Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3dbbf79a-d9ed-4a70-869f-67c739fcf324.roa
File: 3dbbf79a-d9ed-4a70-869f-67c739fcf324.roa (raw, json)
Hash identifier: dmml4ZHB2sJ3erlKZZGq083jxLtZxo/tLMXXbok1JvI=
Subject key identifier: 42:B8:E4:45:58:D3:E3:2B:EE:26:96:9D:9F:4F:AD:8F:4D:A7:91:82
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7489D703F1E8DB0136E9180234E8B0BDF132BF98
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3dbbf79a-d9ed-4a70-869f-67c739fcf324.roa
Signing time: Fri 22 Nov 2024 00:00:00 +0000
ROA not before: Fri 22 Nov 2024 00:00:00 +0000
ROA not after: Fri 27 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:89:d7:03:f1:e8:db:01:36:e9:18:02:34:e8:b0:bd:f1:32:bf:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 22 00:00:00 2024 GMT
Not After : Dec 27 23:59:59 2024 GMT
Subject: serialNumber=654561ca12e257d6a355b6c52e34ee1c36525c51aa37768026bf7bf50b10a900, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f2:10:6c:bd:cf:46:ee:0c:1a:5b:75:28:f7:
d0:e9:dc:79:62:96:07:a1:9b:3c:4c:12:bf:61:f0:
04:c0:fc:5d:99:f5:d7:ab:5f:93:38:ad:7f:62:70:
40:2c:12:a4:5c:00:f3:b9:eb:a3:e6:48:60:5d:72:
f0:5e:6f:80:84:96:39:b4:1e:ad:8e:8a:59:4e:6b:
13:93:9f:d0:e9:33:9f:93:26:da:51:34:de:65:75:
f3:39:db:c7:19:c3:0d:20:e3:6d:74:2c:c8:54:28:
42:c5:8c:e9:c1:59:72:78:57:65:d7:ab:0c:cd:70:
27:b4:07:67:66:19:56:78:50:67:3e:2e:13:e7:d8:
b8:45:37:d3:31:90:09:f7:4a:2f:92:8c:f3:ee:2d:
69:fc:b6:56:56:75:f4:65:4f:70:f2:08:00:c7:11:
dc:5c:99:2e:82:ed:45:53:e1:4e:77:e1:87:93:17:
4f:55:89:58:1b:c5:eb:8a:82:3b:69:59:94:f0:f3:
b2:03:cc:44:ed:3b:53:13:8f:45:f0:cc:e3:6c:27:
05:f5:06:9f:ae:5e:52:f1:18:a9:38:f2:8c:f8:0d:
b8:59:36:fc:65:57:97:cd:21:05:48:15:10:71:99:
45:2f:fd:62:5a:54:d7:f1:fe:ce:79:49:84:a9:33:
f4:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:B8:E4:45:58:D3:E3:2B:EE:26:96:9D:9F:4F:AD:8F:4D:A7:91:82
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3dbbf79a-d9ed-4a70-869f-67c739fcf324.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:9000::/40
Signature Algorithm: sha256WithRSAEncryption
be:00:a4:4b:f4:8f:05:f5:8e:e9:3b:7d:e4:53:cf:5b:4a:5a:
19:36:d2:fe:ee:4f:ce:39:8b:ac:44:13:6e:b8:4f:dd:76:43:
ca:47:30:c6:71:70:d9:af:bc:71:31:ec:93:4f:ca:4f:95:36:
cf:e2:6c:4a:9a:e2:c8:77:b5:d5:03:aa:80:6e:87:56:63:6e:
78:80:45:7e:2d:84:e3:a7:55:bf:6c:09:b8:33:89:d6:08:64:
fd:4d:45:95:3b:cd:2a:d5:80:57:75:7c:a8:ca:96:aa:30:2f:
56:b1:a6:e8:ea:7a:37:b7:f5:d5:ab:39:1c:60:1f:79:f6:27:
57:1e:54:95:3d:45:9e:28:c6:82:a8:50:60:75:01:b4:7a:d2:
55:9a:8a:cc:2e:ee:6b:a5:67:9c:32:73:a6:f0:5a:91:ad:68:
c4:68:ae:ca:6e:6e:81:c7:6a:7b:04:2c:6b:5a:8c:da:af:0f:
a2:d1:72:c0:76:24:b7:c0:5d:25:84:b3:3c:c4:01:5a:d1:dc:
38:ee:c8:4d:66:b4:17:92:80:9d:e2:59:c7:b4:de:58:5c:98:
ce:c7:2a:e1:92:43:3d:f0:54:a3:40:dd:50:b7:c9:d7:80:6b:
3c:dc:71:d7:0a:2d:6f:22:19:b8:0a:e2:d3:0b:81:81:48:b6:
ad:9c:95:ae
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdInXA/Ho2wE26RgCNOiwvfEyv5gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMjIwMDAwMDBaFw0yNDEyMjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1NDU2MWNhMTJlMjU3ZDZhMzU1YjZjNTJlMzRlZTFjMzY1MjVjNTFhYTM3
NzY4MDI2YmY3YmY1MGIxMGE5MDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMTyEGy9z0buDBpbdSj30OnceWKWB6GbPEwSv2HwBMD8XZn116tfkzitf2Jw
QCwSpFwA87nro+ZIYF1y8F5vgISWObQerY6KWU5rE5Of0Okzn5Mm2lE03mV18znb
xxnDDSDjbXQsyFQoQsWM6cFZcnhXZderDM1wJ7QHZ2YZVnhQZz4uE+fYuEU30zGQ
CfdKL5KM8+4tafy2VlZ19GVPcPIIAMcR3FyZLoLtRVPhTnfhh5MXT1WJWBvF64qC
O2lZlPDzsgPMRO07UxOPRfDM42wnBfUGn65eUvEYqTjyjPgNuFk2/GVXl80hBUgV
EHGZRS/9YlpU1/H+znlJhKkz9BkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRCuORF
WNPjK+4mlp2fT62PTaeRgjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2RiYmY3OWEtZDllZC00YTcwLTg2OWYtNjdjNzM5ZmNmMzI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HaQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC+AKRL9I8F9Y7pO33kU89bSloZNtL+7k/OOYus
RBNuuE/ddkPKRzDGcXDZr7xxMeyTT8pPlTbP4mxKmuLId7XVA6qAbodWY254gEV+
LYTjp1W/bAm4M4nWCGT9TUWVO80q1YBXdXyoypaqMC9Wsabo6no3t/XVqzkcYB95
9idXHlSVPUWeKMaCqFBgdQG0etJVmorMLu5rpWecMnOm8FqRrWjEaK7Kbm6Bx2p7
BCxrWozarw+i0XLAdiS3wF0lhLM8xAFa0dw47shNZrQXkoCd4lnHtN5YXJjOxyrh
kkM98FSjQN1Qt8nXgGs83HHXCi1vIhm4CuLTC4GBSLatnJWu
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:44 2024 by rpki-client on console-ams.rpki-client.org