Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa
File: 4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa (raw, json)
Hash identifier: RtPSvaN9GndlZX4HbApxOMgMdn5lLJ+QaYJCx5vShhA=
Subject key identifier: DE:13:0D:F8:D6:7E:53:B7:8B:93:A4:F3:F9:0A:43:36:07:99:B7:4C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0EB57A8EA11A7748961AB88D0B7DC799B2D7362E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:b5:7a:8e:a1:1a:77:48:96:1a:b8:8d:0b:7d:c7:99:b2:d7:36:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=9718f4734156a33c26039888e809971f6fe8a7d96540d71da509e716e2023f06, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a7:71:a8:02:56:49:01:cd:0f:4c:bc:15:5e:
39:d2:a0:2a:ae:f5:a4:e5:14:30:49:e3:70:fd:ce:
3b:83:d8:45:f5:23:d3:e5:c6:fd:9e:a4:39:f6:7a:
32:7a:38:fc:0c:ac:d8:78:93:54:d5:2c:a5:c3:55:
dc:69:82:98:e6:5e:30:37:10:2b:f7:b2:39:b6:ef:
f0:0b:33:b0:f3:81:d6:88:13:e5:c5:4e:72:cd:e8:
d0:88:1c:75:12:89:df:a8:77:1f:29:d1:ef:f6:0a:
d2:8a:31:5e:d5:a6:24:5b:28:9b:b4:e4:17:f1:8f:
c5:00:f3:3c:ec:47:4e:9b:7c:55:13:e9:a1:a8:21:
80:fa:a6:6f:51:f2:e3:c6:65:53:ab:59:3a:0a:08:
e3:d7:82:c2:f8:c0:30:bc:58:07:89:c0:73:6b:ef:
15:15:5e:13:65:4e:de:7c:eb:e0:43:9b:58:e8:a2:
cd:3e:1a:a9:cb:4b:07:45:b5:a8:1f:f6:f8:ca:f7:
4c:cf:91:37:0c:a7:fc:20:d6:e9:45:02:59:c8:08:
d2:e3:26:fa:c4:14:da:1b:b5:ce:2f:f4:e2:ce:ec:
20:43:60:59:d9:de:55:27:09:a2:89:ad:6c:1f:58:
71:af:76:69:a1:49:23:87:c3:d1:7d:92:83:41:f3:
fd:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:13:0D:F8:D6:7E:53:B7:8B:93:A4:F3:F9:0A:43:36:07:99:B7:4C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:4000::/40
Signature Algorithm: sha256WithRSAEncryption
13:bd:67:5c:de:bd:3f:ce:aa:a0:8f:75:86:b6:2b:11:4d:46:
32:78:a2:1c:e7:58:33:2a:d9:c9:57:c4:06:67:f8:4d:84:d2:
a5:9d:26:6c:87:08:b8:e7:70:91:47:fa:d3:b5:17:0d:64:f2:
ca:95:4d:7e:9f:64:b5:61:ba:33:9d:ab:ca:36:07:8e:11:e0:
81:21:de:aa:d4:5b:af:64:77:91:61:28:70:ad:8f:88:bc:00:
81:5a:20:4e:f4:16:5c:e4:ec:a2:f0:e5:25:ca:f2:e9:4d:a5:
c5:b4:f0:bb:88:bb:31:95:be:35:a5:0a:f4:b1:b0:8f:56:c3:
c6:92:98:c8:00:fe:29:92:ce:c9:ac:c6:37:1d:bd:d7:22:dd:
29:5d:38:34:61:33:3f:67:56:cc:f9:af:cc:2c:73:f1:16:aa:
1c:be:de:62:2b:ef:d1:7c:f6:d7:a4:bf:54:47:d3:51:60:8f:
12:0f:40:f7:58:62:ae:2b:11:7d:dd:59:72:45:48:ad:8e:82:
69:45:59:e7:a8:9a:91:58:2c:0f:57:a3:28:e1:80:b7:02:6e:
6b:bf:8c:0f:d3:ca:6f:89:75:12:62:97:cf:b3:cf:3b:62:47:
6f:ba:3a:e8:6f:7c:09:58:c5:7f:c9:58:92:7c:d6:67:e4:37:
a0:2e:18:a8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDrV6jqEad0iWGriNC33HmbLXNi4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3MThmNDczNDE1NmEzM2MyNjAzOTg4OGU4MDk5NzFmNmZlOGE3ZDk2NTQw
ZDcxZGE1MDllNzE2ZTIwMjNmMDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6ncagCVkkBzQ9MvBVeOdKgKq71pOUUMEnjcP3OO4PYRfUj0+XG/Z6kOfZ6
Mno4/Ays2HiTVNUspcNV3GmCmOZeMDcQK/eyObbv8AszsPOB1ogT5cVOcs3o0Igc
dRKJ36h3HynR7/YK0ooxXtWmJFsom7TkF/GPxQDzPOxHTpt8VRPpoaghgPqmb1Hy
48ZlU6tZOgoI49eCwvjAMLxYB4nAc2vvFRVeE2VO3nzr4EObWOiizT4aqctLB0W1
qB/2+Mr3TM+RNwyn/CDW6UUCWcgI0uMm+sQU2hu1zi/04s7sIENgWdneVScJoomt
bB9Yca92aaFJI4fD0X2Sg0Hz/cUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTeEw34
1n5Tt4uTpPP5CkM2B5m3TDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI2ZGRjYTctMTcyZi00ZjBlLTlhODMtOWEzNTlmNjJjNDNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVA
MA0GCSqGSIb3DQEBCwUAA4IBAQATvWdc3r0/zqqgj3WGtisRTUYyeKIc51gzKtnJ
V8QGZ/hNhNKlnSZshwi453CRR/rTtRcNZPLKlU1+n2S1YboznavKNgeOEeCBId6q
1FuvZHeRYShwrY+IvACBWiBO9BZc5Oyi8OUlyvLpTaXFtPC7iLsxlb41pQr0sbCP
VsPGkpjIAP4pks7JrMY3Hb3XIt0pXTg0YTM/Z1bM+a/MLHPxFqocvt5iK+/RfPbX
pL9UR9NRYI8SD0D3WGKuKxF93VlyRUitjoJpRVnnqJqRWCwPV6Mo4YC3Am5rv4wP
08pviXUSYpfPs887Ykdvujrob3wJWMV/yViSfNZn5DegLhio
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:31 2024 by rpki-client on console-fra.rpki-client.org