Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/39020c9a-ad3e-4c28-a04a-a8755ffa1606.roa
File: 39020c9a-ad3e-4c28-a04a-a8755ffa1606.roa (raw, json)
Hash identifier: KAgtM11N0f6nVJlWAikyBBKbuM1bXiLdCYTWZvTEhVw=
Subject key identifier: A5:C3:8F:29:5E:7D:EA:FC:64:57:B1:28:3D:26:B9:20:FA:32:42:31
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 781C3CE1BF9FB97D7545740BEF25BABE558E0E79
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/39020c9a-ad3e-4c28-a04a-a8755ffa1606.roa
Signing time: Fri 22 Nov 2024 00:00:00 +0000
ROA not before: Fri 22 Nov 2024 00:00:00 +0000
ROA not after: Fri 27 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:1c:3c:e1:bf:9f:b9:7d:75:45:74:0b:ef:25:ba:be:55:8e:0e:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 22 00:00:00 2024 GMT
Not After : Dec 27 23:59:59 2024 GMT
Subject: serialNumber=25f614fe89d2895dd051d4a6a54b680977ca6a529eb0273f6c5db3d1cf910308, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c8:d6:94:23:86:59:76:f8:4f:ea:13:71:97:
f3:be:ad:2e:d7:db:c0:99:9f:73:25:4e:62:a6:10:
48:e4:b8:ce:f0:5c:9e:c7:a6:0e:af:05:cc:76:a3:
18:4e:47:7a:ab:16:1e:95:b3:e2:8f:54:b5:73:8c:
d4:ee:3c:e5:ed:74:13:97:41:90:94:6e:63:99:db:
b2:94:38:31:1a:9e:22:9d:ce:b5:ae:55:3f:0a:35:
a9:86:98:f9:48:49:a3:45:e5:54:17:16:e7:02:d3:
3a:53:6e:96:6e:79:a8:4b:4c:05:29:c1:cb:5f:b5:
85:00:9b:fe:14:79:8a:15:8b:3c:85:6a:ca:10:89:
a5:80:91:ea:dc:69:b1:7a:fc:a2:80:d9:fd:61:e2:
bf:cc:8b:51:4d:4c:1b:9f:21:ac:a1:60:3a:61:ec:
3a:0e:d5:61:68:e6:d0:3f:90:f7:7b:53:21:86:7e:
4b:eb:b6:92:de:f0:cb:ea:22:ab:27:d5:b9:85:35:
78:ec:72:ed:f4:2b:c3:79:cb:20:7a:f3:ec:66:84:
e5:2e:f9:ef:b3:0a:0d:a4:93:63:ed:31:ca:59:5b:
52:b4:d9:0e:36:64:e0:e4:c0:a8:4f:12:f4:2d:16:
78:c0:ad:d8:d1:22:ca:55:a1:a2:0c:57:e6:28:d5:
f0:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:C3:8F:29:5E:7D:EA:FC:64:57:B1:28:3D:26:B9:20:FA:32:42:31
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/39020c9a-ad3e-4c28-a04a-a8755ffa1606.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:4000::/40
Signature Algorithm: sha256WithRSAEncryption
6a:e3:9a:61:24:ed:42:72:6c:af:9c:ff:cf:e8:40:01:cf:9b:
a3:3c:f3:ca:d9:f2:87:de:60:ac:17:1c:db:10:32:6b:97:c6:
c7:0a:99:6a:bc:67:65:1c:d5:13:5c:bf:47:f2:6d:87:13:e1:
25:52:4a:c0:20:ff:05:6e:86:a5:f5:7e:66:bc:88:a1:b4:9f:
10:ab:30:86:b9:be:00:06:7d:5e:0c:40:f5:09:c3:97:88:d6:
52:46:ca:68:1a:4c:d1:26:c2:87:18:d3:aa:07:69:df:51:6a:
b4:b7:95:82:cc:2f:11:09:ae:18:19:23:63:50:24:07:c7:fb:
5d:46:f5:d9:1c:ff:4f:5f:9e:6d:94:ca:b7:46:32:6b:0d:51:
5c:b3:d9:a2:55:a0:c5:2b:8e:b5:6f:2b:44:c6:0b:c0:4e:de:
0b:a7:4f:92:be:96:68:f2:ba:30:22:8c:ed:5b:ac:52:26:a3:
f0:c1:6c:9a:30:78:37:4f:77:6d:b8:25:63:89:fe:eb:e8:a4:
56:8e:b1:3a:21:fe:a1:69:a7:5b:a8:10:23:3b:25:21:ba:b6:
e8:2e:a3:10:0c:4d:04:69:49:7a:72:01:a6:27:eb:e7:b4:d4:
19:b3:39:a9:47:c3:20:23:29:bb:fe:af:aa:9e:e5:93:c7:9e:
1f:89:4e:14
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeBw84b+fuX11RXQL7yW6vlWODnkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMjIwMDAwMDBaFw0yNDEyMjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1ZjYxNGZlODlkMjg5NWRkMDUxZDRhNmE1NGI2ODA5NzdjYTZhNTI5ZWIw
MjczZjZjNWRiM2QxY2Y5MTAzMDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM7I1pQjhll2+E/qE3GX876tLtfbwJmfcyVOYqYQSOS4zvBcnsemDq8FzHaj
GE5HeqsWHpWz4o9UtXOM1O485e10E5dBkJRuY5nbspQ4MRqeIp3Ota5VPwo1qYaY
+UhJo0XlVBcW5wLTOlNulm55qEtMBSnBy1+1hQCb/hR5ihWLPIVqyhCJpYCR6txp
sXr8ooDZ/WHiv8yLUU1MG58hrKFgOmHsOg7VYWjm0D+Q93tTIYZ+S+u2kt7wy+oi
qyfVuYU1eOxy7fQrw3nLIHrz7GaE5S7577MKDaSTY+0xyllbUrTZDjZk4OTAqE8S
9C0WeMCt2NEiylWhogxX5ijV8OECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSlw48p
Xn3q/GRXsSg9Jrkg+jJCMTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzkwMjBjOWEtYWQzZS00YzI4LWEwNGEtYTg3NTVmZmExNjA2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRA
MA0GCSqGSIb3DQEBCwUAA4IBAQBq45phJO1CcmyvnP/P6EABz5ujPPPK2fKH3mCs
FxzbEDJrl8bHCplqvGdlHNUTXL9H8m2HE+ElUkrAIP8Fboal9X5mvIihtJ8QqzCG
ub4ABn1eDED1CcOXiNZSRspoGkzRJsKHGNOqB2nfUWq0t5WCzC8RCa4YGSNjUCQH
x/tdRvXZHP9PX55tlMq3RjJrDVFcs9miVaDFK461bytExgvATt4Lp0+SvpZo8row
IoztW6xSJqPwwWyaMHg3T3dtuCVjif7r6KRWjrE6If6haadbqBAjOyUhurboLqMQ
DE0EaUl6cgGmJ+vntNQZszmpR8MgIym7/q+qnuWTx54fiU4U
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:44 2024 by rpki-client on console-ams.rpki-client.org