Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
File: 408fc879-4db9-446c-bdb3-37bf4ee28c97.roa (raw, json)
Hash identifier: 0ywhuHo6G7tWEN7jc6cMbUfJv4hkaTQH+Dcq8kMXCVc=
Subject key identifier: D1:C9:43:3B:52:E4:73:13:EC:05:F5:46:CF:76:A8:20:94:77:50:7C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 42E537ADA51AE21AD42537B27198C790C71CE5C3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:e5:37:ad:a5:1a:e2:1a:d4:25:37:b2:71:98:c7:90:c7:1c:e5:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=5bd12e881b247ae8f6afcfc4b7505d5ede0703e295e13525944f5338205a6a27, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c0:a3:9a:50:a1:c9:54:e7:ef:1d:37:d9:7d:
57:0d:e2:45:58:14:3a:51:ea:85:85:61:3a:95:5f:
9e:a5:14:b1:ec:8e:a2:05:dd:7d:79:6a:1e:ab:6e:
7b:4d:ee:43:98:c6:28:8f:02:64:e8:d2:2a:b2:7c:
08:5e:06:6a:b9:52:2e:54:a0:87:f9:25:4a:33:9f:
ea:7a:9e:9b:09:f9:f5:f8:03:17:70:a8:56:71:70:
18:16:fd:07:58:8c:63:c1:19:b9:9b:e5:3b:ee:0a:
8d:68:89:30:f7:8c:f5:45:06:19:16:1f:ed:b7:c7:
84:37:b3:ea:67:be:b9:dc:a0:7c:06:f9:c7:dd:af:
a9:6a:89:94:9b:8a:b3:f3:1a:37:cd:ef:b9:a7:7e:
67:9e:20:17:02:f2:fe:c3:ab:b3:ba:a5:f8:aa:1f:
7d:ce:38:b6:4d:77:01:0d:58:e1:5b:cc:d1:65:96:
fa:9c:e0:cc:a4:12:c0:b7:46:b2:d9:76:80:eb:72:
fb:8b:ed:03:85:82:e1:83:87:9a:da:2d:c2:d0:d5:
ad:48:2b:c1:c1:46:a0:2f:24:87:83:42:20:30:b0:
87:10:f6:1d:bf:8c:95:0a:1a:bb:76:2c:a0:42:f1:
52:eb:c1:d1:e6:4d:37:b1:6c:2e:3f:4d:e3:9e:b7:
63:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C9:43:3B:52:E4:73:13:EC:05:F5:46:CF:76:A8:20:94:77:50:7C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:a000::/40
Signature Algorithm: sha256WithRSAEncryption
9e:d0:0e:ad:67:6f:44:06:a2:20:b0:dc:4d:2a:ce:20:ff:ab:
98:43:50:08:4c:d4:ca:a4:8a:14:c2:31:d2:6b:60:ba:47:10:
03:0a:eb:f7:c7:77:b3:53:c5:75:3a:4f:09:32:20:49:c3:9f:
0c:6a:3f:cc:b3:7e:64:f7:02:63:23:7e:17:a2:62:65:12:87:
e6:eb:70:dc:96:68:27:21:cf:b7:f4:a0:59:a5:50:50:e2:62:
df:15:03:35:a1:4e:a5:90:13:1e:3f:5c:aa:e2:70:a9:07:9e:
b6:5c:af:15:58:17:b1:3b:bd:46:02:d2:77:79:76:0b:a0:5b:
10:a6:df:04:ca:21:59:18:f4:31:24:d0:03:b7:84:74:4c:69:
6e:32:aa:8a:31:02:ce:0b:2f:24:a8:6e:ca:d3:d6:ab:d4:a2:
36:86:9b:b5:de:d8:f2:c3:31:9e:63:ea:39:58:2e:ae:61:9a:
2a:a8:57:d1:e9:2a:4a:ab:2d:fe:66:b4:a6:51:69:46:d6:64:
92:1f:10:ff:98:81:43:5b:49:08:4f:65:89:d5:fb:13:68:b5:
e9:27:ca:ad:62:2f:d1:5b:47:97:b2:35:da:c4:bc:35:6c:9b:
e7:03:fc:2d:dc:bc:ca:d8:96:71:67:f7:55:b4:9e:c5:62:7e:
30:73:a2:3c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQuU3raUa4hrUJTeycZjHkMcc5cMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDViZDEyZTg4MWIyNDdhZThmNmFmY2ZjNGI3NTA1ZDVlZGUwNzAzZTI5NWUx
MzUyNTk0NGY1MzM4MjA1YTZhMjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANbAo5pQoclU5+8dN9l9Vw3iRVgUOlHqhYVhOpVfnqUUseyOogXdfXlqHqtu
e03uQ5jGKI8CZOjSKrJ8CF4GarlSLlSgh/klSjOf6nqemwn59fgDF3CoVnFwGBb9
B1iMY8EZuZvlO+4KjWiJMPeM9UUGGRYf7bfHhDez6me+udygfAb5x92vqWqJlJuK
s/MaN83vuad+Z54gFwLy/sOrs7ql+Koffc44tk13AQ1Y4VvM0WWW+pzgzKQSwLdG
stl2gOty+4vtA4WC4YOHmtotwtDVrUgrwcFGoC8kh4NCIDCwhxD2Hb+MlQoau3Ys
oELxUuvB0eZNN7FsLj9N4563Y2sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTRyUM7
UuRzE+wF9UbPdqgglHdQfDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA4ZmM4NzktNGRiOS00NDZjLWJkYjMtMzdiZjRlZTI4Yzk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hqg
MA0GCSqGSIb3DQEBCwUAA4IBAQCe0A6tZ29EBqIgsNxNKs4g/6uYQ1AITNTKpIoU
wjHSa2C6RxADCuv3x3ezU8V1Ok8JMiBJw58Maj/Ms35k9wJjI34XomJlEofm63Dc
lmgnIc+39KBZpVBQ4mLfFQM1oU6lkBMeP1yq4nCpB562XK8VWBexO71GAtJ3eXYL
oFsQpt8EyiFZGPQxJNADt4R0TGluMqqKMQLOCy8kqG7K09ar1KI2hpu13tjywzGe
Y+o5WC6uYZoqqFfR6SpKqy3+ZrSmUWlG1mSSHxD/mIFDW0kIT2WJ1fsTaLXpJ8qt
Yi/RW0eXsjXaxLw1bJvnA/wt3LzK2JZxZ/dVtJ7FYn4wc6I8
-----END CERTIFICATE-----
Generated at Fri Apr 19 01:16:39 2024 by rpki-client on console-fra.rpki-client.org