Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/39877ac0-d1f5-4cc3-b476-ba3a7fa0a0e0.roa
File: 39877ac0-d1f5-4cc3-b476-ba3a7fa0a0e0.roa (raw, json)
Hash identifier: VLdsi4MHWS9E8BKjLXPO+5tzSSdC1HlgpIO2L10EYTQ=
Subject key identifier: EF:1C:FC:9A:80:4A:ED:18:61:4B:C6:2F:59:0C:5C:F2:B7:18:26:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 08D3F5D4583CF5F19C93660C03AC08694612E6F0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/39877ac0-d1f5-4cc3-b476-ba3a7fa0a0e0.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:d3:f5:d4:58:3c:f5:f1:9c:93:66:0c:03:ac:08:69:46:12:e6:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=f8a7747561cb22fe5bd5c1538179e21401d6a58f23680be15554b6cf3044c9f9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c6:c9:11:0f:c6:f2:91:13:14:95:32:e0:6e:
bd:34:a9:75:34:8e:8e:6b:69:8f:1c:b2:e1:e5:9e:
bd:3c:f0:1e:d0:b9:60:96:6c:a9:bd:ff:22:4d:a0:
d3:9f:a2:cc:b0:03:42:94:e3:1c:eb:ab:de:a3:dd:
be:98:9f:e3:01:d1:36:7f:1d:56:d0:f8:bf:84:ba:
58:91:c0:5a:fe:07:d7:f1:d5:2d:ac:7b:c2:e6:bc:
ea:bd:ac:39:39:4c:32:59:f5:03:9e:cb:35:9a:97:
24:59:a3:dc:fb:8e:6b:9c:26:22:17:58:eb:9e:74:
25:0e:39:5b:5a:d2:7b:1b:df:b3:df:04:13:08:f0:
27:9c:38:27:c8:f0:e3:11:92:1b:05:2c:ef:22:d1:
2e:ec:cf:73:61:2a:be:29:af:e4:b9:11:f5:5e:fc:
75:01:51:d7:f1:ba:f8:c1:ac:bb:61:e4:f7:86:b7:
46:92:56:6d:dc:9a:bd:98:21:fa:56:c2:f6:b8:93:
de:9e:20:45:a7:49:28:72:54:9f:1c:c0:a7:4e:87:
68:8d:9c:c4:70:2e:b5:83:1e:09:24:ae:8e:0e:79:
0a:73:a9:a4:ca:f6:fd:84:73:4d:97:d8:95:87:c8:
67:55:34:da:2a:b3:7c:05:11:15:17:98:84:ca:cd:
97:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:1C:FC:9A:80:4A:ED:18:61:4B:C6:2F:59:0C:5C:F2:B7:18:26:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/39877ac0-d1f5-4cc3-b476-ba3a7fa0a0e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:2000::/40
Signature Algorithm: sha256WithRSAEncryption
33:0d:c0:d1:76:58:b7:16:fd:ed:84:04:5f:8b:d8:f4:a3:93:
e8:05:82:bf:a7:79:a8:28:c3:1a:2f:6e:6f:e0:41:61:6f:50:
a3:42:8b:74:bb:93:20:4d:70:7f:ee:4f:39:cf:52:57:3c:4b:
d5:00:a3:7d:83:55:7c:5f:25:0b:fb:9c:91:78:00:71:d9:a2:
63:bf:4b:96:0b:82:b6:5b:55:b1:bd:b1:7d:ae:a0:a4:60:8d:
fe:e8:ce:9c:a0:6e:25:ff:87:74:d2:e5:bd:d2:17:b4:23:9d:
8f:23:f1:b0:73:66:38:6d:65:d7:28:4f:fd:8f:b7:1c:65:69:
de:9e:3f:7d:db:a9:52:3f:d9:31:02:18:0f:d9:da:bf:38:33:
4e:d3:db:91:ad:fa:5b:46:c7:d7:8f:3f:04:a6:f2:f8:ae:0f:
64:6f:44:f9:2e:c3:a0:ca:ca:65:b2:59:b7:74:84:c3:51:d5:
bb:b0:f6:21:97:d6:e6:e9:c7:2c:0d:43:ba:b4:dd:6a:d5:12:
56:4f:ab:fa:dd:f5:ec:4c:95:6c:41:5f:25:32:dc:d6:15:fd:
ec:09:94:f4:f6:85:44:23:af:81:89:16:20:7c:29:cf:ec:b2:
bd:c0:9b:eb:7c:38:89:b5:5a:48:35:0f:93:94:cf:b2:f5:af:
6b:bb:24:78
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCNP11Fg89fGck2YMA6wIaUYS5vAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4YTc3NDc1NjFjYjIyZmU1YmQ1YzE1MzgxNzllMjE0MDFkNmE1OGYyMzY4
MGJlMTU1NTRiNmNmMzA0NGM5ZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANTGyREPxvKRExSVMuBuvTSpdTSOjmtpjxyy4eWevTzwHtC5YJZsqb3/Ik2g
05+izLADQpTjHOur3qPdvpif4wHRNn8dVtD4v4S6WJHAWv4H1/HVLax7wua86r2s
OTlMMln1A57LNZqXJFmj3PuOa5wmIhdY6550JQ45W1rSexvfs98EEwjwJ5w4J8jw
4xGSGwUs7yLRLuzPc2Eqvimv5LkR9V78dQFR1/G6+MGsu2Hk94a3RpJWbdyavZgh
+lbC9riT3p4gRadJKHJUnxzAp06HaI2cxHAutYMeCSSujg55CnOppMr2/YRzTZfY
lYfIZ1U02iqzfAURFReYhMrNlz8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTvHPya
gErtGGFLxi9ZDFzytxgmFzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mzk4NzdhYzAtZDFmNS00Y2MzLWI0NzYtYmEzYTdmYTBhMGUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hcg
MA0GCSqGSIb3DQEBCwUAA4IBAQAzDcDRdli3Fv3thARfi9j0o5PoBYK/p3moKMMa
L25v4EFhb1CjQot0u5MgTXB/7k85z1JXPEvVAKN9g1V8XyUL+5yReABx2aJjv0uW
C4K2W1WxvbF9rqCkYI3+6M6coG4l/4d00uW90he0I52PI/Gwc2Y4bWXXKE/9j7cc
ZWnenj9926lSP9kxAhgP2dq/ODNO09uRrfpbRsfXjz8EpvL4rg9kb0T5LsOgyspl
slm3dITDUdW7sPYhl9bm6ccsDUO6tN1q1RJWT6v63fXsTJVsQV8lMtzWFf3sCZT0
9oVEI6+BiRYgfCnP7LK9wJvrfDiJtVpINQ+TlM+y9a9ruyR4
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:31 2024 by rpki-client on console-fra.rpki-client.org