Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b3ff608-6c53-42b9-811d-968096b30ae5.roa
File: 4b3ff608-6c53-42b9-811d-968096b30ae5.roa (raw, json)
Hash identifier: FiDrUMrlPnDc2EVq82E1PoV7rggVUoaV7q1u+2fdqxQ=
Subject key identifier: 72:9C:98:73:A6:9C:0F:72:34:39:B4:4A:AF:0A:51:16:DA:37:46:AC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6B9D1A9424DDE1E620178DAA7E64777AE86C72FC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b3ff608-6c53-42b9-811d-968096b30ae5.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:9d:1a:94:24:dd:e1:e6:20:17:8d:aa:7e:64:77:7a:e8:6c:72:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=1a8d3531b0b2fc799c8271d178bc8aee33af45a569ada23de0fab5c2c25b36ef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:4f:48:ac:f6:c6:28:4d:c8:c5:d7:9c:f3:66:
5e:2c:03:a1:13:72:a1:eb:87:5b:ed:89:ae:b7:0d:
fb:f0:8f:bf:2b:a1:4c:42:4f:89:a6:06:ac:8e:22:
d2:18:39:79:0a:d0:05:5a:81:cc:08:16:8f:30:44:
7f:0a:a8:ce:da:bd:57:23:3b:78:7d:5e:94:48:29:
04:40:1b:a1:76:b2:7b:7f:a4:60:fe:f5:00:1f:23:
be:24:2b:47:bb:17:0d:62:27:14:65:f3:22:91:11:
2b:45:65:f6:80:c7:f4:ae:03:f6:a4:88:9d:8c:8d:
73:0b:3f:6f:87:6e:f1:87:9a:6c:59:14:63:d6:40:
db:11:53:33:6f:2c:6a:8a:5f:8b:01:63:61:93:52:
f9:ae:0e:51:60:dc:b0:89:83:08:e5:13:24:32:17:
7c:3a:61:45:5e:58:c2:7c:e7:cf:39:61:94:31:b7:
32:2f:a4:e1:8e:e1:c1:37:b4:4e:55:ce:bd:ae:b5:
81:3f:af:f2:9e:8c:1d:00:da:8f:99:aa:17:85:6f:
cd:4d:65:b9:cb:59:2d:d5:23:20:89:43:f0:61:f8:
e0:63:da:b1:a8:e6:5e:b9:7c:36:ef:74:33:96:d9:
26:8c:79:37:14:cd:cb:e5:4b:55:d1:0e:1d:f2:5a:
78:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:9C:98:73:A6:9C:0F:72:34:39:B4:4A:AF:0A:51:16:DA:37:46:AC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b3ff608-6c53-42b9-811d-968096b30ae5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:e000::/40
Signature Algorithm: sha256WithRSAEncryption
84:eb:94:94:2e:75:c6:3b:6e:c7:43:9c:e6:a3:e4:8a:ac:b0:
37:77:e5:85:c5:8a:4c:f5:64:14:9d:40:da:b3:e1:20:7b:9d:
d7:73:dc:a0:fe:ee:b8:86:26:61:d4:32:cc:36:21:40:54:ef:
20:54:95:e4:a4:01:0b:5a:80:cb:6b:9c:7b:2e:e6:99:83:a2:
4f:20:75:5b:69:38:bf:4d:60:22:7e:25:0e:7a:d7:ef:a8:69:
ab:8d:c1:92:a5:9a:c0:06:80:fc:fd:60:41:45:f2:51:17:b3:
78:9c:99:c4:73:0c:0f:2e:2b:44:b3:d2:08:e4:6f:5f:9b:43:
11:d4:7d:65:17:74:2f:31:a7:47:21:8f:42:2a:b2:bc:da:f5:
ac:a3:b5:e1:ac:e0:0c:04:f9:3a:2e:25:f1:3f:d5:c4:57:e2:
c4:9f:a2:65:f9:7e:ee:6a:5f:11:bb:6f:e5:d7:41:b3:dd:56:
32:52:b0:d1:3a:a0:2d:ba:df:e5:65:1a:bc:6b:52:15:57:1d:
09:22:70:09:c7:cd:f1:ec:4d:7e:28:cc:35:3b:cf:2c:ee:0e:
cf:d0:26:c9:fb:19:6f:14:38:73:d9:df:a1:86:1d:73:5d:d9:
47:e6:07:88:e0:ad:63:b7:f9:bb:4b:4e:f6:0a:26:ed:2d:db:
ee:3b:c3:79
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUa50alCTd4eYgF42qfmR3euhscvwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhOGQzNTMxYjBiMmZjNzk5YzgyNzFkMTc4YmM4YWVlMzNhZjQ1YTU2OWFk
YTIzZGUwZmFiNWMyYzI1YjM2ZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJxPSKz2xihNyMXXnPNmXiwDoRNyoeuHW+2JrrcN+/CPvyuhTEJPiaYGrI4i
0hg5eQrQBVqBzAgWjzBEfwqoztq9VyM7eH1elEgpBEAboXaye3+kYP71AB8jviQr
R7sXDWInFGXzIpERK0Vl9oDH9K4D9qSInYyNcws/b4du8YeabFkUY9ZA2xFTM28s
aopfiwFjYZNS+a4OUWDcsImDCOUTJDIXfDphRV5YwnznzzlhlDG3Mi+k4Y7hwTe0
TlXOva61gT+v8p6MHQDaj5mqF4VvzU1luctZLdUjIIlD8GH44GPasajmXrl8Nu90
M5bZJox5NxTNy+VLVdEOHfJaeJ0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRynJhz
ppwPcjQ5tEqvClEW2jdGrDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGIzZmY2MDgtNmM1My00MmI5LTgxMWQtOTY4MDk2YjMwYWU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hng
MA0GCSqGSIb3DQEBCwUAA4IBAQCE65SULnXGO27HQ5zmo+SKrLA3d+WFxYpM9WQU
nUDas+Ege53Xc9yg/u64hiZh1DLMNiFAVO8gVJXkpAELWoDLa5x7LuaZg6JPIHVb
aTi/TWAifiUOetfvqGmrjcGSpZrABoD8/WBBRfJRF7N4nJnEcwwPLitEs9II5G9f
m0MR1H1lF3QvMadHIY9CKrK82vWso7XhrOAMBPk6LiXxP9XEV+LEn6Jl+X7ual8R
u2/l10Gz3VYyUrDROqAtut/lZRq8a1IVVx0JInAJx83x7E1+KMw1O88s7g7P0CbJ
+xlvFDhz2d+hhh1zXdlH5geI4K1jt/m7S072CibtLdvuO8N5
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:31 2024 by rpki-client on console-fra.rpki-client.org