Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/533769c8-002c-491c-9b99-324fe9f5743c.roa
File: 533769c8-002c-491c-9b99-324fe9f5743c.roa (raw, json)
Hash identifier: LlyOExufQ5uWVzHaqtJBcFpj+e6CVAgBk2/OaB2m1iQ=
Subject key identifier: B7:6B:3A:A2:99:DC:AA:06:70:23:2B:0D:EB:03:B9:8C:CA:57:23:D6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4239613A60A881775F3FD5B00EFF08C1F09DC40B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/533769c8-002c-491c-9b99-324fe9f5743c.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d022::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:39:61:3a:60:a8:81:77:5f:3f:d5:b0:0e:ff:08:c1:f0:9d:c4:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=be7765478c0019ee14721c6837a3ed2ac9911b4c25c384435dff21aa00fd5375, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:eb:4f:85:98:f9:ec:fa:f2:f7:7c:d3:a3:d9:
65:86:e5:4f:c1:1b:14:27:ed:66:da:57:2d:eb:24:
01:ea:ed:56:f3:fd:58:71:1b:b3:47:f2:08:8a:2c:
a4:e3:58:ee:79:c8:4f:24:64:e1:c9:e3:33:4d:57:
65:a8:05:60:a0:86:4b:c3:1f:26:d6:46:7b:b0:db:
62:34:d5:9f:5d:1e:9a:3b:1b:cf:d0:0b:89:fa:53:
ec:b4:4f:95:19:f8:52:54:2d:ea:a4:67:8a:9a:1d:
54:5a:c0:f1:eb:49:ff:4a:25:23:35:f6:d8:09:cf:
d9:4e:a6:87:4c:37:c8:d0:b4:d8:4c:49:ff:e5:d9:
1f:c5:20:92:70:a1:1a:fb:64:03:1e:85:e2:5e:cc:
68:50:76:77:1c:6b:4f:1c:00:71:07:e0:4b:dc:46:
42:35:a0:f0:d4:a6:40:c8:83:2d:17:f6:1e:0a:1e:
3b:72:ab:af:66:69:62:00:6e:46:48:1a:7a:ed:3a:
a5:12:f9:af:8f:47:08:49:4b:c5:79:11:46:26:d1:
55:5e:96:ab:d9:89:68:e7:77:64:6d:60:3b:d5:18:
97:12:f5:1f:c7:49:27:a6:f2:af:66:4a:4e:de:64:
4b:29:a1:78:a3:b8:83:7a:4d:d3:fe:da:18:82:83:
72:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:6B:3A:A2:99:DC:AA:06:70:23:2B:0D:EB:03:B9:8C:CA:57:23:D6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/533769c8-002c-491c-9b99-324fe9f5743c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d022::/36
Signature Algorithm: sha256WithRSAEncryption
8c:d5:14:11:0f:f3:4d:7d:ad:2f:a8:44:56:69:1a:8c:b3:de:
9b:6c:be:3e:13:51:5e:de:cd:bb:81:5e:fa:a0:d8:54:f6:ba:
d3:df:fb:b9:57:59:9d:29:9e:5f:2c:cb:65:7f:cf:72:3d:a5:
ed:84:ed:31:c5:ff:ac:45:32:cd:7e:f9:ba:ce:b8:c9:d8:ab:
23:fb:f5:a2:ba:1d:9a:40:56:78:4a:87:53:b0:89:9e:ce:34:
5c:46:a4:1f:d2:67:92:4b:6e:ff:f1:24:a0:6c:eb:73:be:a1:
ec:3c:11:35:4b:90:8b:f3:59:3e:43:31:59:00:90:b2:71:bd:
e5:f1:4d:1c:2e:ef:80:29:61:f7:68:62:44:0d:42:29:8a:88:
8b:7f:5a:84:e8:c8:04:ab:90:ba:51:3b:c8:8f:7f:22:08:2a:
62:1e:14:51:75:56:a7:d3:19:7a:09:6a:1b:b4:11:17:93:75:
6c:89:02:24:9a:f7:db:47:08:62:8b:83:cf:f2:bd:92:74:9f:
27:c8:fa:12:08:07:0d:40:e9:56:79:c3:ff:34:bf:cf:02:ff:
78:9b:5a:8d:3a:37:8f:ec:27:90:93:60:7c:cf:69:c0:1f:c2:
27:91:d8:8b:ed:5d:fb:63:42:ec:24:52:17:71:bd:b9:e5:1d:
c4:b3:7a:12
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQjlhOmCogXdfP9WwDv8IwfCdxAswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlNzc2NTQ3OGMwMDE5ZWUxNDcyMWM2ODM3YTNlZDJhYzk5MTFiNGMyNWMz
ODQ0MzVkZmYyMWFhMDBmZDUzNzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKLrT4WY+ez68vd806PZZYblT8EbFCftZtpXLeskAertVvP9WHEbs0fyCIos
pONY7nnITyRk4cnjM01XZagFYKCGS8MfJtZGe7DbYjTVn10emjsbz9ALifpT7LRP
lRn4UlQt6qRnipodVFrA8etJ/0olIzX22AnP2U6mh0w3yNC02ExJ/+XZH8UgknCh
GvtkAx6F4l7MaFB2dxxrTxwAcQfgS9xGQjWg8NSmQMiDLRf2HgoeO3Krr2ZpYgBu
Rkgaeu06pRL5r49HCElLxXkRRibRVV6Wq9mJaOd3ZG1gO9UYlxL1H8dJJ6byr2ZK
Tt5kSymheKO4g3pN0/7aGIKDctECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS3azqi
mdyqBnAjKw3rA7mMylcj1jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTMzNzY5YzgtMDAyYy00OTFjLTliOTktMzI0ZmU5ZjU3NDNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CIA
MA0GCSqGSIb3DQEBCwUAA4IBAQCM1RQRD/NNfa0vqERWaRqMs96bbL4+E1Fe3s27
gV76oNhU9rrT3/u5V1mdKZ5fLMtlf89yPaXthO0xxf+sRTLNfvm6zrjJ2Ksj+/Wi
uh2aQFZ4SodTsImezjRcRqQf0meSS27/8SSgbOtzvqHsPBE1S5CL81k+QzFZAJCy
cb3l8U0cLu+AKWH3aGJEDUIpioiLf1qE6MgEq5C6UTvIj38iCCpiHhRRdVan0xl6
CWobtBEXk3VsiQIkmvfbRwhii4PP8r2SdJ8nyPoSCAcNQOlWecP/NL/PAv94m1qN
OjeP7CeQk2B8z2nAH8InkdiL7V37Y0LsJFIXcb255R3Es3oS
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:27 2024 by rpki-client on console-ams.rpki-client.org