Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
File: 455a2efe-3411-42cf-a196-73c25845d48c.roa (raw, json)
Hash identifier: jfVU6TvDg3ltLamT5GISrel4PPCdGc5pa5FUQMTt3/U=
Subject key identifier: A9:F4:6D:55:05:79:43:72:29:85:AA:D1:7D:3E:32:8B:D9:10:78:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 66D8C6CB499844DA8FF579DBF0257634ACB82D0C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:d8:c6:cb:49:98:44:da:8f:f5:79:db:f0:25:76:34:ac:b8:2d:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=3dad5dea7d685c00646a49f3edc542f4f89e93ce32e49761ab5f678c1293cfc2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:bc:3f:9f:16:51:82:73:b0:1a:1a:52:69:d5:
1b:f0:41:bd:91:0d:c9:4a:9f:c6:e1:af:dc:7b:79:
84:97:51:82:74:7c:26:45:6d:5c:82:7e:92:7b:3d:
5c:7d:aa:77:53:05:86:23:22:28:fe:9b:65:f8:98:
c2:cf:37:45:8d:4c:c0:60:76:30:92:47:ce:77:dd:
81:7d:21:98:4d:97:c6:62:ba:48:0e:2b:e1:e1:24:
13:b1:77:d3:97:fd:4c:96:e6:5b:49:84:a5:b7:9b:
8f:4a:c1:62:ff:83:42:87:85:86:a2:d9:ce:47:fa:
20:a6:98:19:b9:87:b7:0c:f0:10:e4:8c:37:ee:9a:
64:a0:c1:00:30:cb:c5:68:3c:64:cd:16:32:15:7d:
9b:08:46:fb:c2:56:35:59:7b:c3:b9:96:d4:2f:00:
f2:26:cb:e1:6c:43:be:36:f8:bc:82:c7:eb:91:46:
f6:8d:50:b1:34:1d:9f:93:fd:18:29:14:4e:14:52:
2b:dd:8c:d2:9a:8c:af:48:4f:c5:2b:eb:79:9a:b5:
c7:d5:2e:d0:ad:28:cf:48:8b:8c:12:29:7d:c8:1d:
85:91:61:33:c4:26:19:31:2b:50:ca:08:0d:33:55:
5c:7c:17:c5:6c:33:e1:69:2a:ec:e6:11:17:a0:0b:
e4:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:F4:6D:55:05:79:43:72:29:85:AA:D1:7D:3E:32:8B:D9:10:78:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:2000::/40
Signature Algorithm: sha256WithRSAEncryption
42:d8:c7:63:27:8b:e9:50:7a:f1:28:71:de:0a:e7:d9:4b:e9:
52:0d:a3:0e:19:54:49:d0:53:ec:7c:29:90:6b:c6:8c:50:48:
a2:ef:45:3e:8f:70:9f:de:54:c8:ea:0c:0b:4a:5c:c5:75:be:
0a:78:cb:ea:34:6a:04:5f:00:a3:3c:e0:9f:14:be:07:82:37:
35:39:db:8a:0a:6a:50:da:e4:c7:26:37:35:60:d0:27:cf:e6:
d6:e0:62:25:bf:b0:51:34:ce:40:19:ae:f2:ba:4a:01:f2:c9:
1b:36:c6:49:42:be:c6:ba:1e:a5:da:8f:c4:3f:5d:70:70:5d:
63:0f:22:83:11:0e:7b:41:6f:b2:d3:a9:69:9c:83:fa:3a:68:
fb:03:a2:67:d9:1d:73:70:7d:a4:df:31:e0:4e:40:d5:3b:92:
59:78:e6:70:bb:78:fa:6f:b3:91:b9:e7:ed:c1:8f:d8:cf:19:
b5:82:af:ba:b2:9d:c9:d8:31:4e:c7:22:e1:18:92:92:f4:af:
bc:70:c1:d2:61:af:75:05:db:8e:35:41:92:52:f3:16:08:57:
ea:1a:c9:55:49:cd:83:1c:29:d6:ab:7f:9c:5a:0f:b2:0f:b4:
75:28:b6:23:e9:a6:96:af:03:a9:a6:7c:ea:8b:8d:35:0c:3e:
03:bc:ec:6b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZtjGy0mYRNqP9Xnb8CV2NKy4LQwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkYWQ1ZGVhN2Q2ODVjMDA2NDZhNDlmM2VkYzU0MmY0Zjg5ZTkzY2UzMmU0
OTc2MWFiNWY2NzhjMTI5M2NmYzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO+8P58WUYJzsBoaUmnVG/BBvZENyUqfxuGv3Ht5hJdRgnR8JkVtXIJ+kns9
XH2qd1MFhiMiKP6bZfiYws83RY1MwGB2MJJHznfdgX0hmE2XxmK6SA4r4eEkE7F3
05f9TJbmW0mEpbebj0rBYv+DQoeFhqLZzkf6IKaYGbmHtwzwEOSMN+6aZKDBADDL
xWg8ZM0WMhV9mwhG+8JWNVl7w7mW1C8A8ibL4WxDvjb4vILH65FG9o1QsTQdn5P9
GCkUThRSK92M0pqMr0hPxSvreZq1x9Uu0K0oz0iLjBIpfcgdhZFhM8QmGTErUMoI
DTNVXHwXxWwz4Wkq7OYRF6AL5G8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSp9G1V
BXlDcimFqtF9PjKL2RB4eTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDU1YTJlZmUtMzQxMS00MmNmLWExOTYtNzNjMjU4NDVkNDhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fgg
MA0GCSqGSIb3DQEBCwUAA4IBAQBC2MdjJ4vpUHrxKHHeCufZS+lSDaMOGVRJ0FPs
fCmQa8aMUEii70U+j3Cf3lTI6gwLSlzFdb4KeMvqNGoEXwCjPOCfFL4Hgjc1OduK
CmpQ2uTHJjc1YNAnz+bW4GIlv7BRNM5AGa7yukoB8skbNsZJQr7Guh6l2o/EP11w
cF1jDyKDEQ57QW+y06lpnIP6Omj7A6Jn2R1zcH2k3zHgTkDVO5JZeOZwu3j6b7OR
ueftwY/Yzxm1gq+6sp3J2DFOxyLhGJKS9K+8cMHSYa91BduONUGSUvMWCFfqGslV
Sc2DHCnWq3+cWg+yD7R1KLYj6aaWrwOppnzqi401DD4DvOxr
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:32 2024 by rpki-client on console-ams.rpki-client.org