Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
File: 538037c5-70a6-4b45-b84c-b4af8015af39.roa (raw, json)
Hash identifier: xg/l93BJuOtuyZBJmg6e5NOLHHQKclWLwgrPSiWdJqk=
Subject key identifier: 67:87:90:31:1F:D3:EF:5F:72:A8:0E:44:2A:2E:FC:05:92:86:0C:34
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E2D6C72D5389C2C0939E92C78C7F841C028A17E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d029::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:2d:6c:72:d5:38:9c:2c:09:39:e9:2c:78:c7:f8:41:c0:28:a1:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=011baaac09b1f48958f30e8825cce8c0022dc7f1aafb48ec36143e7a2bee0f03, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:37:f5:f6:57:26:2f:c1:82:01:9f:4c:d4:c3:
70:7f:46:6d:a4:23:e1:28:4e:c2:c5:bf:e8:6b:54:
39:ee:97:b3:bf:08:a1:ec:21:d5:3f:6b:e9:b3:73:
77:c9:46:f0:09:3f:c6:6c:3d:25:25:d3:80:2a:f3:
5a:23:93:e3:61:21:33:b0:84:18:0d:b0:eb:dc:30:
72:5f:a8:8b:bd:b8:7e:ef:c1:76:89:8a:64:59:4f:
27:ec:89:c4:32:a1:c5:4e:5e:d8:d7:06:3d:b7:ce:
70:7a:d5:13:a3:69:ce:da:2d:16:7f:b6:66:0e:11:
d8:9a:1b:c0:41:22:89:35:6c:28:8b:b5:5f:16:34:
dd:ee:51:2e:57:f1:10:ff:53:2b:3a:80:3e:fa:d3:
b6:2b:8e:1f:7f:af:30:97:27:61:61:6e:0b:99:65:
3c:33:fd:6e:01:43:d7:16:8c:5d:d6:05:90:a5:11:
fa:62:c9:07:70:69:2d:10:d3:f0:4b:6c:2d:d8:67:
28:c6:b8:27:b0:86:21:98:c4:48:f7:a2:65:41:83:
0c:c5:ce:d5:53:1b:39:8c:36:39:f9:09:76:cb:89:
e1:41:f4:a7:80:8b:e4:df:7a:e5:ee:a2:7c:72:60:
45:ec:35:4b:79:a3:7a:37:9a:8a:5c:c2:9f:a5:ef:
ee:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:87:90:31:1F:D3:EF:5F:72:A8:0E:44:2A:2E:FC:05:92:86:0C:34
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d029::/36
Signature Algorithm: sha256WithRSAEncryption
87:12:0f:6e:ef:10:8a:9b:15:74:c0:6f:5e:e5:75:a4:69:ed:
a0:fc:5c:67:31:95:3f:a1:63:ec:9e:7e:6c:fc:1a:9b:ae:43:
07:f7:19:1a:fd:0e:7e:1e:38:be:3a:4b:5a:2b:56:8e:0d:68:
ab:22:1d:ed:1c:77:28:ca:42:bc:0e:be:d7:ef:bf:51:f6:7d:
38:6c:9d:62:8e:43:0c:b4:bd:4f:90:46:9d:cd:59:0b:f8:e1:
17:4b:36:04:a3:0a:67:cb:c4:51:a4:6d:b1:b9:e9:03:68:07:
cc:5e:c8:01:d4:62:ab:f2:02:32:b2:2c:92:bb:aa:04:e4:b3:
0b:92:62:13:3e:10:c4:b5:ff:8d:c5:10:d5:56:4b:ca:85:a7:
32:ac:28:a8:2a:60:5c:27:1c:73:0a:7f:f2:cf:ba:fa:95:70:
72:9e:ea:26:f6:48:da:19:df:23:3f:f5:4a:22:a6:1d:9f:06:
f9:69:56:4e:f1:92:7a:ac:bd:37:3c:84:db:33:9a:1e:8b:fd:
80:3d:bf:c0:b5:23:1f:1b:57:01:b4:3e:67:0f:a9:2c:04:37:
cf:f9:21:8a:05:8d:8d:3e:fb:5d:f8:f3:dc:85:45:08:3f:77:
cf:8a:cf:91:12:05:6f:1b:f6:fb:b7:66:b6:19:f3:6a:c7:15:
ab:d6:d5:bb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfi1sctU4nCwJOekseMf4QcAooX4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxMWJhYWFjMDliMWY0ODk1OGYzMGU4ODI1Y2NlOGMwMDIyZGM3ZjFhYWZi
NDhlYzM2MTQzZTdhMmJlZTBmMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALs39fZXJi/BggGfTNTDcH9GbaQj4ShOwsW/6GtUOe6Xs78Ioewh1T9r6bNz
d8lG8Ak/xmw9JSXTgCrzWiOT42EhM7CEGA2w69wwcl+oi724fu/BdomKZFlPJ+yJ
xDKhxU5e2NcGPbfOcHrVE6NpztotFn+2Zg4R2JobwEEiiTVsKIu1XxY03e5RLlfx
EP9TKzqAPvrTtiuOH3+vMJcnYWFuC5llPDP9bgFD1xaMXdYFkKUR+mLJB3BpLRDT
8EtsLdhnKMa4J7CGIZjESPeiZUGDDMXO1VMbOYw2OfkJdsuJ4UH0p4CL5N965e6i
fHJgRew1S3mjejeailzCn6Xv7lECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRnh5Ax
H9PvX3KoDkQqLvwFkoYMNDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTM4MDM3YzUtNzBhNi00YjQ1LWI4NGMtYjRhZjgwMTVhZjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CkA
MA0GCSqGSIb3DQEBCwUAA4IBAQCHEg9u7xCKmxV0wG9e5XWkae2g/FxnMZU/oWPs
nn5s/BqbrkMH9xka/Q5+Hji+OktaK1aODWirIh3tHHcoykK8Dr7X779R9n04bJ1i
jkMMtL1PkEadzVkL+OEXSzYEowpny8RRpG2xuekDaAfMXsgB1GKr8gIysiySu6oE
5LMLkmITPhDEtf+NxRDVVkvKhacyrCioKmBcJxxzCn/yz7r6lXBynuom9kjaGd8j
P/VKIqYdnwb5aVZO8ZJ6rL03PITbM5oei/2APb/AtSMfG1cBtD5nD6ksBDfP+SGK
BY2NPvtd+PPchUUIP3fPis+REgVvG/b7t2a2GfNqxxWr1tW7
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:31 2024 by rpki-client on console-fra.rpki-client.org