp1VYrkg2N
hXE61vqVWP0z0Kq4fjA1iwU/2g5TiDVscz4KRK9MFDMKZWAUo4cNorjVatqQYLg+
peT16Oe8iCNzR4o6PfnXsFxPbB90rVHOoipN6UHzEr2UF34/rdVj/T0GDi51xDRW
Myu5XdD1AGlD8uBWkEkveSsDJkZBa7F4PrWg/l3+MSWOafNWibXujyAA8T1NGcf/
y+golWEw3dtc0PjjAINr/MbRl8BuJ7TLOY9s8dTwa2GB6bFDIttm6Ri53FpnqyqO
VT3khOCt7Bo4ITDzX8YJjMvSFYH20w09OsDpmbnAV0t41j3o
-----END CERTIFICATE-----
Generated at Sat Apr 27 17:54:23 2024 by rpki-client on console-ams.rpki-client.org