Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f6e3ef9-620e-492b-a475-8d26fd8e0020.roa
File: 3f6e3ef9-620e-492b-a475-8d26fd8e0020.roa (raw, json)
Hash identifier: PWJanfh7whz3BZXQnL4MAe3//uRJQNtrHahDdfr3PPo=
Subject key identifier: CB:D5:C7:16:52:A3:BE:85:9A:55:F5:8E:61:2F:42:3B:39:DA:25:3D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 01E7BED1F1C5588C055D66649E88F19F5B2FCB7B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f6e3ef9-620e-492b-a475-8d26fd8e0020.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:e7:be:d1:f1:c5:58:8c:05:5d:66:64:9e:88:f1:9f:5b:2f:cb:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=b906292e1d377dd474ed8d5ed2b3efb4edd758f2d03c67f75a314bf45e232016, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ee:17:11:59:1c:d8:99:ad:8a:0d:ba:43:11:
5d:1b:3f:21:0f:71:92:2d:08:34:e9:30:25:ea:52:
e3:85:ec:a8:c8:50:04:dc:f9:31:fb:a6:b6:c6:89:
b0:a6:55:ec:fd:3c:59:5a:5f:a9:ee:96:4c:95:9b:
b5:de:8d:d1:ed:96:a1:d4:40:8d:9f:7c:5b:f2:e7:
81:c3:62:7e:66:af:ac:a7:8c:fa:f3:06:69:a6:bd:
cb:77:2f:fd:8e:2f:7c:a7:6d:89:ea:48:87:a8:ae:
c0:fc:c3:bb:1a:28:6a:29:60:e1:87:5e:f9:88:4d:
4e:39:06:07:76:19:0b:b0:ac:7e:91:ea:6d:5e:8b:
d4:29:bb:6e:33:af:ef:3b:ab:e0:d6:15:c8:d4:2c:
c7:fd:7f:c2:50:79:94:25:95:90:f8:3f:f3:07:79:
2b:88:d3:8f:7a:ef:5d:30:41:3e:44:c8:8a:c0:29:
9c:06:d6:b8:98:07:64:96:d8:ef:f9:d5:8a:c5:a3:
3e:71:59:72:55:b7:be:55:9b:4d:90:5d:9b:3e:74:
09:f7:af:b7:85:bb:5f:db:03:23:df:5a:90:70:3c:
38:bd:4b:fa:e2:0e:e5:cb:7d:0c:ca:df:fd:c4:0f:
48:5c:ed:fb:7d:4b:d6:7c:ed:b7:dc:5a:10:1c:3d:
6f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:D5:C7:16:52:A3:BE:85:9A:55:F5:8E:61:2F:42:3B:39:DA:25:3D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f6e3ef9-620e-492b-a475-8d26fd8e0020.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016::/36
Signature Algorithm: sha256WithRSAEncryption
c5:99:9d:52:d9:fd:8b:48:f4:3d:4c:b6:e1:f4:d7:a6:d3:e3:
3b:a5:0e:6f:43:be:2b:38:3a:6c:49:05:54:16:4f:b7:a6:34:
2a:95:0a:15:e6:a3:5b:79:f9:87:38:71:89:76:97:22:2a:ad:
6f:23:71:2b:1f:83:f7:c2:81:c0:fd:f2:d7:ad:3f:cd:ca:b5:
53:ee:1c:a2:93:0d:41:88:85:69:a0:6f:9e:03:37:32:85:99:
cd:5c:8d:41:26:b6:20:cf:a5:97:37:8c:8a:f5:74:26:09:68:
5f:09:7b:3d:34:ad:22:1e:2d:67:00:f8:e9:77:7e:b0:5b:84:
b7:d5:93:db:e0:46:e3:ac:10:56:cc:35:2a:39:5c:0d:34:7a:
d8:cb:d0:56:1d:4c:98:9e:25:89:6e:c1:33:83:44:f3:26:76:
77:94:6b:af:64:5c:6a:7a:1e:3b:ae:32:ee:8b:15:3f:51:99:
95:33:cd:10:ae:6c:64:a6:31:b9:98:ce:d4:7b:d0:5f:01:f0:
f5:61:9c:4f:c1:e7:77:a6:f2:5f:5c:e5:d5:ae:90:45:86:3f:
2f:63:fd:de:65:9b:1b:5c:db:17:ed:91:9e:3e:1d:4e:21:81:
08:bb:5e:04:f8:6b:8b:e4:b5:41:b9:61:64:b6:40:0e:0f:61:
f1:3d:8f:60
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAee+0fHFWIwFXWZknojxn1svy3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5MDYyOTJlMWQzNzdkZDQ3NGVkOGQ1ZWQyYjNlZmI0ZWRkNzU4ZjJkMDNj
NjdmNzVhMzE0YmY0NWUyMzIwMTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJzuFxFZHNiZrYoNukMRXRs/IQ9xki0INOkwJepS44XsqMhQBNz5MfumtsaJ
sKZV7P08WVpfqe6WTJWbtd6N0e2WodRAjZ98W/LngcNifmavrKeM+vMGaaa9y3cv
/Y4vfKdtiepIh6iuwPzDuxooailg4Yde+YhNTjkGB3YZC7CsfpHqbV6L1Cm7bjOv
7zur4NYVyNQsx/1/wlB5lCWVkPg/8wd5K4jTj3rvXTBBPkTIisApnAbWuJgHZJbY
7/nVisWjPnFZclW3vlWbTZBdmz50Cfevt4W7X9sDI99akHA8OL1L+uIO5ct9DMrf
/cQPSFzt+31L1nztt9xaEBw9b48CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTL1ccW
UqO+hZpV9Y5hL0I7OdolPTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Y2ZTNlZjktNjIwZS00OTJiLWE0NzUtOGQyNmZkOGUwMDIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BYA
MA0GCSqGSIb3DQEBCwUAA4IBAQDFmZ1S2f2LSPQ9TLbh9Nem0+M7pQ5vQ74rODps
SQVUFk+3pjQqlQoV5qNbefmHOHGJdpciKq1vI3ErH4P3woHA/fLXrT/NyrVT7hyi
kw1BiIVpoG+eAzcyhZnNXI1BJrYgz6WXN4yK9XQmCWhfCXs9NK0iHi1nAPjpd36w
W4S31ZPb4EbjrBBWzDUqOVwNNHrYy9BWHUyYniWJbsEzg0TzJnZ3lGuvZFxqeh47
rjLuixU/UZmVM80QrmxkpjG5mM7Ue9BfAfD1YZxPwed3pvJfXOXVrpBFhj8vY/3e
ZZsbXNsX7ZGePh1OIYEIu14E+GuL5LVBuWFktkAOD2HxPY9g
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:31 2024 by rpki-client on console-fra.rpki-client.org