Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa
File: 55ba2d71-c4db-41f1-a648-b39b354abfa6.roa (raw, json)
Hash identifier: hR7cI5bY9AFRlO4Fp28Ra1UfaQ7wppbQCXKTqW99HKM=
Subject key identifier: A3:8B:A4:9D:2D:02:59:85:12:D9:01:FF:F3:49:8B:A7:C2:46:67:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C96703ED66840269AFF290345A649B2EF564DEB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa
Signing time: Tue 23 Apr 2024 00:00:00 +0000
ROA not before: Tue 23 Apr 2024 00:00:00 +0000
ROA not after: Tue 28 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:96:70:3e:d6:68:40:26:9a:ff:29:03:45:a6:49:b2:ef:56:4d:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 23 00:00:00 2024 GMT
Not After : May 28 23:59:59 2024 GMT
Subject: serialNumber=fcb3c19cc6448655297dbc73dad7337989758214faa15e32eb99cb19d0b84d97, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d8:49:4c:c7:e3:63:d0:f7:96:fe:da:4f:c6:
0c:ba:8f:bf:95:59:54:ed:10:b9:d7:ae:d6:a7:8e:
f1:40:5e:ff:d8:3e:e4:38:5f:cd:1a:2a:b2:a6:fc:
8c:e4:a8:0c:50:ef:fd:34:f7:61:4a:4a:e4:94:a8:
d6:8f:c0:fa:51:60:a7:c7:62:64:60:d8:32:72:e7:
05:13:86:b7:fe:35:86:e8:eb:2f:b0:5c:62:b0:de:
f4:9c:76:9e:72:4d:1c:55:82:eb:5d:b8:a1:14:d8:
8d:e9:cd:52:b9:7e:2e:b1:1f:bd:b2:13:3a:29:8c:
6f:a6:38:a9:64:b8:5f:2b:6b:cf:52:a0:8a:e7:bd:
26:40:fd:0a:d3:27:2c:a4:a1:06:36:1f:c6:e4:55:
b8:a1:82:ed:2e:60:7d:1f:71:b0:60:57:6b:47:52:
84:f9:27:e1:d5:52:5d:ee:01:c7:d5:ef:20:dc:89:
ae:80:6d:7b:7f:76:2a:4e:72:e7:b1:3c:88:50:63:
a4:58:a5:98:dd:b3:c3:c6:d7:45:18:4a:b7:8f:cf:
5f:8c:08:9f:f3:77:c4:c7:0c:21:76:a0:c4:4a:d4:
2b:a9:f3:ba:c7:f8:1a:70:ce:f5:f5:a3:01:f3:37:
01:cb:db:9d:43:33:b9:74:44:f4:20:d9:96:53:4e:
c4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:8B:A4:9D:2D:02:59:85:12:D9:01:FF:F3:49:8B:A7:C2:46:67:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:8000::/40
Signature Algorithm: sha256WithRSAEncryption
7a:a8:10:fe:ea:52:9c:cd:62:5f:58:b8:ae:23:bc:e2:49:00:
e0:1e:36:8e:34:d9:8c:b3:22:c1:6f:35:cd:ac:f1:87:5c:4e:
24:ae:67:be:8c:55:5e:08:5c:c3:14:7e:44:94:21:4d:2c:70:
f6:86:0d:b2:b0:26:a6:1c:c8:5f:f4:d2:f8:af:69:5d:c5:02:
0b:c0:11:b3:bc:9a:2d:f4:ff:3d:be:55:1a:78:bd:18:79:11:
63:ad:9a:2b:34:95:6e:de:ac:0c:9f:61:68:98:f1:0c:25:9f:
36:d6:2a:f5:1a:d2:0f:53:a7:6f:f6:38:23:5a:64:40:e9:77:
c2:95:cc:33:48:13:06:24:13:34:32:32:3c:61:7b:6f:1d:7c:
56:cc:eb:78:cd:19:ac:dd:f6:39:95:d1:bc:4c:ce:0c:73:f5:
ea:cb:bc:33:45:74:90:39:a3:60:3c:d2:71:c9:4e:e7:bd:ab:
a0:7b:1f:5a:8a:00:e6:38:e2:c9:c7:51:73:d0:0f:23:bb:d1:
20:87:fc:03:e8:76:c9:10:f3:97:ff:06:d9:f7:21:4b:1a:3c:
8d:5f:2e:0a:1b:24:a9:a8:b2:f9:83:37:17:f3:f8:e8:de:81:
56:62:6d:bb:14:d4:6b:5c:ba:b0:31:90:fd:e3:05:db:68:88:
0f:d8:4a:a2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfJZwPtZoQCaa/ykDRaZJsu9WTeswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjMwMDAwMDBaFw0yNDA1MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjYjNjMTljYzY0NDg2NTUyOTdkYmM3M2RhZDczMzc5ODk3NTgyMTRmYWEx
NWUzMmViOTljYjE5ZDBiODRkOTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIzYSUzH42PQ95b+2k/GDLqPv5VZVO0Qudeu1qeO8UBe/9g+5DhfzRoqsqb8
jOSoDFDv/TT3YUpK5JSo1o/A+lFgp8diZGDYMnLnBROGt/41hujrL7BcYrDe9Jx2
nnJNHFWC6124oRTYjenNUrl+LrEfvbITOimMb6Y4qWS4Xytrz1Kgiue9JkD9CtMn
LKShBjYfxuRVuKGC7S5gfR9xsGBXa0dShPkn4dVSXe4Bx9XvINyJroBte392Kk5y
57E8iFBjpFilmN2zw8bXRRhKt4/PX4wIn/N3xMcMIXagxErUK6nzusf4GnDO9fWj
AfM3AcvbnUMzuXRE9CDZllNOxH0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSji6Sd
LQJZhRLZAf/zSYunwkZntDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTViYTJkNzEtYzRkYi00MWYxLWE2NDgtYjM5YjM1NGFiZmE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FiA
MA0GCSqGSIb3DQEBCwUAA4IBAQB6qBD+6lKczWJfWLiuI7ziSQDgHjaONNmMsyLB
bzXNrPGHXE4krme+jFVeCFzDFH5ElCFNLHD2hg2ysCamHMhf9NL4r2ldxQILwBGz
vJot9P89vlUaeL0YeRFjrZorNJVu3qwMn2FomPEMJZ821ir1GtIPU6dv9jgjWmRA
6XfClcwzSBMGJBM0MjI8YXtvHXxWzOt4zRms3fY5ldG8TM4Mc/Xqy7wzRXSQOaNg
PNJxyU7nvaugex9aigDmOOLJx1Fz0A8ju9Egh/wD6HbJEPOX/wbZ9yFLGjyNXy4K
GySpqLL5gzcX8/jo3oFWYm27FNRrXLqwMZD94wXbaIgP2Eqi
-----END CERTIFICATE-----
Generated at Sat Apr 27 17:54:24 2024 by rpki-client on console-ams.rpki-client.org