Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f324111-4b95-44d9-93fa-2778bdda69e8.roa
File: 3f324111-4b95-44d9-93fa-2778bdda69e8.roa (raw, json)
Hash identifier: m5xGRZe2CJn10OGSxaA+MB8efhE7oZN5B7kktLQ+JDc=
Subject key identifier: 7D:A7:7A:7B:47:2F:2C:E2:D0:9A:65:6F:87:CF:20:A8:5D:38:B9:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2EB628B21D69C2D0502FB86CA66EA351393E8C99
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f324111-4b95-44d9-93fa-2778bdda69e8.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:b6:28:b2:1d:69:c2:d0:50:2f:b8:6c:a6:6e:a3:51:39:3e:8c:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=644d0723e3fed1b788b3979f187e38ac8a8910c158069fce355be527a5e32d02, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3b:a3:44:e4:15:cf:aa:ee:f2:91:f2:91:7e:
b2:17:76:df:50:12:b8:08:cb:83:3f:7f:b0:56:d7:
28:86:05:50:02:61:4e:8c:fa:8c:a0:19:05:31:e7:
df:be:e2:e9:b0:6d:40:15:dd:4a:df:62:50:ec:b1:
95:44:73:a6:3e:85:bf:f5:90:b8:97:3d:42:05:72:
55:29:c5:41:10:d6:25:ad:85:88:09:cd:ed:de:b0:
2c:24:6a:f5:b9:0b:99:99:62:07:9e:a8:7a:52:36:
e2:e6:a2:74:a2:2e:44:8e:42:e9:32:50:14:9a:bf:
0d:fb:3c:94:5b:6a:b2:b1:6d:5c:55:62:ee:47:4a:
46:85:c9:99:b7:7b:4c:9f:f0:a3:70:76:14:e0:3f:
8f:20:27:8e:8a:6e:de:89:38:74:94:85:fc:94:3d:
a0:a1:fb:00:c1:3d:8d:3a:ca:65:c1:f9:ea:58:f3:
38:da:4b:38:ca:f8:2f:29:2d:9b:35:ff:7d:e2:59:
95:07:89:90:55:6a:ee:e1:b1:05:de:55:58:73:f5:
d2:ad:a9:50:e9:e9:3d:a1:12:1c:c1:a3:50:f2:6e:
0b:8a:ab:dc:2f:8e:7d:37:6a:c9:c0:a6:1b:34:89:
40:e3:17:ed:9a:d3:20:9e:6b:0c:9e:39:e4:7c:d5:
b7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:A7:7A:7B:47:2F:2C:E2:D0:9A:65:6F:87:CF:20:A8:5D:38:B9:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f324111-4b95-44d9-93fa-2778bdda69e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:4000::/40
Signature Algorithm: sha256WithRSAEncryption
a0:a3:88:9f:eb:11:36:ad:93:66:6b:ab:f5:5b:ac:7f:2e:e2:
cd:d5:87:44:bf:6e:b0:6b:a0:a9:d6:06:98:f8:b6:1d:aa:af:
0e:1d:09:63:1c:c2:0e:dc:dc:f2:de:7e:7f:a1:49:a6:b8:fd:
4f:43:60:11:ea:05:cd:d1:b1:85:ff:36:89:37:b5:2d:7a:31:
e2:75:92:3e:2a:bc:c2:52:b7:81:68:ac:be:fa:2b:1e:d4:d6:
0f:bd:2c:9d:22:aa:8a:86:cc:19:5d:d3:1a:ce:38:6d:59:3d:
e8:49:d9:4a:aa:03:39:9c:87:3a:ac:9a:f0:bd:88:0d:a1:e6:
96:77:d2:9d:31:7e:1e:f1:86:fe:20:96:fc:c7:3a:43:66:ee:
ab:bb:f1:c4:ac:d7:98:d7:fd:9f:2b:6b:ee:7c:31:38:26:46:
5b:3e:4b:8f:36:cd:32:19:b2:b4:c5:a8:1c:64:29:a1:77:5f:
9c:fb:cc:4d:5d:3f:33:d7:f7:5c:cf:cc:29:f6:58:2f:ae:74:
81:c3:bf:01:e8:f5:84:96:b8:19:29:76:68:b9:28:f2:1c:4e:
42:53:01:95:9a:a9:de:fe:28:7a:06:f9:8a:c3:83:b1:9f:d4:
d2:d1:08:ad:a4:3b:f2:93:3a:6c:7e:63:a9:9d:60:c8:b6:e5:
82:25:e5:a5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULrYosh1pwtBQL7hspm6jUTk+jJkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0NGQwNzIzZTNmZWQxYjc4OGIzOTc5ZjE4N2UzOGFjOGE4OTEwYzE1ODA2
OWZjZTM1NWJlNTI3YTVlMzJkMDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKU7o0TkFc+q7vKR8pF+shd231ASuAjLgz9/sFbXKIYFUAJhToz6jKAZBTHn
377i6bBtQBXdSt9iUOyxlURzpj6Fv/WQuJc9QgVyVSnFQRDWJa2FiAnN7d6wLCRq
9bkLmZliB56oelI24uaidKIuRI5C6TJQFJq/Dfs8lFtqsrFtXFVi7kdKRoXJmbd7
TJ/wo3B2FOA/jyAnjopu3ok4dJSF/JQ9oKH7AME9jTrKZcH56ljzONpLOMr4Lykt
mzX/feJZlQeJkFVq7uGxBd5VWHP10q2pUOnpPaESHMGjUPJuC4qr3C+OfTdqycCm
GzSJQOMX7ZrTIJ5rDJ455HzVt4cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR9p3p7
Ry8s4tCaZW+HzyCoXTi5ZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2YzMjQxMTEtNGI5NS00NGQ5LTkzZmEtMjc3OGJkZGE2OWU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DpA
MA0GCSqGSIb3DQEBCwUAA4IBAQCgo4if6xE2rZNma6v1W6x/LuLN1YdEv26wa6Cp
1gaY+LYdqq8OHQljHMIO3Nzy3n5/oUmmuP1PQ2AR6gXN0bGF/zaJN7UtejHidZI+
KrzCUreBaKy++ise1NYPvSydIqqKhswZXdMazjhtWT3oSdlKqgM5nIc6rJrwvYgN
oeaWd9KdMX4e8Yb+IJb8xzpDZu6ru/HErNeY1/2fK2vufDE4JkZbPkuPNs0yGbK0
xagcZCmhd1+c+8xNXT8z1/dcz8wp9lgvrnSBw78B6PWElrgZKXZouSjyHE5CUwGV
mqne/ih6BvmKw4Oxn9TS0QitpDvykzpsfmOpnWDItuWCJeWl
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:58:38 2024 by rpki-client on console-fra.rpki-client.org