Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5082df94-4660-4774-b6d0-01ed17f52832.roa
File: 5082df94-4660-4774-b6d0-01ed17f52832.roa (raw, json)
Hash identifier: tfioPEm4HNz2DEcg0xS44lUm56vhOvIM4UHOUYroTi4=
Subject key identifier: 05:35:19:D8:E3:CB:8A:76:D3:EA:5F:68:DD:83:D4:85:F9:DC:74:56
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20238DA87D7C6FD04757C08E35EDB82210BD470A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5082df94-4660-4774-b6d0-01ed17f52832.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d025::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:23:8d:a8:7d:7c:6f:d0:47:57:c0:8e:35:ed:b8:22:10:bd:47:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=e00bfc7d4e5f59758304e4f2c648fd1c51996596f3500424fdd2d3b7a0e0ec46, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1b:d8:76:56:d0:69:a4:2f:4c:0d:59:4d:53:
39:14:f3:e3:7f:7f:2d:d8:20:3d:1a:8a:13:43:17:
bf:0d:a4:6c:ce:37:0a:1a:bb:0b:cb:97:60:51:e1:
e5:89:f5:8e:70:0e:ff:a2:e4:e2:58:20:2e:28:b1:
f5:cf:7d:a1:25:17:86:3a:6e:e4:59:a1:9d:83:4f:
16:02:b5:0f:12:e7:24:60:75:eb:be:38:03:13:37:
6f:e8:57:2f:22:bd:41:c0:ab:13:41:e8:cf:3e:f0:
dc:7d:13:14:fc:dd:45:f8:44:a2:56:df:07:9c:38:
29:e0:be:42:43:2d:a8:dd:70:bc:09:7c:0c:fa:4a:
8f:ba:34:3d:44:63:20:87:ed:0f:97:dc:dd:fa:b5:
53:ee:67:d2:b1:cd:76:6a:15:69:7e:a5:5c:84:ff:
70:e5:d1:0b:e3:58:b8:56:9d:10:d1:fb:f9:cd:5b:
e1:9f:b4:30:93:33:3b:6b:13:e6:34:31:db:11:9c:
d5:05:cd:92:c3:2f:da:69:09:b9:22:08:8e:2b:a3:
e3:0e:ec:6c:96:a7:79:7d:4d:c2:9f:85:85:e9:13:
ae:3c:b9:b8:43:ce:a0:af:aa:cd:7a:9d:33:5b:fc:
f6:79:b9:69:9a:27:dc:7f:da:87:b1:03:40:b5:27:
3a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:35:19:D8:E3:CB:8A:76:D3:EA:5F:68:DD:83:D4:85:F9:DC:74:56
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5082df94-4660-4774-b6d0-01ed17f52832.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d025::/36
Signature Algorithm: sha256WithRSAEncryption
12:24:71:06:a4:d2:d7:97:57:8d:2b:83:a2:ee:5d:d4:d7:4b:
3a:fc:29:fb:b5:d8:5f:e9:e1:da:ae:12:55:26:6a:69:6a:33:
2f:f1:37:00:01:3a:1c:c0:5c:74:0e:6e:5a:af:e0:9c:e2:a1:
31:2f:b1:a5:d4:2c:65:ba:a3:18:47:67:e8:04:cd:dd:12:f8:
eb:5b:46:9e:43:e9:0e:39:cd:da:f5:27:a6:33:91:ec:5a:fd:
90:26:ca:50:7b:a9:4b:be:9a:c1:59:9b:de:e0:eb:83:68:d5:
c9:e5:49:07:eb:5c:af:e0:3c:ba:b9:b6:3e:f9:1e:81:a8:9c:
7b:dc:2b:5a:72:d3:d4:71:51:f9:30:20:5e:89:71:05:b6:02:
7c:14:db:c0:47:93:00:f4:46:11:a1:6b:94:77:1b:b5:84:96:
39:1a:d6:4d:f0:5c:99:6f:c9:3c:53:56:61:e6:5f:f5:aa:5f:
a9:d8:d0:ce:15:b9:79:f8:88:ce:b3:d8:b1:a8:58:54:94:ac:
d6:bc:cb:19:3a:79:b1:9b:db:55:7a:20:b8:ce:9f:66:d9:bb:
25:76:5d:f6:71:fd:67:2f:38:6a:bb:cf:75:d0:cf:58:00:3c:
d8:da:23:98:30:30:ac:8a:ec:69:6f:80:2d:2d:29:0f:2f:c2:
78:0a:0f:7c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUICONqH18b9BHV8CONe24IhC9RwowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwMGJmYzdkNGU1ZjU5NzU4MzA0ZTRmMmM2NDhmZDFjNTE5OTY1OTZmMzUw
MDQyNGZkZDJkM2I3YTBlMGVjNDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkb2HZW0GmkL0wNWU1TORTz439/LdggPRqKE0MXvw2kbM43Chq7C8uXYFHh
5Yn1jnAO/6Lk4lggLiix9c99oSUXhjpu5FmhnYNPFgK1DxLnJGB16744AxM3b+hX
LyK9QcCrE0Hozz7w3H0TFPzdRfhEolbfB5w4KeC+QkMtqN1wvAl8DPpKj7o0PURj
IIftD5fc3fq1U+5n0rHNdmoVaX6lXIT/cOXRC+NYuFadENH7+c1b4Z+0MJMzO2sT
5jQx2xGc1QXNksMv2mkJuSIIjiuj4w7sbJaneX1Nwp+FhekTrjy5uEPOoK+qzXqd
M1v89nm5aZon3H/ah7EDQLUnOuUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQFNRnY
48uKdtPqX2jdg9SF+dx0VjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTA4MmRmOTQtNDY2MC00Nzc0LWI2ZDAtMDFlZDE3ZjUyODMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUA
MA0GCSqGSIb3DQEBCwUAA4IBAQASJHEGpNLXl1eNK4Oi7l3U10s6/Cn7tdhf6eHa
rhJVJmppajMv8TcAATocwFx0Dm5ar+Cc4qExL7Gl1CxluqMYR2foBM3dEvjrW0ae
Q+kOOc3a9SemM5HsWv2QJspQe6lLvprBWZve4OuDaNXJ5UkH61yv4Dy6ubY++R6B
qJx73CtactPUcVH5MCBeiXEFtgJ8FNvAR5MA9EYRoWuUdxu1hJY5GtZN8FyZb8k8
U1Zh5l/1ql+p2NDOFbl5+IjOs9ixqFhUlKzWvMsZOnmxm9tVeiC4zp9m2bsldl32
cf1nLzhqu8910M9YADzY2iOYMDCsiuxpb4AtLSkPL8J4Cg98
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:44 2024 by rpki-client on console-ams.rpki-client.org