Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
File: 4aa6172c-f263-4645-8d7a-40a15aee233f.roa (raw, json)
Hash identifier: 2tnTS1UhLsWIVp693UKrYPwoNDU9BvIYXid+NDF7tK4=
Subject key identifier: B2:33:67:9F:A9:27:06:D7:58:1D:57:4F:89:EB:29:76:FC:B8:03:0B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 43A8655B5882C90C2394246BB389EBE326718870
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:a8:65:5b:58:82:c9:0c:23:94:24:6b:b3:89:eb:e3:26:71:88:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=66f781a5080c924e995f927c9dace2475e55d7910f52fff4beef7486810b3e3b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:78:c2:87:19:de:94:a3:d9:51:e8:97:ff:4b:
b8:05:06:c3:13:e7:8d:05:65:62:46:47:1f:29:e7:
ff:5b:ef:97:27:3d:56:e0:42:5b:24:38:ed:01:10:
b5:a7:2b:3e:64:92:ba:38:d1:80:fa:f5:a1:74:f2:
c1:15:05:51:0e:06:cd:af:56:68:f2:5f:8f:81:fc:
33:20:4d:66:68:6c:2e:51:b4:bb:fc:d8:91:20:48:
5c:b2:45:9b:d2:e9:91:bc:4b:34:e4:37:b8:ee:e3:
ff:87:4b:30:bf:64:4d:45:1b:b4:f7:b0:cd:14:54:
75:36:1c:40:aa:af:b6:4f:d4:b8:f6:20:68:84:82:
86:d9:c9:e7:15:b7:92:9d:3b:18:28:b0:0b:1c:b2:
11:f9:00:78:42:14:9b:15:84:b5:f6:d1:9e:de:5b:
fb:24:bd:3e:25:80:cc:65:9a:f6:35:8f:7d:7e:4a:
12:93:18:36:79:ab:b0:47:12:25:3e:fa:92:5c:b1:
74:9c:b7:01:4e:dc:93:5c:86:42:50:e6:c8:ff:90:
27:83:8c:08:46:bc:bc:36:52:8a:0f:e7:d6:8c:12:
87:5b:99:69:0c:f1:a4:bc:1b:8e:88:11:0e:65:91:
b1:b6:7c:f7:5c:a6:ce:6b:5b:b4:40:47:e0:c3:81:
6e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:33:67:9F:A9:27:06:D7:58:1D:57:4F:89:EB:29:76:FC:B8:03:0B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:8000::/40
Signature Algorithm: sha256WithRSAEncryption
78:28:5e:6d:17:b0:95:13:57:0a:d1:e9:d8:c6:e1:6a:17:69:
b8:11:6d:9c:f5:c8:37:2e:f4:9b:b6:47:24:43:c5:bf:e2:2d:
5d:72:cd:7b:18:98:0b:2a:4a:53:8c:1b:04:25:2c:42:b1:fd:
a7:c3:4e:ad:cb:15:32:18:71:93:e2:8d:56:ba:02:ce:e2:62:
b2:15:a1:98:d6:7f:bb:52:23:f0:b3:5b:0d:da:9d:72:97:21:
8b:d6:25:5c:38:19:51:1a:0b:73:5b:a4:5f:c8:6a:a5:e6:9f:
d5:99:f4:7d:71:ec:1e:3d:26:06:98:ec:fb:5a:c9:26:0f:19:
bc:31:1f:77:97:ba:db:31:85:13:56:d8:8a:b7:82:1b:21:4b:
78:22:cf:a2:52:7b:04:3b:fd:f9:c4:86:74:9b:b5:ee:eb:5f:
7b:d4:a1:ec:e7:d1:ca:fc:48:68:4d:b9:82:cb:1f:64:68:77:
a3:26:38:c2:77:11:b5:82:f4:b1:18:63:3a:34:8a:eb:a1:f4:
b4:2b:1e:b8:48:5a:2e:fe:ed:53:7e:6b:60:3a:d2:0b:2d:2a:
21:70:89:71:7e:f7:37:f3:fe:8a:87:3a:94:8d:ae:ea:f2:05:
75:13:6b:63:89:e7:09:35:07:03:a8:dc:de:7c:51:e7:d3:46:
20:4d:4c:b3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQ6hlW1iCyQwjlCRrs4nr4yZxiHAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2Zjc4MWE1MDgwYzkyNGU5OTVmOTI3YzlkYWNlMjQ3NWU1NWQ3OTEwZjUy
ZmZmNGJlZWY3NDg2ODEwYjNlM2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJh4wocZ3pSj2VHol/9LuAUGwxPnjQVlYkZHHynn/1vvlyc9VuBCWyQ47QEQ
tacrPmSSujjRgPr1oXTywRUFUQ4Gza9WaPJfj4H8MyBNZmhsLlG0u/zYkSBIXLJF
m9LpkbxLNOQ3uO7j/4dLML9kTUUbtPewzRRUdTYcQKqvtk/UuPYgaISChtnJ5xW3
kp07GCiwCxyyEfkAeEIUmxWEtfbRnt5b+yS9PiWAzGWa9jWPfX5KEpMYNnmrsEcS
JT76klyxdJy3AU7ck1yGQlDmyP+QJ4OMCEa8vDZSig/n1owSh1uZaQzxpLwbjogR
DmWRsbZ891ymzmtbtEBH4MOBbi0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSyM2ef
qScG11gdV0+J6yl2/LgDCzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFhNjE3MmMtZjI2My00NjQ1LThkN2EtNDBhMTVhZWUyMzNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGA
MA0GCSqGSIb3DQEBCwUAA4IBAQB4KF5tF7CVE1cK0enYxuFqF2m4EW2c9cg3LvSb
tkckQ8W/4i1dcs17GJgLKkpTjBsEJSxCsf2nw06tyxUyGHGT4o1WugLO4mKyFaGY
1n+7UiPws1sN2p1ylyGL1iVcOBlRGgtzW6RfyGql5p/VmfR9cewePSYGmOz7Wskm
Dxm8MR93l7rbMYUTVtiKt4IbIUt4Is+iUnsEO/35xIZ0m7Xu61971KHs59HK/Eho
TbmCyx9kaHejJjjCdxG1gvSxGGM6NIrrofS0Kx64SFou/u1TfmtgOtILLSohcIlx
fvc38/6KhzqUja7q8gV1E2tjiecJNQcDqNzefFHn00YgTUyz
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:31 2024 by rpki-client on console-fra.rpki-client.org