Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa
File: 4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa (raw, json)
Hash identifier: VpkRX/HDT57M95xVwFWfBW1NVa17DWFMIfZ0O8nPUIc=
Subject key identifier: EB:DE:36:80:6C:F2:E3:F0:8E:D9:2F:38:F8:D9:D8:69:2D:66:F8:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 307894117FEF34DEE02650FB86B331FF630A5609
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:78:94:11:7f:ef:34:de:e0:26:50:fb:86:b3:31:ff:63:0a:56:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=c29a164e3bdc69d6bd88c9da7c9bdd9f9045a5597cfb2c3079dd10c3b31bc7be, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:27:5c:0a:f4:d0:56:ec:c2:d6:10:c6:9a:d4:
4f:6b:b4:9d:d4:55:5b:34:8e:54:63:cf:0d:42:f6:
4a:99:ae:df:15:98:08:6e:62:7e:bc:2d:af:d1:a1:
8b:f2:be:53:49:5b:ef:da:05:69:6a:84:2a:8e:9c:
c7:05:f1:a5:b0:84:48:be:d4:1e:76:3c:be:b5:4c:
87:5c:5a:d8:a3:ab:09:aa:6a:de:43:10:57:7a:79:
9a:ac:dc:89:10:8a:b9:58:9d:32:69:f8:5f:c5:51:
bd:5d:c9:73:87:10:82:5c:f8:38:2b:d6:84:50:ad:
5f:af:c3:2c:cb:82:ba:3c:4b:12:9b:ac:83:6d:f7:
7a:7b:61:7c:a8:78:d6:ed:07:75:49:3a:ef:ca:f7:
79:83:9d:61:2f:01:7a:bc:4f:59:95:2f:3e:ea:d7:
5b:ad:d3:14:c5:31:8b:08:fb:9b:1e:b0:ba:3b:34:
fb:e7:93:44:fe:75:94:3e:36:8d:42:bc:f2:06:09:
42:6a:f9:93:67:10:ab:0d:66:12:b0:dd:27:33:67:
fc:b8:95:80:be:5a:a6:99:d2:6b:ce:72:6c:37:49:
6a:1d:46:24:2c:a7:47:65:e5:52:96:f4:3f:8b:1e:
9c:f0:44:bd:12:ea:b1:a8:d5:cc:fc:dd:a5:bc:5d:
0f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:DE:36:80:6C:F2:E3:F0:8E:D9:2F:38:F8:D9:D8:69:2D:66:F8:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:8000::/40
Signature Algorithm: sha256WithRSAEncryption
8f:3c:f0:24:67:cd:e7:21:21:fe:8e:31:0f:6e:36:52:e7:88:
b6:a3:ac:a6:2a:6e:4a:1e:bc:63:80:db:9e:92:a2:fb:93:32:
dc:06:36:76:ce:ea:8d:2a:41:c8:a1:df:b5:04:a6:08:a2:a1:
d3:60:80:75:ac:0a:1b:d9:96:45:2b:7c:81:07:60:8b:39:37:
98:1a:da:7d:84:91:0b:16:6e:52:16:ab:05:4e:54:53:88:52:
f0:9a:d9:93:cd:64:26:da:78:90:a5:5a:7d:cd:35:65:ef:13:
03:fb:32:48:a7:49:f9:62:f6:cd:15:d0:68:f5:b0:f9:a6:48:
c8:b7:54:4d:3d:05:ad:f9:66:a0:bc:12:ef:2b:c6:db:95:89:
40:e7:aa:b4:c6:18:ba:6b:d4:d5:cd:50:26:a1:fa:2a:3a:f2:
2f:13:30:ec:f0:9e:11:4f:58:24:a2:e8:2b:70:4c:01:4b:da:
38:13:10:18:c7:a0:04:de:24:3b:52:ea:f9:08:ac:30:96:25:
a0:71:be:8c:54:be:79:ab:dd:3f:7e:d2:4e:99:b6:91:35:69:
dd:4f:10:7b:9b:75:87:de:18:9e:92:82:f8:37:d9:9a:49:00:
0c:38:10:08:24:50:69:c7:4a:77:45:c2:86:92:63:0a:1e:b8:
70:9b:c8:1e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMHiUEX/vNN7gJlD7hrMx/2MKVgkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyOWExNjRlM2JkYzY5ZDZiZDg4YzlkYTdjOWJkZDlmOTA0NWE1NTk3Y2Zi
MmMzMDc5ZGQxMGMzYjMxYmM3YmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEnXAr00FbswtYQxprUT2u0ndRVWzSOVGPPDUL2Spmu3xWYCG5ifrwtr9Gh
i/K+U0lb79oFaWqEKo6cxwXxpbCESL7UHnY8vrVMh1xa2KOrCapq3kMQV3p5mqzc
iRCKuVidMmn4X8VRvV3Jc4cQglz4OCvWhFCtX6/DLMuCujxLEpusg233enthfKh4
1u0HdUk678r3eYOdYS8BerxPWZUvPurXW63TFMUxiwj7mx6wujs0++eTRP51lD42
jUK88gYJQmr5k2cQqw1mErDdJzNn/LiVgL5appnSa85ybDdJah1GJCynR2XlUpb0
P4senPBEvRLqsajVzPzdpbxdD5ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTr3jaA
bPLj8I7ZLzj42dhpLWb4aTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGMyY2Y3YjYtM2ZiYi00ZDc0LTg4NmQtMjFjNThiMzQ3ZjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6A
MA0GCSqGSIb3DQEBCwUAA4IBAQCPPPAkZ83nISH+jjEPbjZS54i2o6ymKm5KHrxj
gNuekqL7kzLcBjZ2zuqNKkHIod+1BKYIoqHTYIB1rAob2ZZFK3yBB2CLOTeYGtp9
hJELFm5SFqsFTlRTiFLwmtmTzWQm2niQpVp9zTVl7xMD+zJIp0n5YvbNFdBo9bD5
pkjIt1RNPQWt+WagvBLvK8bblYlA56q0xhi6a9TVzVAmofoqOvIvEzDs8J4RT1gk
ougrcEwBS9o4ExAYx6AE3iQ7Uur5CKwwliWgcb6MVL55q90/ftJOmbaRNWndTxB7
m3WH3hiekoL4N9maSQAMOBAIJFBpx0p3RcKGkmMKHrhwm8ge
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:31 2024 by rpki-client on console-fra.rpki-client.org