Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa
File: 4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa (raw, json)
Hash identifier: 98moq98o7ib0dXXUMFYr1tqH6G0MAC6WhSNEFnkFK30=
Subject key identifier: E0:24:6E:D0:A8:91:1B:79:4B:24:E1:E6:A7:BE:A4:A2:5E:CD:D3:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4BA57E92410045844DB7F65E8425A7FF7931B307
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:a5:7e:92:41:00:45:84:4d:b7:f6:5e:84:25:a7:ff:79:31:b3:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=b68ef67db050c5f585e3c4075031d42d6b11aae160162d93dc43ee0ba9df45b7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:cb:62:d6:15:e3:ac:91:d9:82:f1:29:93:66:
dc:e6:3f:e4:a7:60:f6:dc:5e:8c:1d:ab:3f:10:19:
bf:79:63:f7:d0:ac:a4:e7:8f:06:9b:03:2e:7a:f2:
43:58:fe:8e:d6:c3:16:54:a4:e2:c0:90:f1:3b:f9:
bd:2c:b0:78:e6:b1:f4:02:b2:87:ad:10:15:0f:c3:
ca:72:a1:44:c7:0d:08:60:2f:2b:97:81:05:dd:34:
e5:72:2b:6c:aa:7c:d7:27:f1:db:4e:de:5f:c7:e4:
fa:18:bc:50:8a:fb:77:c3:cb:2f:ad:43:35:59:14:
b1:98:cf:b2:56:f1:c1:4f:7d:15:ff:20:a8:b5:4c:
ca:cf:54:20:6d:0f:30:92:4e:7d:b7:28:b6:97:15:
07:78:74:b0:87:4d:dc:46:64:d0:fe:4d:e3:a5:c7:
14:f9:45:13:a4:4f:ea:80:6e:db:37:b0:5f:0f:02:
54:c0:d4:8d:c3:91:28:c4:10:a9:e6:d0:5f:f5:f5:
35:68:74:d0:04:9d:27:28:ab:d8:13:4b:32:6f:a5:
7f:14:7c:b5:9a:1f:d0:a6:89:fc:c6:c7:cb:b8:01:
f0:e9:f7:ec:9a:a1:59:17:fd:1d:7e:c7:b2:93:5a:
91:13:0d:d5:74:7f:94:c2:d6:9f:cd:bc:32:cb:36:
2e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:24:6E:D0:A8:91:1B:79:4B:24:E1:E6:A7:BE:A4:A2:5E:CD:D3:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:8000::/40
Signature Algorithm: sha256WithRSAEncryption
b7:2f:68:0c:1d:46:b8:4f:1c:0a:1a:02:9b:b0:80:67:c4:00:
50:97:ec:cb:cf:79:ab:a6:e2:ac:51:0b:44:62:85:0c:18:a7:
00:3f:7b:20:a4:1b:8f:8d:a3:56:0c:16:cf:3c:e9:16:9b:c4:
24:93:7e:fb:47:86:3f:14:52:e0:3d:ec:54:9a:26:e9:65:81:
32:0f:00:5e:75:aa:2a:60:f7:b3:cf:43:ff:fe:27:7f:ef:fc:
98:10:76:d2:32:3f:54:b6:97:32:95:01:1f:ef:e8:3a:ba:ba:
45:7a:3e:86:e6:2e:3b:b4:97:cb:50:1a:f8:fc:3d:72:f2:20:
0b:e6:34:ed:1e:2e:a4:07:2b:d3:aa:2b:3e:04:a2:39:a5:fb:
82:1f:ce:49:70:18:fd:7e:99:f5:37:20:40:b3:77:e8:cb:3b:
c0:6c:ba:35:ce:0e:fd:40:30:b7:d0:bc:d4:08:cf:67:ce:26:
ad:77:6e:31:82:56:0a:f5:b5:99:0e:9b:e1:4e:83:9a:5a:a6:
b4:c4:4d:19:71:9c:92:91:00:f9:26:d8:57:61:71:b1:90:d3:
71:32:fe:11:f7:2d:83:4a:c7:b4:92:86:3b:27:92:e6:ff:71:
3e:d7:fe:46:eb:e1:3f:ab:25:03:01:50:fe:3e:d8:1a:8b:a0:
f6:a8:a1:8d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUS6V+kkEARYRNt/ZehCWn/3kxswcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2OGVmNjdkYjA1MGM1ZjU4NWUzYzQwNzUwMzFkNDJkNmIxMWFhZTE2MDE2
MmQ5M2RjNDNlZTBiYTlkZjQ1YjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOXLYtYV46yR2YLxKZNm3OY/5Kdg9txejB2rPxAZv3lj99CspOePBpsDLnry
Q1j+jtbDFlSk4sCQ8Tv5vSyweOax9AKyh60QFQ/DynKhRMcNCGAvK5eBBd005XIr
bKp81yfx207eX8fk+hi8UIr7d8PLL61DNVkUsZjPslbxwU99Ff8gqLVMys9UIG0P
MJJOfbcotpcVB3h0sIdN3EZk0P5N46XHFPlFE6RP6oBu2zewXw8CVMDUjcORKMQQ
qebQX/X1NWh00ASdJyir2BNLMm+lfxR8tZof0KaJ/MbHy7gB8On37JqhWRf9HX7H
spNakRMN1XR/lMLWn828Mss2LgMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTgJG7Q
qJEbeUsk4eanvqSiXs3T3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGMyY2Y3YjYtM2ZiYi00ZDc0LTg4NmQtMjFjNThiMzQ3ZjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6A
MA0GCSqGSIb3DQEBCwUAA4IBAQC3L2gMHUa4TxwKGgKbsIBnxABQl+zLz3mrpuKs
UQtEYoUMGKcAP3sgpBuPjaNWDBbPPOkWm8Qkk377R4Y/FFLgPexUmibpZYEyDwBe
daoqYPezz0P//id/7/yYEHbSMj9UtpcylQEf7+g6urpFej6G5i47tJfLUBr4/D1y
8iAL5jTtHi6kByvTqis+BKI5pfuCH85JcBj9fpn1NyBAs3foyzvAbLo1zg79QDC3
0LzUCM9nziatd24xglYK9bWZDpvhToOaWqa0xE0ZcZySkQD5JthXYXGxkNNxMv4R
9y2DSse0koY7J5Lm/3E+1/5G6+E/qyUDAVD+Ptgai6D2qKGN
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:32 2024 by rpki-client on console-fra.rpki-client.org