Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa
File: 4dc2c958-c749-4f2f-a83c-b419f7f45487.roa (raw, json)
Hash identifier: Xp4f85Mg5Tw9S87gKj8wuyfJCzn+CdgpxmX7tdHqYnw=
Subject key identifier: 60:E0:56:E6:95:AB:69:9A:0D:2A:60:56:04:0A:10:20:AF:CB:19:20
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4EDE686D069530E0CAB9AC520A1FFC934C651C79
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:de:68:6d:06:95:30:e0:ca:b9:ac:52:0a:1f:fc:93:4c:65:1c:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=0863ba29da0318ebb319d423b0c8b4d7c081a00ab7574b0fd2554bbc0eb5cfd1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:37:61:02:85:8b:d2:02:2a:73:ca:85:8d:d8:
ff:c7:7a:ec:78:c5:f9:c7:a4:4c:11:7d:cb:c4:e8:
8b:6e:ab:f1:f5:86:ab:0b:b4:a6:3a:be:88:9d:82:
f7:82:70:a9:0d:9f:f3:d3:2e:c6:74:1a:cd:dc:10:
be:5b:69:8c:df:f7:6d:97:0b:b4:9c:62:af:9c:b6:
25:9f:f2:1b:76:01:d7:5c:77:a0:ad:05:39:a8:a9:
0b:98:f3:5c:80:45:c9:87:10:a7:59:77:50:fd:7a:
46:de:c5:13:35:76:bd:7a:25:96:89:6c:95:b6:a4:
7d:04:bc:04:13:71:e0:f5:c1:47:c4:e5:7a:e4:6a:
e7:38:c4:4d:33:e3:0f:85:92:92:bb:42:96:a2:43:
66:a0:15:a9:65:e2:f6:51:91:c2:74:40:1c:98:33:
1c:68:88:86:59:be:03:94:36:e9:3c:fc:14:a0:35:
78:f0:c9:5d:9d:82:da:17:bf:8f:67:02:5d:f8:86:
56:50:e0:6a:66:c0:f9:e5:49:0f:04:c2:f0:14:cb:
a9:d8:f4:a2:9e:a7:1b:b9:85:cf:f1:5c:d4:cb:14:
69:65:04:9d:28:0c:d7:29:53:ca:48:34:bb:cd:32:
2e:01:13:ae:af:9c:ef:46:c2:59:f0:7b:84:dd:1d:
7f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:E0:56:E6:95:AB:69:9A:0D:2A:60:56:04:0A:10:20:AF:CB:19:20
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:e000::/40
Signature Algorithm: sha256WithRSAEncryption
39:5a:c2:31:bf:de:d3:c3:1a:a1:d9:70:b0:f8:9e:a3:ea:2c:
b9:62:fc:ac:2a:1d:02:b1:1f:0a:57:c7:e0:e5:e7:0c:fa:02:
05:f7:55:92:c2:6f:4d:62:57:6d:c6:d5:2b:f1:4e:72:59:64:
c2:c9:5a:35:21:f8:7a:87:c4:f3:60:36:8d:8c:df:a3:90:d0:
14:3d:69:b8:53:4f:7b:03:27:31:72:ce:13:d8:33:16:d5:d3:
3e:dd:5b:66:b2:4b:31:33:ca:21:36:ec:38:c9:2f:b9:50:9f:
e0:f0:40:91:2a:54:9b:0a:fa:96:0d:77:65:fa:fe:37:dc:32:
47:aa:32:12:3d:d6:13:29:6d:32:81:43:0c:41:29:19:d9:a0:
ad:64:01:22:22:63:7a:12:0f:00:56:65:b3:30:4b:7d:f3:b9:
0d:6c:60:d3:c2:91:29:79:af:37:80:bb:93:84:5b:bf:d1:97:
a4:5c:68:7a:65:9c:7f:d8:8e:34:bc:64:50:69:52:ed:12:7c:
0b:2d:52:c0:0f:19:e0:6d:0c:72:c2:91:7c:a4:21:a7:f7:00:
d5:37:1b:01:27:fe:55:78:38:d8:55:8c:3e:ab:8c:58:f6:48:
53:cf:4a:ea:77:68:16:59:c6:fb:de:ec:cf:70:4a:09:03:04:
00:9a:a1:6f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTt5obQaVMODKuaxSCh/8k0xlHHkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4NjNiYTI5ZGEwMzE4ZWJiMzE5ZDQyM2IwYzhiNGQ3YzA4MWEwMGFiNzU3
NGIwZmQyNTU0YmJjMGViNWNmZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM83YQKFi9ICKnPKhY3Y/8d67HjF+cekTBF9y8Toi26r8fWGqwu0pjq+iJ2C
94JwqQ2f89MuxnQazdwQvltpjN/3bZcLtJxir5y2JZ/yG3YB11x3oK0FOaipC5jz
XIBFyYcQp1l3UP16Rt7FEzV2vXollolslbakfQS8BBNx4PXBR8TleuRq5zjETTPj
D4WSkrtClqJDZqAVqWXi9lGRwnRAHJgzHGiIhlm+A5Q26Tz8FKA1ePDJXZ2C2he/
j2cCXfiGVlDgambA+eVJDwTC8BTLqdj0op6nG7mFz/Fc1MsUaWUEnSgM1ylTykg0
u80yLgETrq+c70bCWfB7hN0df1UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRg4Fbm
latpmg0qYFYEChAgr8sZIDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGRjMmM5NTgtYzc0OS00ZjJmLWE4M2MtYjQxOWY3ZjQ1NDg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hrg
MA0GCSqGSIb3DQEBCwUAA4IBAQA5WsIxv97Twxqh2XCw+J6j6iy5YvysKh0CsR8K
V8fg5ecM+gIF91WSwm9NYldtxtUr8U5yWWTCyVo1Ifh6h8TzYDaNjN+jkNAUPWm4
U097Aycxcs4T2DMW1dM+3VtmsksxM8ohNuw4yS+5UJ/g8ECRKlSbCvqWDXdl+v43
3DJHqjISPdYTKW0ygUMMQSkZ2aCtZAEiImN6Eg8AVmWzMEt987kNbGDTwpEpea83
gLuThFu/0ZekXGh6ZZx/2I40vGRQaVLtEnwLLVLADxngbQxywpF8pCGn9wDVNxsB
J/5VeDjYVYw+q4xY9khTz0rqd2gWWcb73uzPcEoJAwQAmqFv
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:44 2024 by rpki-client on console-ams.rpki-client.org