Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4fd9f435-a1bd-4a33-bcd7-a98885db581f.roa
File: 4fd9f435-a1bd-4a33-bcd7-a98885db581f.roa (raw, json)
Hash identifier: iyFhUGsKerLkYMw/bRv0cXRVmF1du7MiYqvrwXkZySY=
Subject key identifier: 94:82:71:47:9D:FC:10:CE:64:2E:79:6B:22:2C:D0:11:DA:9D:24:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B3AD9EBFE4DA8EAA308091E715FE9CFD4A3E9CD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4fd9f435-a1bd-4a33-bcd7-a98885db581f.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:3a:d9:eb:fe:4d:a8:ea:a3:08:09:1e:71:5f:e9:cf:d4:a3:e9:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=44f131fa17e57e46b244bc8d44ec609955ba758ed611d35d7be3048e6e2263c4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4e:ef:06:17:e3:06:21:ee:61:70:72:ca:00:
f0:4e:a3:ad:c3:96:b8:8f:3e:b1:73:a4:44:9c:0d:
ee:d0:64:02:23:b2:58:c5:f0:de:d8:29:0a:b7:7f:
58:d5:e4:21:19:08:49:b1:1f:cf:2b:fa:16:85:7d:
7c:1a:56:13:d6:17:b1:85:23:c9:5e:b7:58:86:ab:
92:65:27:ef:df:17:02:80:54:62:85:6b:ca:9a:46:
88:25:a6:5f:c5:fd:32:9d:6a:98:c1:c9:f5:9f:b6:
07:dd:8a:8b:24:aa:c7:ac:1b:d8:e1:72:fa:7f:e5:
1a:ba:bd:ce:ca:e2:22:5c:c2:bc:b0:5e:63:ad:03:
32:8b:e8:82:5f:8e:1f:ac:c4:cb:ff:ec:60:dc:4b:
fc:8f:e9:e1:b2:21:32:47:1c:91:be:8d:46:b3:d7:
21:cd:64:cc:ee:a2:dc:ff:37:2d:58:b5:fb:1b:45:
ee:ff:63:a2:c7:d3:bf:33:d3:70:71:e1:7a:89:a3:
5c:81:b5:d0:74:8b:f2:17:17:58:0f:e1:a1:81:f9:
42:52:98:46:e5:ff:b1:84:c0:7e:a2:e2:41:0b:7b:
22:c1:cb:da:ab:38:1c:21:9e:72:db:82:75:db:6a:
60:d9:2f:5c:12:d3:52:ab:2a:3b:a2:65:2f:bd:17:
ae:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:82:71:47:9D:FC:10:CE:64:2E:79:6B:22:2C:D0:11:DA:9D:24:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4fd9f435-a1bd-4a33-bcd7-a98885db581f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:e000::/40
Signature Algorithm: sha256WithRSAEncryption
5e:66:fd:83:5e:72:7c:71:33:e8:52:30:e6:5b:aa:4c:0f:78:
d3:b9:43:bf:f4:cb:ec:98:a4:3f:81:b4:02:c8:f4:f1:d5:c5:
30:32:6a:64:ad:36:f1:1c:f5:3b:8d:9c:dd:bd:bb:e2:b6:d6:
37:af:32:db:e8:18:52:17:87:87:bc:d8:59:5d:05:17:a0:1a:
28:31:a1:2f:56:d8:15:89:7d:08:86:4d:33:02:16:a1:f0:1c:
5a:b5:b9:85:06:57:9a:05:a0:e9:c4:09:dc:97:20:78:2b:9a:
53:f7:6a:19:16:d6:a8:fd:24:17:11:56:31:96:ff:ec:3c:22:
a6:9d:e4:37:3e:c2:0d:50:21:5c:4d:84:23:e1:22:0f:5e:5d:
3d:a5:ec:98:29:2b:48:58:d8:43:b8:de:86:7c:fd:a8:06:f0:
cf:43:f5:1d:f0:e5:e6:06:69:13:bd:8e:5a:8b:e5:3a:8b:cd:
b8:3a:88:6d:2e:e4:e7:e0:b2:ab:5e:79:b1:28:55:1d:50:90:
72:46:03:d8:fb:77:fa:d8:66:db:ae:45:41:fd:a1:7d:b1:34:
ed:91:e0:b2:ca:19:0c:99:ea:cb:8f:d4:dc:f7:52:88:b0:13:
ee:8b:00:f9:f4:4f:0b:19:a3:7c:1a:19:ee:ab:87:cf:47:84:
38:46:6f:43
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCzrZ6/5NqOqjCAkecV/pz9Sj6c0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0ZjEzMWZhMTdlNTdlNDZiMjQ0YmM4ZDQ0ZWM2MDk5NTViYTc1OGVkNjEx
ZDM1ZDdiZTMwNDhlNmUyMjYzYzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJO7wYX4wYh7mFwcsoA8E6jrcOWuI8+sXOkRJwN7tBkAiOyWMXw3tgpCrd/
WNXkIRkISbEfzyv6FoV9fBpWE9YXsYUjyV63WIarkmUn798XAoBUYoVryppGiCWm
X8X9Mp1qmMHJ9Z+2B92KiySqx6wb2OFy+n/lGrq9zsriIlzCvLBeY60DMovogl+O
H6zEy//sYNxL/I/p4bIhMkcckb6NRrPXIc1kzO6i3P83LVi1+xtF7v9josfTvzPT
cHHheomjXIG10HSL8hcXWA/hoYH5QlKYRuX/sYTAfqLiQQt7IsHL2qs4HCGectuC
ddtqYNkvXBLTUqsqO6JlL70XrpkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSUgnFH
nfwQzmQueWsiLNAR2p0kFzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGZkOWY0MzUtYTFiZC00YTMzLWJjZDctYTk4ODg1ZGI1ODFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DXg
MA0GCSqGSIb3DQEBCwUAA4IBAQBeZv2DXnJ8cTPoUjDmW6pMD3jTuUO/9MvsmKQ/
gbQCyPTx1cUwMmpkrTbxHPU7jZzdvbvittY3rzLb6BhSF4eHvNhZXQUXoBooMaEv
VtgViX0Ihk0zAhah8BxatbmFBleaBaDpxAnclyB4K5pT92oZFtao/SQXEVYxlv/s
PCKmneQ3PsINUCFcTYQj4SIPXl09peyYKStIWNhDuN6GfP2oBvDPQ/Ud8OXmBmkT
vY5ai+U6i824OohtLuTn4LKrXnmxKFUdUJByRgPY+3f62GbbrkVB/aF9sTTtkeCy
yhkMmerLj9Tc91KIsBPuiwD59E8LGaN8Ghnuq4fPR4Q4Rm9D
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:58:38 2024 by rpki-client on console-fra.rpki-client.org