Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
File: 408fc879-4db9-446c-bdb3-37bf4ee28c97.roa (raw, json)
Hash identifier: E5ThBe8qfP6AIAIAXjv8dDfoS5arsi0y5gOLmTgectM=
Subject key identifier: C8:8F:F6:72:4A:77:F7:3B:7F:0E:CE:BE:05:29:C8:97:73:04:C3:F9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C09F39D684278598134126A97412054E334E384
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:09:f3:9d:68:42:78:59:81:34:12:6a:97:41:20:54:e3:34:e3:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=69d6071742f550e67f5c402b3bc837363d0e380ed6fb3fa45030d6a1d5551eea, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:c0:c6:50:ce:99:d1:44:1b:50:a4:94:2c:ca:
d9:64:39:7d:ed:cb:d4:5a:81:db:e7:ac:33:2d:5b:
78:fd:96:df:da:46:4d:9a:6a:47:61:03:d9:95:78:
1d:73:c5:d7:da:87:6f:e3:1d:6c:f4:69:97:59:db:
4d:30:b4:ba:9b:d7:85:34:72:c9:87:51:65:43:b8:
db:4a:2f:8d:de:d7:ab:bd:27:ab:b0:12:58:2c:2b:
d8:91:3e:b0:d0:01:d3:29:3c:62:31:1d:23:3f:b3:
4d:1d:be:ae:3c:7c:30:63:d2:d7:52:06:0d:c4:79:
7a:48:de:a1:c9:55:18:1e:4c:09:7d:de:0a:64:4d:
b5:7b:cd:c5:e6:38:2e:e1:48:b6:1b:b1:f5:ac:c7:
22:b1:97:bb:f4:84:45:22:df:00:e6:f8:e3:4a:bc:
72:25:ac:44:eb:9c:c8:bb:d1:49:2a:e1:60:1d:ec:
24:19:77:47:2f:4e:cf:ba:f2:21:69:35:db:3d:9f:
02:a4:4a:54:9d:c1:0a:aa:f4:4d:48:26:ab:45:51:
e1:24:a2:a3:cb:b2:41:ba:9d:d7:6c:33:ee:3d:c3:
90:9e:7d:f4:52:97:c1:7d:f4:1f:5d:40:89:97:07:
5a:f3:a9:59:ca:13:d4:d2:2b:bb:f2:09:82:56:13:
50:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:8F:F6:72:4A:77:F7:3B:7F:0E:CE:BE:05:29:C8:97:73:04:C3:F9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:a000::/40
Signature Algorithm: sha256WithRSAEncryption
9d:90:08:4f:73:4f:26:52:4e:c1:d1:0a:56:e3:b6:04:9a:be:
f5:ac:b5:85:25:42:32:83:29:3f:d2:88:fd:e1:b1:a1:97:6b:
3e:70:e3:1d:b6:f6:33:e9:3f:8a:00:46:ea:0f:f3:b3:0b:a7:
dd:b3:21:39:fe:32:5e:cb:e1:1f:e9:34:1d:9b:f1:5b:01:eb:
00:81:df:e7:91:e1:d4:e8:27:9c:95:93:a2:4a:de:d5:e1:db:
77:3b:06:1b:1d:6f:fc:f5:42:d8:a6:c1:1a:19:f7:67:e0:ef:
32:e0:31:9c:26:bf:db:f5:24:7e:73:77:73:99:ed:da:3f:bf:
4e:2b:80:00:e6:4d:79:49:c2:00:35:85:15:2a:40:a9:2c:f9:
97:18:a1:7d:b9:80:78:c0:54:92:0c:a7:00:ce:8f:5b:10:3e:
bd:b5:ae:c7:3e:7a:bb:03:f9:e9:5c:d0:48:37:57:61:68:39:
42:63:01:d5:88:e2:30:69:59:75:a7:7a:d7:d2:b9:a2:2f:a0:
ae:d7:39:13:d8:24:db:90:26:fc:30:74:48:85:bd:bd:fa:72:
8b:c4:20:45:26:a0:85:d9:2f:a0:66:96:82:6c:08:10:e3:34:
1d:70:db:33:08:c7:e7:6f:1a:0e:46:57:98:db:7e:39:6d:9f:
86:55:0e:aa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXAnznWhCeFmBNBJql0EgVOM044QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5ZDYwNzE3NDJmNTUwZTY3ZjVjNDAyYjNiYzgzNzM2M2QwZTM4MGVkNmZi
M2ZhNDUwMzBkNmExZDU1NTFlZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOzAxlDOmdFEG1CklCzK2WQ5fe3L1FqB2+esMy1beP2W39pGTZpqR2ED2ZV4
HXPF19qHb+MdbPRpl1nbTTC0upvXhTRyyYdRZUO420ovjd7Xq70nq7ASWCwr2JE+
sNAB0yk8YjEdIz+zTR2+rjx8MGPS11IGDcR5ekjeoclVGB5MCX3eCmRNtXvNxeY4
LuFIthux9azHIrGXu/SERSLfAOb440q8ciWsROucyLvRSSrhYB3sJBl3Ry9Oz7ry
IWk12z2fAqRKVJ3BCqr0TUgmq0VR4SSio8uyQbqd12wz7j3DkJ599FKXwX30H11A
iZcHWvOpWcoT1NIru/IJglYTUNcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTIj/Zy
Snf3O38Ozr4FKciXcwTD+TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA4ZmM4NzktNGRiOS00NDZjLWJkYjMtMzdiZjRlZTI4Yzk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hqg
MA0GCSqGSIb3DQEBCwUAA4IBAQCdkAhPc08mUk7B0QpW47YEmr71rLWFJUIygyk/
0oj94bGhl2s+cOMdtvYz6T+KAEbqD/OzC6fdsyE5/jJey+Ef6TQdm/FbAesAgd/n
keHU6CeclZOiSt7V4dt3OwYbHW/89ULYpsEaGfdn4O8y4DGcJr/b9SR+c3dzme3a
P79OK4AA5k15ScIANYUVKkCpLPmXGKF9uYB4wFSSDKcAzo9bED69ta7HPnq7A/np
XNBIN1dhaDlCYwHViOIwaVl1p3rX0rmiL6Cu1zkT2CTbkCb8MHRIhb29+nKLxCBF
JqCF2S+gZpaCbAgQ4zQdcNszCMfnbxoORleY2345bZ+GVQ6q
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:31 2024 by rpki-client on console-fra.rpki-client.org