Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/49b19e17-33c9-4e75-a18a-4f52ec8835fb.roa
File: 49b19e17-33c9-4e75-a18a-4f52ec8835fb.roa (raw, json)
Hash identifier: evHTugfi23hiUuGc73B/cTb62aOgERVEE2B77AQCuIY=
Subject key identifier: EF:AD:B4:5D:B8:A0:34:43:D1:44:3F:CE:D1:3F:9B:03:84:5E:74:50
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 680BDBE9BF9DF5DAAD01247487037D13B0F9668B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/49b19e17-33c9-4e75-a18a-4f52ec8835fb.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:0b:db:e9:bf:9d:f5:da:ad:01:24:74:87:03:7d:13:b0:f9:66:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=0cc153b29b530329e051a3a7b39368a8e5d301828d95b5a385412681ea058443, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7a:b9:4a:f5:84:67:64:42:dc:3c:ee:d0:5a:
16:79:b3:ef:37:bf:bf:5a:dc:37:de:00:fc:1f:c3:
1a:af:2b:95:35:6c:5b:44:b6:1c:c9:ec:45:8f:ef:
0e:41:59:46:fd:be:c2:7e:ee:15:20:af:8e:20:1b:
db:57:70:21:66:08:9e:ae:ac:a3:6d:c2:dd:34:59:
e0:3f:95:eb:75:ca:a1:38:f7:10:05:bc:7d:b2:e8:
de:56:50:bc:b4:48:c9:8d:d0:9f:78:db:10:6e:6c:
62:37:b2:11:72:0c:0f:27:72:b4:e6:bf:b3:c7:df:
5a:98:5e:0b:3a:86:8d:f7:28:04:59:27:98:f6:02:
7b:ae:97:ee:2a:6f:99:42:61:45:b6:0f:dd:69:52:
9e:29:e8:5f:03:59:6c:2e:37:6e:4d:30:e4:88:56:
70:4f:69:6d:aa:29:b5:f5:a1:50:e4:fc:8e:12:9e:
47:0d:8e:85:e9:20:fb:dd:62:c9:cc:09:22:50:b3:
12:01:0d:49:21:cc:39:9f:15:c6:45:54:aa:ea:67:
48:6c:86:d0:15:10:c0:11:d2:20:22:87:b7:e2:67:
51:98:6f:a1:fc:c9:5c:c1:25:01:ca:20:83:21:b4:
4d:c0:b9:6e:df:b1:3d:67:85:e2:fa:21:dc:02:5f:
49:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:AD:B4:5D:B8:A0:34:43:D1:44:3F:CE:D1:3F:9B:03:84:5E:74:50
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/49b19e17-33c9-4e75-a18a-4f52ec8835fb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c:b000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:6c:8e:bc:9d:7d:72:5d:23:df:57:f4:d4:dd:22:ea:cb:98:
6d:cf:8f:f0:59:f8:44:55:f3:33:6f:80:93:e0:99:57:dc:2d:
3e:1e:d5:1b:14:50:0f:ad:4d:17:60:0a:e8:c5:95:7c:5b:0a:
c9:28:f5:6e:a3:0c:e9:24:a1:e5:98:2c:84:e0:d4:cb:7d:18:
4b:90:df:64:fe:40:76:79:4d:16:4e:16:70:62:0a:54:b8:dc:
d8:67:c9:c3:dc:99:26:37:41:b4:5e:6e:62:be:bb:1c:da:49:
5f:9f:77:98:bb:20:b7:ae:91:9d:cd:94:93:72:c9:5d:2e:b0:
62:6f:2f:b2:fc:12:01:80:d9:b4:2e:77:da:a3:21:e1:f1:6d:
2e:d5:49:92:df:8a:61:42:a8:97:71:0b:98:70:d6:89:2a:31:
24:89:af:a4:2e:ee:b2:86:8b:37:3f:8a:60:52:8d:ee:ae:05:
8f:11:5c:95:d7:9b:d2:23:ee:88:68:c4:bf:a9:d1:6c:88:3c:
5d:3b:8b:93:9b:73:73:10:21:6b:44:32:95:42:cf:52:79:34:
19:dd:d8:7e:9f:c3:b7:46:39:fe:42:48:67:bc:ab:10:c4:37:
19:3b:3d:d4:f1:05:4a:17:18:95:18:d3:d2:aa:bc:bc:43:d8:
47:3e:85:ee
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaAvb6b+d9dqtASR0hwN9E7D5ZoswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjYzE1M2IyOWI1MzAzMjllMDUxYTNhN2IzOTM2OGE4ZTVkMzAxODI4ZDk1
YjVhMzg1NDEyNjgxZWEwNTg0NDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZ6uUr1hGdkQtw87tBaFnmz7ze/v1rcN94A/B/DGq8rlTVsW0S2HMnsRY/v
DkFZRv2+wn7uFSCvjiAb21dwIWYInq6so23C3TRZ4D+V63XKoTj3EAW8fbLo3lZQ
vLRIyY3Qn3jbEG5sYjeyEXIMDydytOa/s8ffWpheCzqGjfcoBFknmPYCe66X7ipv
mUJhRbYP3WlSninoXwNZbC43bk0w5IhWcE9pbaoptfWhUOT8jhKeRw2Ohekg+91i
ycwJIlCzEgENSSHMOZ8VxkVUqupnSGyG0BUQwBHSICKHt+JnUZhvofzJXMElAcog
gyG0TcC5bt+xPWeF4voh3AJfSXkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTvrbRd
uKA0Q9FEP87RP5sDhF50UDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDliMTllMTctMzNjOS00ZTc1LWExOGEtNGY1MmVjODgzNWZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hyw
MA0GCSqGSIb3DQEBCwUAA4IBAQDBbI68nX1yXSPfV/TU3SLqy5htz4/wWfhEVfMz
b4CT4JlX3C0+HtUbFFAPrU0XYAroxZV8WwrJKPVuowzpJKHlmCyE4NTLfRhLkN9k
/kB2eU0WThZwYgpUuNzYZ8nD3JkmN0G0Xm5ivrsc2klfn3eYuyC3rpGdzZSTcsld
LrBiby+y/BIBgNm0LnfaoyHh8W0u1UmS34phQqiXcQuYcNaJKjEkia+kLu6yhos3
P4pgUo3urgWPEVyV15vSI+6IaMS/qdFsiDxdO4uTm3NzECFrRDKVQs9SeTQZ3dh+
n8O3Rjn+QkhnvKsQxDcZOz3U8QVKFxiVGNPSqry8Q9hHPoXu
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:31 2024 by rpki-client on console-fra.rpki-client.org