Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa
File: 595250c3-e9f2-4e23-9779-87c47497f520.roa (raw, json)
Hash identifier: c55EHQST7Bog0ffNQlZLw5hdq7wzToejO0QZ0O5DLII=
Subject key identifier: 87:D0:84:87:E1:71:14:65:B7:90:23:43:2B:63:67:A5:3D:C0:D2:0F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 61931E79D018E5D7D927300464803ED1F80E6E00
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa
Signing time: Tue 23 Apr 2024 00:00:00 +0000
ROA not before: Tue 23 Apr 2024 00:00:00 +0000
ROA not after: Tue 28 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:93:1e:79:d0:18:e5:d7:d9:27:30:04:64:80:3e:d1:f8:0e:6e:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 23 00:00:00 2024 GMT
Not After : May 28 23:59:59 2024 GMT
Subject: serialNumber=0b5c9b376148d424dfbd3eeb812af812ea10b09170bef8cab2f39f6003908a19, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a7:b2:66:9e:3f:77:b6:6c:77:bb:20:f5:1e:
42:08:1b:94:82:c6:17:fa:53:e7:36:18:1a:26:2b:
5c:bf:55:7e:11:3b:bb:39:22:84:0b:ad:5b:50:50:
e1:bb:06:10:8e:35:6c:2e:a3:44:5e:00:b3:a4:f2:
62:c1:6a:d7:ea:54:fd:22:58:f8:47:19:a7:b8:ae:
0e:24:ab:ce:c1:a3:7e:ae:3c:ad:46:f8:9a:08:d9:
9c:75:a8:25:f6:27:7e:13:b3:1d:9e:d1:0d:89:9a:
f1:f3:5d:b7:42:1f:12:b8:c6:e0:b1:68:5a:16:0e:
b5:32:4b:88:b3:a6:e6:bc:42:86:78:1a:a2:32:2f:
3e:be:39:e3:83:38:dd:e1:75:fc:45:24:06:92:50:
fd:b9:74:8b:bb:13:15:fb:54:9c:0b:a9:a8:40:7a:
29:bf:a9:a3:9c:05:db:0f:b7:fe:73:82:7b:ed:20:
19:3d:64:a9:9d:aa:0b:6f:00:2e:6d:38:12:1f:11:
72:53:69:31:97:db:62:c8:f6:09:24:07:71:7d:e7:
c6:d6:59:aa:b3:94:e1:a0:e0:83:8c:27:97:44:3d:
5d:12:8a:f5:ea:d3:5b:24:ac:53:02:67:33:1c:24:
db:be:e6:d3:84:dc:57:b4:74:05:6c:66:30:48:77:
fd:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:D0:84:87:E1:71:14:65:B7:90:23:43:2B:63:67:A5:3D:C0:D2:0F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:5000::/40
Signature Algorithm: sha256WithRSAEncryption
54:ad:c6:75:97:38:21:13:53:93:78:3f:48:73:1a:74:7d:fa:
e1:7b:31:b2:af:4f:76:3f:94:80:6a:b6:87:a5:82:bd:46:c3:
5d:d9:92:60:c4:ff:5e:d4:88:85:07:b2:c4:b9:9d:43:55:61:
22:9f:2e:c6:46:68:6e:2c:c7:14:f3:91:7c:88:8e:5e:80:f9:
59:c3:4c:b1:70:dd:ad:ca:50:6e:dc:43:7d:16:7a:b1:f0:17:
c4:2b:0d:ba:7a:4a:3b:cc:1e:67:f5:9f:69:04:84:7d:57:1b:
2b:43:d7:9e:a1:d6:b8:ac:86:c7:23:9e:97:21:a2:e3:35:f1:
51:57:c1:92:49:a1:64:ac:52:53:9b:91:8c:81:34:88:49:01:
eb:b8:3d:00:c3:ea:e6:c5:85:71:ef:3a:6e:3f:9f:d2:e7:9b:
1b:7f:a9:96:60:32:1a:cd:bc:ef:28:11:a5:ad:99:7a:1a:84:
64:fb:d0:38:43:3b:7a:c1:14:c7:fd:6b:35:49:ce:ca:e6:1c:
b2:c8:78:f7:42:ca:64:f5:00:10:2e:ae:ab:e1:2b:1f:81:c9:
5d:ad:24:f6:ba:44:5e:fd:54:f1:65:99:58:b9:c6:d6:c4:6b:
8a:1f:84:cb:36:d5:d3:f3:fa:23:15:49:0a:6c:52:28:87:f5:
2f:43:91:fc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYZMeedAY5dfZJzAEZIA+0fgObgAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjMwMDAwMDBaFw0yNDA1MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiNWM5YjM3NjE0OGQ0MjRkZmJkM2VlYjgxMmFmODEyZWExMGIwOTE3MGJl
ZjhjYWIyZjM5ZjYwMDM5MDhhMTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSnsmaeP3e2bHe7IPUeQggblILGF/pT5zYYGiYrXL9VfhE7uzkihAutW1BQ
4bsGEI41bC6jRF4As6TyYsFq1+pU/SJY+EcZp7iuDiSrzsGjfq48rUb4mgjZnHWo
JfYnfhOzHZ7RDYma8fNdt0IfErjG4LFoWhYOtTJLiLOm5rxChngaojIvPr4544M4
3eF1/EUkBpJQ/bl0i7sTFftUnAupqEB6Kb+po5wF2w+3/nOCe+0gGT1kqZ2qC28A
Lm04Eh8RclNpMZfbYsj2CSQHcX3nxtZZqrOU4aDgg4wnl0Q9XRKK9erTWySsUwJn
Mxwk277m04TcV7R0BWxmMEh3/Z8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSH0ISH
4XEUZbeQI0MrY2elPcDSDzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTk1MjUwYzMtZTlmMi00ZTIzLTk3NzktODdjNDc0OTdmNTIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBUrcZ1lzghE1OTeD9Icxp0ffrhezGyr092P5SA
araHpYK9RsNd2ZJgxP9e1IiFB7LEuZ1DVWEiny7GRmhuLMcU85F8iI5egPlZw0yx
cN2tylBu3EN9Fnqx8BfEKw26eko7zB5n9Z9pBIR9VxsrQ9eeoda4rIbHI56XIaLj
NfFRV8GSSaFkrFJTm5GMgTSISQHruD0Aw+rmxYVx7zpuP5/S55sbf6mWYDIazbzv
KBGlrZl6GoRk+9A4Qzt6wRTH/Ws1Sc7K5hyyyHj3Qspk9QAQLq6r4SsfgcldrST2
ukRe/VTxZZlYucbWxGuKH4TLNtXT8/ojFUkKbFIoh/UvQ5H8
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:11 2024 by rpki-client on console-fra.rpki-client.org