Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bf2a24c-942b-480a-ae17-c534fb5a88ac.roa
File: 3bf2a24c-942b-480a-ae17-c534fb5a88ac.roa (raw, json)
Hash identifier: roby6Fl/sKhHnl5pmMrJEfvOv32VJW562F6OdxMxK0Q=
Subject key identifier: C4:B4:29:E9:15:BF:A6:56:21:9A:AF:6E:F5:38:B8:49:09:DF:AE:15
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 61EAA918902A5B13E026CADBB9ABBD95D960F038
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bf2a24c-942b-480a-ae17-c534fb5a88ac.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:ea:a9:18:90:2a:5b:13:e0:26:ca:db:b9:ab:bd:95:d9:60:f0:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=697ce08cf3c17307952f64bc289ea59860c50c26767075c481b787ddd74a6e20, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:06:bd:94:40:a8:66:f0:15:0f:f0:a9:f6:6c:
00:f9:6d:51:20:de:8e:15:bd:da:92:53:c8:90:57:
0a:98:5a:e9:25:0d:ae:a3:58:42:be:73:a6:7d:99:
64:74:03:c0:20:f9:c8:27:25:8b:da:41:24:71:88:
d8:1a:28:23:ee:75:1f:eb:b5:e6:4e:11:7b:fb:e5:
4f:23:0e:8f:53:0e:a2:60:14:c7:41:66:d7:09:03:
e2:fc:26:75:70:22:71:0b:3e:23:44:b3:69:75:0b:
6f:f3:7b:5d:ea:68:1b:dc:d4:84:00:5c:9b:cc:a6:
d1:bc:23:f5:3a:08:69:8b:82:2d:5b:cb:6a:1f:8d:
3e:1e:b4:00:a2:30:e7:d7:d3:03:95:12:a7:97:76:
43:cd:b5:a4:e5:eb:ed:49:bb:6d:31:e9:02:17:8b:
ba:8a:f1:03:06:7b:51:c4:7b:a3:89:5e:2b:d4:8d:
21:52:f0:73:5f:bd:19:5c:40:8d:2a:39:35:44:ec:
78:a7:d5:6c:84:08:f2:54:02:ad:ab:2a:1f:0c:df:
d2:49:35:78:09:a6:8a:e3:c2:72:63:c1:2d:c5:29:
1c:91:e3:cb:8e:92:5b:77:26:47:f4:1a:f9:da:44:
0f:2e:4f:28:49:73:1c:0a:3b:ad:b5:00:b1:93:a1:
97:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:B4:29:E9:15:BF:A6:56:21:9A:AF:6E:F5:38:B8:49:09:DF:AE:15
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bf2a24c-942b-480a-ae17-c534fb5a88ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:e000::/40
Signature Algorithm: sha256WithRSAEncryption
6c:58:3e:e8:fb:a3:b0:94:27:1c:89:c9:c4:ec:a0:c4:4d:5f:
93:4f:c5:6c:23:99:fb:c1:5b:b6:64:1f:8b:0f:cb:69:4e:1a:
97:c3:0a:c5:a0:67:2e:67:6e:29:a1:c1:1e:e1:de:24:50:0a:
25:bd:05:0b:94:92:2b:b3:7d:b7:e3:85:db:30:81:5c:cb:29:
55:f2:af:fe:01:cc:9b:69:95:03:17:c0:63:4f:70:9f:96:b1:
4e:95:46:1d:85:1e:32:83:2d:a6:87:5d:6d:76:25:05:81:c7:
d8:a5:5a:3e:09:d1:6d:c6:44:50:78:9d:f6:73:7b:c5:77:ef:
8e:97:3c:5b:ec:13:8d:27:20:d4:92:f0:6b:7c:52:ce:ba:ea:
ad:72:68:5d:95:69:5e:cb:eb:ae:6b:07:42:9b:99:34:85:0b:
7c:82:be:7a:3a:67:df:55:84:d2:0c:52:98:4b:aa:9b:e6:e2:
62:ac:24:5d:ec:f8:1c:c2:9e:ef:d8:77:51:9a:16:39:73:48:
7a:3c:6e:ed:54:ec:31:2e:d2:91:85:38:14:82:4c:ee:41:60:
90:99:e2:5d:6c:31:d5:52:67:79:0e:37:66:1e:cd:a7:07:f8:
25:c3:c4:2b:fb:ac:16:67:63:37:e4:42:ef:24:f2:56:c8:d3:
4f:d9:15:79
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYeqpGJAqWxPgJsrbuau9ldlg8DgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5N2NlMDhjZjNjMTczMDc5NTJmNjRiYzI4OWVhNTk4NjBjNTBjMjY3Njcw
NzVjNDgxYjc4N2RkZDc0YTZlMjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ8GvZRAqGbwFQ/wqfZsAPltUSDejhW92pJTyJBXCpha6SUNrqNYQr5zpn2Z
ZHQDwCD5yCcli9pBJHGI2BooI+51H+u15k4Re/vlTyMOj1MOomAUx0Fm1wkD4vwm
dXAicQs+I0SzaXULb/N7XepoG9zUhABcm8ym0bwj9ToIaYuCLVvLah+NPh60AKIw
59fTA5USp5d2Q821pOXr7Um7bTHpAheLuorxAwZ7UcR7o4leK9SNIVLwc1+9GVxA
jSo5NUTseKfVbIQI8lQCrasqHwzf0kk1eAmmiuPCcmPBLcUpHJHjy46SW3cmR/Qa
+dpEDy5PKElzHAo7rbUAsZOhlzMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTEtCnp
Fb+mViGar271OLhJCd+uFTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2JmMmEyNGMtOTQyYi00ODBhLWFlMTctYzUzNGZiNWE4OGFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hvg
MA0GCSqGSIb3DQEBCwUAA4IBAQBsWD7o+6OwlCccicnE7KDETV+TT8VsI5n7wVu2
ZB+LD8tpThqXwwrFoGcuZ24pocEe4d4kUAolvQULlJIrs32344XbMIFcyylV8q/+
AcybaZUDF8BjT3CflrFOlUYdhR4ygy2mh11tdiUFgcfYpVo+CdFtxkRQeJ32c3vF
d++Olzxb7BONJyDUkvBrfFLOuuqtcmhdlWley+uuawdCm5k0hQt8gr56OmffVYTS
DFKYS6qb5uJirCRd7Pgcwp7v2HdRmhY5c0h6PG7tVOwxLtKRhTgUgkzuQWCQmeJd
bDHVUmd5DjdmHs2nB/glw8Qr+6wWZ2M35ELvJPJWyNNP2RV5
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:11 2024 by rpki-client on console-fra.rpki-client.org