Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
File: 3bde61a2-7506-48c2-8365-3447411d858e.roa (raw, json)
Hash identifier: MOx3V4KmbQYC8VzScHRrWjXz0Ry7ZlsJqIhX6rhk8f4=
Subject key identifier: 81:C5:AA:01:14:B7:CD:93:F9:7A:CD:3C:5F:AB:F6:D3:95:B2:A1:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FB91AE43DCB51758E02E67C517AA8FFA3261FE1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
Signing time: Fri 08 Mar 2024 00:00:00 +0000
ROA not before: Fri 08 Mar 2024 00:00:00 +0000
ROA not after: Fri 12 Apr 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Mar 2024 18:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:b9:1a:e4:3d:cb:51:75:8e:02:e6:7c:51:7a:a8:ff:a3:26:1f:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 8 00:00:00 2024 GMT
Not After : Apr 12 23:59:59 2024 GMT
Subject: serialNumber=d97cf474dbdf8955d59af3493a810273bb44f01729ecf0db296ff34a2d151f1a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:68:2b:af:65:98:bd:cd:5e:47:48:5a:a5:0d:
56:e1:8d:48:ea:96:05:f6:19:a7:65:08:3d:93:3b:
06:82:cc:52:90:87:e5:20:8d:29:f2:c9:31:9e:ae:
8d:28:c5:94:c3:82:be:9f:02:4e:f8:44:de:17:09:
6b:29:e3:0c:2d:c6:db:0c:6b:4a:c0:3b:fb:40:d3:
76:c4:37:b1:6c:37:82:80:57:f1:82:ce:06:e2:1c:
e6:e4:72:89:53:ef:0b:6b:54:6d:4c:a0:1b:79:53:
fb:4d:58:fe:5b:69:a8:e9:d4:59:21:f2:ab:0e:6d:
aa:2d:38:c2:ee:4f:63:9b:76:9e:29:1a:8d:6a:b7:
e6:10:f6:e8:b5:a5:a2:e8:0a:cc:51:ad:45:f8:53:
49:9f:61:a7:9f:a2:f1:5f:c9:2d:60:4e:5b:95:f6:
55:50:be:b6:5f:96:a6:da:5a:e5:86:07:6b:c1:d9:
56:cf:4a:95:ce:0c:10:2e:40:b4:a6:7a:50:64:e0:
c9:fd:48:7d:20:fe:de:3c:3c:3d:2d:51:96:f7:28:
89:5f:04:00:bc:5f:5a:c0:c2:f6:06:22:4a:56:6c:
41:57:4a:e8:6a:ea:51:37:36:48:7b:f7:79:9e:7e:
4e:4a:e8:10:6b:a0:9c:98:91:9e:05:46:4f:b7:00:
bf:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:C5:AA:01:14:B7:CD:93:F9:7A:CD:3C:5F:AB:F6:D3:95:B2:A1:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:5000::/40
Signature Algorithm: sha256WithRSAEncryption
c4:b4:8d:63:2f:3f:1f:8c:27:04:fc:3c:5f:cd:64:56:ad:ed:
75:58:ad:79:e0:67:c6:f3:78:05:98:b0:a8:32:41:83:0c:81:
20:45:4a:2c:5d:35:25:57:a3:42:34:36:ce:da:47:5c:b6:1c:
f5:c9:c9:31:93:20:65:62:4b:fc:af:d7:f3:81:13:0d:21:07:
fe:42:f4:1e:a8:ba:b0:42:3c:cf:e5:00:b7:7d:87:68:60:6e:
a5:6d:f5:f7:7b:59:c3:d3:a8:13:2a:17:4b:80:ef:05:fc:73:
47:de:35:e6:09:f9:e7:31:c3:6e:bc:2e:1d:21:e3:a4:92:6d:
b7:59:4a:64:4d:82:ae:c1:9a:f8:d0:93:8b:24:68:d4:c4:21:
d9:1e:49:43:92:a5:99:a1:5e:66:99:d9:38:e1:bb:b2:69:c7:
b6:a7:f8:c3:a8:a7:46:5e:6b:fa:42:bd:41:1c:36:29:2c:a6:
d6:ea:3c:91:0f:3f:de:0b:a5:bb:15:3a:3b:64:7b:be:13:7e:
0e:68:12:ba:75:e7:61:6d:17:32:24:00:b9:51:7d:93:ed:21:
03:cb:d0:88:c5:d4:7a:92:9b:8a:eb:37:76:68:54:1e:47:67:
33:1b:88:6a:e1:85:fa:82:72:17:62:01:32:9f:74:c2:d1:83:
f8:d3:1c:14
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf7ka5D3LUXWOAuZ8UXqo/6MmH+EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDAzMDgwMDAwMDBaFw0yNDA0MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5N2NmNDc0ZGJkZjg5NTVkNTlhZjM0OTNhODEwMjczYmI0NGYwMTcyOWVj
ZjBkYjI5NmZmMzRhMmQxNTFmMWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJVoK69lmL3NXkdIWqUNVuGNSOqWBfYZp2UIPZM7BoLMUpCH5SCNKfLJMZ6u
jSjFlMOCvp8CTvhE3hcJaynjDC3G2wxrSsA7+0DTdsQ3sWw3goBX8YLOBuIc5uRy
iVPvC2tUbUygG3lT+01Y/ltpqOnUWSHyqw5tqi04wu5PY5t2nikajWq35hD26LWl
ougKzFGtRfhTSZ9hp5+i8V/JLWBOW5X2VVC+tl+Wptpa5YYHa8HZVs9Klc4MEC5A
tKZ6UGTgyf1IfSD+3jw8PS1RlvcoiV8EALxfWsDC9gYiSlZsQVdK6GrqUTc2SHv3
eZ5+TkroEGugnJiRngVGT7cAvzcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSBxaoB
FLfNk/l6zTxfq/bTlbKhjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2JkZTYxYTItNzUwNi00OGMyLTgzNjUtMzQ0NzQxMWQ4NThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDEtI1jLz8fjCcE/DxfzWRWre11WK154GfG83gF
mLCoMkGDDIEgRUosXTUlV6NCNDbO2kdcthz1yckxkyBlYkv8r9fzgRMNIQf+QvQe
qLqwQjzP5QC3fYdoYG6lbfX3e1nD06gTKhdLgO8F/HNH3jXmCfnnMcNuvC4dIeOk
km23WUpkTYKuwZr40JOLJGjUxCHZHklDkqWZoV5mmdk44buyace2p/jDqKdGXmv6
Qr1BHDYpLKbW6jyRDz/eC6W7FTo7ZHu+E34OaBK6dedhbRcyJAC5UX2T7SEDy9CI
xdR6kpuK6zd2aFQeR2czG4hq4YX6gnIXYgEyn3TC0YP40xwU
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:01:25 2024 by rpki-client on console-fra.rpki-client.org