Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3dbbf79a-d9ed-4a70-869f-67c739fcf324.roa
File: 3dbbf79a-d9ed-4a70-869f-67c739fcf324.roa (raw, json)
Hash identifier: qJ1dHb1TqGb7eesKaS7ozB/+RHXUNGDg8lUQYoAXdxo=
Subject key identifier: 53:12:31:D5:15:76:DC:37:14:CD:28:18:90:66:B2:C9:7A:4E:F2:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 604C59107E9CAF508D65829380F7321721124031
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3dbbf79a-d9ed-4a70-869f-67c739fcf324.roa
Signing time: Tue 09 Apr 2024 00:00:00 +0000
ROA not before: Tue 09 Apr 2024 00:00:00 +0000
ROA not after: Tue 14 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:4c:59:10:7e:9c:af:50:8d:65:82:93:80:f7:32:17:21:12:40:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 9 00:00:00 2024 GMT
Not After : May 14 23:59:59 2024 GMT
Subject: serialNumber=00a4dd6c96da0b5b63893c3ced8bfa9d8a70f0b5a25c33a7dc3ce53771c6b400, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f7:ee:62:0d:f1:24:a6:d6:21:a2:64:9b:d3:
34:1d:c7:75:16:2a:ac:8e:54:c8:0b:b5:8d:5c:56:
bf:c1:08:b2:69:df:01:51:cf:c9:8e:1b:aa:e4:65:
5b:3e:58:03:a3:5c:75:ef:40:f7:1e:45:5c:ba:2b:
85:94:ff:16:03:c6:93:ae:fc:f9:d9:12:9d:8c:e1:
13:19:1c:38:d4:62:c6:62:8d:e5:89:c2:21:02:44:
4a:a4:e8:78:02:8b:64:f6:d6:2a:b0:20:de:cd:3a:
23:9e:f3:40:16:43:52:cc:a5:c9:01:b3:80:00:95:
f9:0f:b3:fb:66:39:9d:ef:06:d3:48:4a:8f:fe:af:
7d:b9:a8:8a:8d:6d:fe:a7:73:c6:20:8c:3a:79:53:
bb:0a:8c:07:58:34:8a:d8:ae:12:d1:51:a8:51:3d:
99:92:ac:ae:2d:3b:33:f0:01:af:bd:c6:b1:1d:cd:
b2:9c:e4:4d:27:2d:41:62:d4:49:cd:b2:03:e9:2e:
87:9f:32:dd:c9:e3:eb:5c:48:ec:ec:09:2b:cb:9a:
22:20:0c:ae:a6:d0:1d:bd:f3:31:89:fe:e0:be:1f:
16:ec:5f:cf:39:29:7c:f0:dc:24:38:35:20:80:2b:
85:6f:b8:1e:e3:46:b8:37:1e:d9:63:28:59:6f:9f:
8b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:12:31:D5:15:76:DC:37:14:CD:28:18:90:66:B2:C9:7A:4E:F2:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3dbbf79a-d9ed-4a70-869f-67c739fcf324.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:9000::/40
Signature Algorithm: sha256WithRSAEncryption
20:27:3a:7b:e0:c3:26:1d:72:3a:48:48:9b:b3:20:e9:9e:90:
75:e2:ca:e4:18:b2:79:e8:bf:61:dc:81:85:0e:e9:42:d6:fb:
10:8f:f5:37:f6:f3:30:d8:89:b7:6d:e3:89:d1:97:3c:ff:c9:
d2:80:76:04:42:2b:68:af:20:e7:6f:3e:92:af:51:be:49:ed:
83:71:60:ba:2a:54:45:56:73:3f:2c:59:cf:1a:a4:8b:01:66:
a2:a5:25:58:ee:9e:cd:37:3e:d4:a5:02:7b:56:eb:03:a5:5a:
9c:2f:8f:21:58:19:56:bd:87:a1:ea:37:98:da:e4:c6:a6:14:
04:df:4e:02:46:bd:2f:a0:1f:13:84:3f:c2:ea:3f:8f:e3:a3:
de:f1:c9:df:48:e4:fb:70:43:93:f6:50:50:4d:39:52:0e:7c:
f9:4c:0e:ff:ae:45:ec:95:e0:f6:a2:d6:d9:7b:e5:fc:f0:9b:
51:45:8c:2e:a5:9f:01:a4:89:42:6e:9c:a8:6d:b9:74:11:90:
14:de:2f:31:b6:a0:a2:d6:22:c7:ef:48:15:7e:6e:6b:eb:11:
69:93:95:b8:6e:d4:ad:61:dd:b3:e1:39:d1:52:11:a7:93:0b:
58:c0:df:39:c6:1c:66:7e:6d:7f:65:8b:45:ac:4e:cc:5b:81:
3d:0d:d4:31
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYExZEH6cr1CNZYKTgPcyFyESQDEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDkwMDAwMDBaFw0yNDA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwYTRkZDZjOTZkYTBiNWI2Mzg5M2MzY2VkOGJmYTlkOGE3MGYwYjVhMjVj
MzNhN2RjM2NlNTM3NzFjNmI0MDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMj37mIN8SSm1iGiZJvTNB3HdRYqrI5UyAu1jVxWv8EIsmnfAVHPyY4bquRl
Wz5YA6Ncde9A9x5FXLorhZT/FgPGk678+dkSnYzhExkcONRixmKN5YnCIQJESqTo
eAKLZPbWKrAg3s06I57zQBZDUsylyQGzgACV+Q+z+2Y5ne8G00hKj/6vfbmoio1t
/qdzxiCMOnlTuwqMB1g0itiuEtFRqFE9mZKsri07M/ABr73GsR3NspzkTSctQWLU
Sc2yA+kuh58y3cnj61xI7OwJK8uaIiAMrqbQHb3zMYn+4L4fFuxfzzkpfPDcJDg1
IIArhW+4HuNGuDce2WMoWW+fi9ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRTEjHV
FXbcNxTNKBiQZrLJek7y3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2RiYmY3OWEtZDllZC00YTcwLTg2OWYtNjdjNzM5ZmNmMzI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HaQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAgJzp74MMmHXI6SEibsyDpnpB14srkGLJ56L9h
3IGFDulC1vsQj/U39vMw2Im3beOJ0Zc8/8nSgHYEQitoryDnbz6Sr1G+Se2DcWC6
KlRFVnM/LFnPGqSLAWaipSVY7p7NNz7UpQJ7VusDpVqcL48hWBlWvYeh6jeY2uTG
phQE304CRr0voB8ThD/C6j+P46Pe8cnfSOT7cEOT9lBQTTlSDnz5TA7/rkXsleD2
otbZe+X88JtRRYwupZ8BpIlCbpyobbl0EZAU3i8xtqCi1iLH70gVfm5r6xFpk5W4
btStYd2z4TnRUhGnkwtYwN85xhxmfm1/ZYtFrE7MW4E9DdQx
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:11 2024 by rpki-client on console-fra.rpki-client.org