Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4fd9f435-a1bd-4a33-bcd7-a98885db581f.roa
File: 4fd9f435-a1bd-4a33-bcd7-a98885db581f.roa (raw, json)
Hash identifier: nGPH7xqpudZy4D2Ow5vmVEAzO93Kc4pfLsls5b0WsSA=
Subject key identifier: 12:F4:26:12:9A:90:3F:1C:D7:84:ED:AB:C2:19:0D:CC:A1:DC:15:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5FD2FEBEE9A0F2FF484F09150D3A26D59B9C5405
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4fd9f435-a1bd-4a33-bcd7-a98885db581f.roa
Signing time: Tue 23 Apr 2024 00:00:00 +0000
ROA not before: Tue 23 Apr 2024 00:00:00 +0000
ROA not after: Tue 28 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:d2:fe:be:e9:a0:f2:ff:48:4f:09:15:0d:3a:26:d5:9b:9c:54:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 23 00:00:00 2024 GMT
Not After : May 28 23:59:59 2024 GMT
Subject: serialNumber=fc00a367c4fa015713abecbc5e968f8965dde28a751d67da6acf37e23e97b13a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:d3:0f:6b:1b:e2:0b:10:48:f8:24:04:b8:70:
ef:f6:e7:11:d4:9b:be:d0:af:54:c6:8a:4e:04:41:
89:77:ee:d7:32:4a:6f:1e:7c:20:e2:ad:b1:ca:56:
5f:5c:46:70:20:7b:3a:eb:b4:c1:b3:25:53:31:6b:
eb:b4:c6:74:6b:1e:8a:37:73:e6:89:a8:cc:08:be:
0a:09:c8:7f:65:cc:14:a3:7d:67:2b:09:c2:80:d5:
c8:74:8d:24:28:41:b8:47:95:6f:de:4a:af:2f:09:
f4:2c:8c:b7:a5:57:18:78:64:68:86:db:84:c3:92:
e7:30:1b:3f:86:0a:15:8d:ad:a1:4b:b7:ed:06:ed:
b5:e0:a0:24:49:fa:92:c8:83:5c:95:72:11:0b:3d:
c2:96:04:c1:07:d4:4d:7c:d8:f5:11:c9:8b:ed:0d:
26:8d:44:ec:c6:06:09:79:0c:f4:fa:76:db:38:7a:
89:ba:2c:61:50:f9:22:9c:61:13:88:10:81:0f:40:
1d:43:ed:da:fa:91:a7:32:9f:d0:e9:aa:16:b4:2c:
bc:a2:62:9d:73:af:1f:26:e1:10:1a:d6:9c:c4:c6:
1c:c0:8e:23:1b:85:c2:8d:fe:c9:f2:7d:46:d2:7e:
be:17:16:58:84:6d:dc:23:5a:dd:9f:2d:7c:12:cf:
70:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:F4:26:12:9A:90:3F:1C:D7:84:ED:AB:C2:19:0D:CC:A1:DC:15:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4fd9f435-a1bd-4a33-bcd7-a98885db581f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:e000::/40
Signature Algorithm: sha256WithRSAEncryption
65:aa:d1:d5:7f:a5:b6:d5:3c:75:a6:b5:3d:88:2d:87:09:0d:
09:f3:99:1a:77:75:68:aa:d6:29:7e:3a:98:3b:56:3b:3d:a0:
e2:9d:96:20:3f:89:fa:3f:59:5c:f1:99:35:88:89:84:a1:15:
95:a5:ca:69:88:bf:df:9b:0b:91:4c:b4:e0:37:b0:53:52:c7:
44:b2:6e:39:74:57:9f:5f:5e:c0:b7:f6:70:7b:2d:cb:96:80:
df:d9:c3:f9:cf:0a:79:fa:01:bb:79:56:bc:49:85:03:14:fc:
53:a8:53:fe:c3:d3:a4:8e:7f:d0:e8:82:49:ba:21:4d:c3:e5:
e9:36:b8:01:3f:72:ca:b3:14:ba:99:94:f7:77:cd:45:f5:52:
70:3b:08:55:02:9d:bc:ea:4e:29:28:00:f1:18:a0:1f:8e:9d:
eb:8b:9f:7b:d9:63:e0:2c:30:05:7d:0e:ec:e6:0f:a2:0b:e8:
32:ba:ff:2c:e4:c4:6d:2b:bc:56:b5:8f:a1:19:bf:b0:85:b0:
f5:d2:a8:ae:cf:86:bd:3a:1e:50:87:60:57:2a:aa:bc:1a:0d:
28:d1:c7:bb:1e:0f:5f:9a:60:f1:d1:2a:95:3e:18:12:29:94:
34:9d:87:b7:b9:65:cb:48:15:99:0d:2c:dd:26:2a:c5:70:c1:
98:5b:5b:6c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUX9L+vumg8v9ITwkVDTom1ZucVAUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjMwMDAwMDBaFw0yNDA1MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjMDBhMzY3YzRmYTAxNTcxM2FiZWNiYzVlOTY4Zjg5NjVkZGUyOGE3NTFk
NjdkYTZhY2YzN2UyM2U5N2IxM2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOnTD2sb4gsQSPgkBLhw7/bnEdSbvtCvVMaKTgRBiXfu1zJKbx58IOKtscpW
X1xGcCB7Ouu0wbMlUzFr67TGdGseijdz5omozAi+CgnIf2XMFKN9ZysJwoDVyHSN
JChBuEeVb95Kry8J9CyMt6VXGHhkaIbbhMOS5zAbP4YKFY2toUu37QbtteCgJEn6
ksiDXJVyEQs9wpYEwQfUTXzY9RHJi+0NJo1E7MYGCXkM9Pp22zh6ibosYVD5Ipxh
E4gQgQ9AHUPt2vqRpzKf0OmqFrQsvKJinXOvHybhEBrWnMTGHMCOIxuFwo3+yfJ9
RtJ+vhcWWIRt3CNa3Z8tfBLPcH8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQS9CYS
mpA/HNeE7avCGQ3ModwVgDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGZkOWY0MzUtYTFiZC00YTMzLWJjZDctYTk4ODg1ZGI1ODFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DXg
MA0GCSqGSIb3DQEBCwUAA4IBAQBlqtHVf6W21Tx1prU9iC2HCQ0J85kad3VoqtYp
fjqYO1Y7PaDinZYgP4n6P1lc8Zk1iImEoRWVpcppiL/fmwuRTLTgN7BTUsdEsm45
dFefX17At/Zwey3LloDf2cP5zwp5+gG7eVa8SYUDFPxTqFP+w9Okjn/Q6IJJuiFN
w+XpNrgBP3LKsxS6mZT3d81F9VJwOwhVAp286k4pKADxGKAfjp3ri5972WPgLDAF
fQ7s5g+iC+gyuv8s5MRtK7xWtY+hGb+whbD10qiuz4a9Oh5Qh2BXKqq8Gg0o0ce7
Hg9fmmDx0SqVPhgSKZQ0nYe3uWXLSBWZDSzdJirFcMGYW1ts
-----END CERTIFICATE-----
Generated at Wed May 8 01:49:11 2024 by rpki-client on console-fra.rpki-client.org