Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b3ff608-6c53-42b9-811d-968096b30ae5.roa
File: 4b3ff608-6c53-42b9-811d-968096b30ae5.roa (raw, json)
Hash identifier: C/jF5Dckmd5xGnQhIePASoxWWxVVjQJWRLmU7OVNFKc=
Subject key identifier: 5A:61:4C:A0:E6:2F:44:04:97:A2:6A:08:C4:09:8A:56:BE:E8:0E:15
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 497536A960C6A510490AEBE429EF726C1617EF50
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b3ff608-6c53-42b9-811d-968096b30ae5.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:75:36:a9:60:c6:a5:10:49:0a:eb:e4:29:ef:72:6c:16:17:ef:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=69409416bbd5fad34131d78c8f734cbbcc4996f40a060f71635b928ab0d2ca4d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:3e:b6:35:7c:b2:b1:10:67:be:17:b6:6a:e9:
f4:33:8b:7a:17:6e:f5:55:ed:c8:25:4d:a6:1b:7e:
d9:22:08:35:00:f0:cf:db:d7:40:22:62:c7:9b:fc:
22:81:fe:19:a8:d9:a6:eb:03:c8:94:39:7a:be:e7:
e3:26:ce:41:5a:13:1c:0c:8c:15:d2:4e:3a:72:1a:
1c:7c:b9:4d:3d:aa:83:b2:87:07:0d:44:31:d9:5a:
ad:3a:d2:0f:91:ec:6b:fb:a3:00:5b:47:39:7e:b0:
e0:66:83:65:4d:9d:03:17:aa:be:83:a5:cb:df:fc:
7d:29:22:6f:7d:e0:7e:77:02:e7:d3:bd:f2:78:8b:
ee:dc:75:fc:5b:bf:c2:90:69:99:b9:80:1e:7f:08:
41:4e:32:59:79:06:8e:9e:b4:0f:58:b7:08:34:99:
b4:27:0e:af:f0:96:65:1b:07:ed:d8:37:2f:fb:9e:
7e:01:3d:53:e2:ff:80:23:10:60:ab:a0:8e:03:2a:
d4:7b:c1:82:07:ba:40:6d:dc:47:0c:9d:00:10:a3:
4d:54:9f:83:0c:7c:09:8e:b8:6a:fe:09:03:89:ef:
59:3f:49:d0:42:1a:35:50:cf:43:58:b8:88:67:3d:
45:36:a5:bc:3c:66:ca:11:23:8b:12:f8:a6:2f:7c:
b3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:61:4C:A0:E6:2F:44:04:97:A2:6A:08:C4:09:8A:56:BE:E8:0E:15
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b3ff608-6c53-42b9-811d-968096b30ae5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:e000::/40
Signature Algorithm: sha256WithRSAEncryption
a1:1e:85:82:b5:7f:1b:82:29:d5:c0:ba:e6:90:12:65:7e:18:
b6:02:1f:05:1b:89:ce:19:88:b3:de:ec:1b:1e:4f:ed:48:21:
6b:4f:c3:8d:4f:a0:78:10:8c:d1:41:1f:6c:2b:7f:f5:2c:b0:
4c:ec:b3:18:62:3b:b8:4e:7b:7a:c2:45:1e:2e:6c:86:09:f9:
26:c3:0b:1d:78:f4:a3:bf:03:0b:af:d7:77:8f:c0:06:49:60:
2a:5d:e6:b5:c2:f9:fb:03:eb:33:9e:da:3f:22:94:50:87:13:
02:c1:f6:94:d0:ea:93:ac:81:7b:3b:05:65:ba:99:92:b7:7b:
a5:30:14:ac:b9:1e:9a:f5:e7:7b:06:a2:0a:36:be:de:77:38:
e3:29:fd:eb:11:19:c7:cc:ea:77:44:0b:20:2d:d5:20:b0:2c:
26:0e:24:34:d5:b4:3e:01:56:83:83:de:ac:a8:86:1d:f1:05:
a1:33:1e:6f:65:0e:e9:1c:91:e4:88:ee:78:0b:04:95:6f:d4:
b5:ea:c4:1f:e4:96:ae:1c:be:62:85:a0:6f:c2:fb:cb:31:c1:
b1:fc:50:e7:70:0c:c3:92:3c:c3:2e:8d:fe:e2:ad:7f:86:4a:
d7:58:82:c1:ce:42:39:b7:bb:20:30:b2:1c:f5:24:9a:e9:cb:
42:5e:52:36
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSXU2qWDGpRBJCuvkKe9ybBYX71AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5NDA5NDE2YmJkNWZhZDM0MTMxZDc4YzhmNzM0Y2JiY2M0OTk2ZjQwYTA2
MGY3MTYzNWI5MjhhYjBkMmNhNGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOU+tjV8srEQZ74Xtmrp9DOLehdu9VXtyCVNpht+2SIINQDwz9vXQCJix5v8
IoH+GajZpusDyJQ5er7n4ybOQVoTHAyMFdJOOnIaHHy5TT2qg7KHBw1EMdlarTrS
D5Hsa/ujAFtHOX6w4GaDZU2dAxeqvoOly9/8fSkib33gfncC59O98niL7tx1/Fu/
wpBpmbmAHn8IQU4yWXkGjp60D1i3CDSZtCcOr/CWZRsH7dg3L/uefgE9U+L/gCMQ
YKugjgMq1HvBgge6QG3cRwydABCjTVSfgwx8CY64av4JA4nvWT9J0EIaNVDPQ1i4
iGc9RTalvDxmyhEjixL4pi98s+8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRaYUyg
5i9EBJeiagjECYpWvugOFTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGIzZmY2MDgtNmM1My00MmI5LTgxMWQtOTY4MDk2YjMwYWU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hng
MA0GCSqGSIb3DQEBCwUAA4IBAQChHoWCtX8bginVwLrmkBJlfhi2Ah8FG4nOGYiz
3uwbHk/tSCFrT8ONT6B4EIzRQR9sK3/1LLBM7LMYYju4Tnt6wkUeLmyGCfkmwwsd
ePSjvwMLr9d3j8AGSWAqXea1wvn7A+sznto/IpRQhxMCwfaU0OqTrIF7OwVlupmS
t3ulMBSsuR6a9ed7BqIKNr7edzjjKf3rERnHzOp3RAsgLdUgsCwmDiQ01bQ+AVaD
g96sqIYd8QWhMx5vZQ7pHJHkiO54CwSVb9S16sQf5JauHL5ihaBvwvvLMcGx/FDn
cAzDkjzDLo3+4q1/hkrXWILBzkI5t7sgMLIc9SSa6ctCXlI2
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:11 2024 by rpki-client on console-fra.rpki-client.org