Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
File: 4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa (raw, json)
Hash identifier: /hut4BeGEpG1NUZf1i4TNuqPMBxsXXo3jvPf6i07aGM=
Subject key identifier: A0:0C:44:7F:4B:0F:75:36:4F:B8:0E:40:08:49:4C:34:D2:B6:CD:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 75421755BEC0E3DBB9CDDB05AD4C7892B94EF8BE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:42:17:55:be:c0:e3:db:b9:cd:db:05:ad:4c:78:92:b9:4e:f8:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=7e900830d888716fbcf46d8730f57e1de17a21551c5acf663244ecbc3cfe3ea0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:cf:b1:14:91:16:da:43:84:76:d1:b7:af:cd:
aa:40:83:c5:2a:76:ab:88:2c:b4:72:f0:a8:82:f6:
b8:fd:24:92:d9:d2:57:25:af:0f:3f:34:49:0b:20:
7a:4f:b5:cc:93:20:a7:03:9d:8f:87:c0:74:32:3a:
b8:fb:26:85:63:55:84:38:60:cb:6e:bc:b5:0d:41:
2c:42:2f:4c:36:b5:28:e6:dc:fa:33:ad:f6:7d:b1:
88:41:6f:fb:63:35:b7:67:bb:91:b3:cd:a7:a0:82:
df:bc:08:57:00:fb:b1:dd:58:a6:69:26:ba:bc:0e:
a7:a8:a4:17:36:f6:e5:b4:09:33:e1:a5:dd:4f:79:
f6:f5:7c:af:44:41:5b:ca:a3:76:f8:68:0b:54:90:
05:9a:cb:9e:72:89:41:b9:49:4a:a4:fb:11:c5:5b:
68:6b:67:19:b4:85:3b:1b:ad:17:d2:2c:95:40:fd:
2d:fd:63:97:1b:2c:28:58:31:37:1e:ac:3e:9b:a9:
5b:90:7c:13:9e:d1:71:e5:97:e5:34:eb:0d:26:47:
4c:f7:ac:09:d2:62:4f:4e:8c:14:30:3e:17:92:1c:
93:98:af:3a:5c:92:cf:cb:85:69:92:b1:c1:48:49:
0c:58:13:99:d6:e1:5c:a7:22:6b:f6:10:4c:b6:96:
6e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:0C:44:7F:4B:0F:75:36:4F:B8:0E:40:08:49:4C:34:D2:B6:CD:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:c000::/40
Signature Algorithm: sha256WithRSAEncryption
75:c2:67:15:9c:fa:45:81:b3:67:b2:12:30:88:70:a7:ab:3c:
05:bd:47:4b:5c:cd:57:f1:3c:4e:c6:13:24:8f:f9:16:2e:1d:
66:f6:de:b3:48:cf:0c:90:5a:74:e6:27:e2:96:32:22:16:1c:
43:63:ae:01:53:ec:11:66:47:42:41:60:e3:a2:02:65:93:39:
0d:49:d1:d3:1d:63:a4:65:bd:fd:9b:ec:24:24:75:9a:e9:df:
e8:62:f9:bb:50:1f:18:ea:a9:bf:81:4a:14:b8:ab:cb:d3:07:
98:dc:61:c9:03:9a:c3:f4:b3:a4:4c:63:4e:f7:aa:3d:99:81:
f3:ba:86:53:54:74:61:6a:91:6c:12:7e:80:df:b0:1d:7e:e7:
3e:69:30:f5:41:5f:7a:0b:8d:c3:0f:db:76:50:88:50:5d:2f:
92:dc:af:5b:29:af:96:9e:66:41:13:f1:45:04:a6:59:32:2c:
42:bf:23:9d:b3:0a:d5:34:15:99:e1:d0:fe:b3:f0:74:8e:1f:
7c:9f:3b:f6:6f:3c:86:51:f0:d5:7b:44:68:e2:24:ae:58:6d:
df:2a:99:83:b7:28:2d:69:62:89:3b:32:6e:c7:93:6d:7e:bd:
b2:75:d6:b5:75:ef:8e:c1:92:c1:6e:7b:e1:83:95:c1:c3:4a:
5c:b7:df:87
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdUIXVb7A49u5zdsFrUx4krlO+L4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlOTAwODMwZDg4ODcxNmZiY2Y0NmQ4NzMwZjU3ZTFkZTE3YTIxNTUxYzVh
Y2Y2NjMyNDRlY2JjM2NmZTNlYTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLPsRSRFtpDhHbRt6/NqkCDxSp2q4gstHLwqIL2uP0kktnSVyWvDz80SQsg
ek+1zJMgpwOdj4fAdDI6uPsmhWNVhDhgy268tQ1BLEIvTDa1KObc+jOt9n2xiEFv
+2M1t2e7kbPNp6CC37wIVwD7sd1YpmkmurwOp6ikFzb25bQJM+Gl3U959vV8r0RB
W8qjdvhoC1SQBZrLnnKJQblJSqT7EcVbaGtnGbSFOxutF9IslUD9Lf1jlxssKFgx
Nx6sPpupW5B8E57RceWX5TTrDSZHTPesCdJiT06MFDA+F5Ick5ivOlySz8uFaZKx
wUhJDFgTmdbhXKcia/YQTLaWbgECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSgDER/
Sw91Nk+4DkAISUw00rbNrjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFkNGIxZDUtMTczZS00YzEzLTgwMzItYWIyZGQxZmFmZWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FDA
MA0GCSqGSIb3DQEBCwUAA4IBAQB1wmcVnPpFgbNnshIwiHCnqzwFvUdLXM1X8TxO
xhMkj/kWLh1m9t6zSM8MkFp05ifiljIiFhxDY64BU+wRZkdCQWDjogJlkzkNSdHT
HWOkZb39m+wkJHWa6d/oYvm7UB8Y6qm/gUoUuKvL0weY3GHJA5rD9LOkTGNO96o9
mYHzuoZTVHRhapFsEn6A37Adfuc+aTD1QV96C43DD9t2UIhQXS+S3K9bKa+WnmZB
E/FFBKZZMixCvyOdswrVNBWZ4dD+s/B0jh98nzv2bzyGUfDVe0Ro4iSuWG3fKpmD
tygtaWKJOzJux5Ntfr2ydda1de+OwZLBbnvhg5XBw0pct9+H
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:44 2024 by rpki-client on console-ams.rpki-client.org