Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
File: 3bde61a2-7506-48c2-8365-3447411d858e.roa (raw, json)
Hash identifier: WlSTR1JjfgWiyt4uu0v1qyyzC5VdMw+zVawdEfGDlEo=
Subject key identifier: 4A:C9:15:E5:D2:81:7A:55:D7:D8:C2:DA:6C:AD:E4:CC:1B:D4:72:82
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69175DC520783144E0F6C4407FFF34D73225242C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:17:5d:c5:20:78:31:44:e0:f6:c4:40:7f:ff:34:d7:32:25:24:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=9fb62cbc84996bd60466b4cd8f5d34206ceb51564f24fdafaf9f5363897ce7f9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:13:3c:68:f1:5c:1a:8c:c2:cc:1b:d2:86:b7:
13:14:3a:4f:7d:8e:a6:65:3a:f5:b1:fb:9f:a8:34:
a3:a9:f6:fc:f6:5c:bc:9e:62:20:b9:7b:99:83:04:
a7:19:dd:a8:23:8a:a5:4f:51:b9:69:95:2c:6a:18:
81:cd:9c:a1:5e:b6:19:32:55:2c:c2:cd:95:3a:c0:
01:9b:b9:8b:9e:12:42:f2:14:3b:ef:b9:29:7c:15:
60:78:71:88:e5:1a:28:c1:6c:85:bf:35:26:9b:be:
05:be:25:05:17:15:0d:0d:cc:6e:02:f7:64:60:21:
75:43:87:0f:49:5d:7d:f8:a8:6b:fd:b8:5b:8e:67:
50:23:1c:e1:a5:b3:59:70:9b:b8:7c:30:88:c0:3e:
68:bd:7e:de:1e:ce:2d:0f:e9:83:af:9a:90:ec:27:
89:04:33:20:ee:a4:c5:bb:4b:e9:29:07:27:72:16:
fa:9b:66:d7:62:cd:5a:a9:0c:47:64:bf:26:8d:a1:
b1:ef:04:95:f3:27:94:34:df:8f:2d:bf:20:4e:15:
bc:4a:de:e3:bb:78:2c:dd:d6:a2:90:a9:70:af:4e:
26:2c:d6:fd:b5:76:3b:44:53:dc:80:1e:37:6d:63:
ce:1d:7b:38:4b:fa:0d:ad:c7:4a:94:6f:20:ed:ae:
57:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:C9:15:E5:D2:81:7A:55:D7:D8:C2:DA:6C:AD:E4:CC:1B:D4:72:82
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:5000::/40
Signature Algorithm: sha256WithRSAEncryption
c2:fe:8f:93:f5:6a:33:d7:cb:b7:97:e5:51:5e:fa:53:e5:6d:
1a:2e:c2:26:b8:e9:55:cd:60:20:b0:8e:89:f2:ac:28:4e:13:
b5:6c:39:0f:19:7f:9e:f9:d9:f5:8e:fa:51:11:2f:39:94:2b:
f5:fc:6b:40:84:1f:08:87:7e:a6:ea:5d:48:2b:25:ce:4c:20:
65:73:34:a6:1b:dd:3a:b6:9f:55:24:16:9a:d1:05:71:bd:5f:
55:10:42:1b:2a:5c:01:17:81:1e:92:76:2e:46:65:be:f1:42:
bc:d5:93:f3:3e:d9:d1:40:38:11:8c:2e:9d:e6:67:d5:d8:e9:
60:6f:53:8e:2e:d4:fb:d7:9e:03:cc:53:86:52:cb:1b:c6:75:
0a:62:39:9b:61:d0:ea:63:1b:64:f5:1c:09:73:c5:cc:d2:39:
cc:0e:d8:d8:31:e9:bb:34:87:a4:e0:3e:11:c2:e2:79:bb:2f:
d5:31:45:c0:28:9d:d4:04:39:fe:35:84:3a:57:70:44:e0:86:
e9:97:3a:6c:21:e6:03:de:e4:29:b3:da:b1:08:14:5e:6c:9f:
55:2d:e0:e1:40:84:2d:6d:d7:8c:b8:0e:91:90:da:7f:49:34:
ff:70:77:0d:80:2a:ee:2c:e9:80:cc:47:fc:46:58:dc:e2:f0:
64:35:46:c1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaRddxSB4MUTg9sRAf/801zIlJCwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmYjYyY2JjODQ5OTZiZDYwNDY2YjRjZDhmNWQzNDIwNmNlYjUxNTY0ZjI0
ZmRhZmFmOWY1MzYzODk3Y2U3ZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANUTPGjxXBqMwswb0oa3ExQ6T32OpmU69bH7n6g0o6n2/PZcvJ5iILl7mYME
pxndqCOKpU9RuWmVLGoYgc2coV62GTJVLMLNlTrAAZu5i54SQvIUO++5KXwVYHhx
iOUaKMFshb81Jpu+Bb4lBRcVDQ3MbgL3ZGAhdUOHD0ldffioa/24W45nUCMc4aWz
WXCbuHwwiMA+aL1+3h7OLQ/pg6+akOwniQQzIO6kxbtL6SkHJ3IW+ptm12LNWqkM
R2S/Jo2hse8ElfMnlDTfjy2/IE4VvEre47t4LN3WopCpcK9OJizW/bV2O0RT3IAe
N21jzh17OEv6Da3HSpRvIO2uV1sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRKyRXl
0oF6VdfYwtpsreTMG9RygjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2JkZTYxYTItNzUwNi00OGMyLTgzNjUtMzQ0NzQxMWQ4NThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDC/o+T9Woz18u3l+VRXvpT5W0aLsImuOlVzWAg
sI6J8qwoThO1bDkPGX+e+dn1jvpRES85lCv1/GtAhB8Ih36m6l1IKyXOTCBlczSm
G906tp9VJBaa0QVxvV9VEEIbKlwBF4EeknYuRmW+8UK81ZPzPtnRQDgRjC6d5mfV
2Olgb1OOLtT7154DzFOGUssbxnUKYjmbYdDqYxtk9RwJc8XM0jnMDtjYMem7NIek
4D4RwuJ5uy/VMUXAKJ3UBDn+NYQ6V3BE4IbplzpsIeYD3uQps9qxCBRebJ9VLeDh
QIQtbdeMuA6RkNp/STT/cHcNgCruLOmAzEf8Rljc4vBkNUbB
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:32 2024 by rpki-client on console-ams.rpki-client.org