Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
File: 5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa (raw, json)
Hash identifier: Dj4eg7LJiq8T4uBOKlzYkjjsxjEdU8XpvBNLU6UavHs=
Subject key identifier: AA:C7:B0:B5:11:D3:D6:E4:54:82:0A:DE:70:96:33:EE:7D:4B:C2:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3DC662615A554024791FD43A8D96DA6015C4D069
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d025:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:c6:62:61:5a:55:40:24:79:1f:d4:3a:8d:96:da:60:15:c4:d0:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=ff54ca4dc1dc5e5183fcf44a1b59c4d469073fc043885b63127c65f1743bc63f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:70:3e:98:dc:44:2a:af:ce:4f:1c:8d:48:09:
1e:16:fe:bd:35:04:46:29:44:11:12:ff:48:0b:09:
bf:61:73:4c:83:09:12:ab:33:ba:7e:6d:bf:57:44:
05:f2:d9:74:a0:33:b1:41:ed:4f:f3:d1:65:8d:ed:
75:53:7a:27:99:bc:cf:33:ae:14:aa:19:cd:f5:80:
c9:fd:df:55:86:ea:55:4f:d8:29:bb:45:9a:d9:89:
63:9a:a0:2d:fe:5b:b8:ac:d6:ab:25:f6:ba:f1:49:
1b:9c:52:4c:f8:b3:41:f0:4b:e8:2b:16:3e:c9:1b:
40:fb:15:ba:d6:35:3e:d2:5b:ed:e9:80:2f:31:56:
c8:a9:c8:bc:9b:22:ec:cb:97:f6:b2:9c:07:8b:97:
72:bc:d6:04:3e:92:2d:a7:de:a9:f0:99:25:ce:a0:
77:b6:16:f4:c6:f2:39:a7:f7:58:8e:a6:38:38:f6:
63:47:3a:c1:fb:df:5d:f8:17:ac:7c:ef:21:7e:4d:
33:c9:3a:fe:1b:6c:ec:bf:a3:5d:3b:09:13:36:14:
6f:1f:8c:7c:9c:d1:6d:42:25:12:bb:30:47:a3:d0:
83:d3:ed:0c:30:79:dc:b8:7d:f0:5f:b9:2c:9b:76:
cd:d8:d7:59:7a:80:ea:1a:ac:c5:f2:bb:8e:2f:b8:
c6:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:C7:B0:B5:11:D3:D6:E4:54:82:0A:DE:70:96:33:EE:7D:4B:C2:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d025:1000::/36
Signature Algorithm: sha256WithRSAEncryption
8f:44:ce:76:4b:30:ed:cc:b3:55:21:49:df:2f:41:ec:e1:da:
cc:5a:aa:59:9d:a7:5a:f0:29:37:12:da:00:5e:f0:fd:65:55:
19:24:a9:38:85:6e:f1:39:42:35:57:77:d4:27:eb:59:a4:42:
14:49:ba:dd:d8:6a:11:ce:24:f5:c4:40:ff:f7:72:70:47:a7:
69:6a:5d:c2:11:f2:8b:16:68:62:36:d6:95:77:5b:87:1f:f2:
06:aa:c2:ac:d1:f8:fb:84:24:27:c8:16:3c:16:0b:2a:c5:e6:
a7:7b:b3:32:2c:2f:0d:59:9a:e5:01:14:4b:df:4f:f3:36:43:
cb:33:07:ac:26:47:09:c6:b6:da:e1:f3:e5:f1:2e:4b:39:33:
5f:04:0a:10:80:bc:0b:18:81:62:0d:07:99:a4:f0:f8:6a:1f:
91:b9:2d:4a:25:8a:91:5f:ab:0d:a5:d9:23:99:6f:00:1f:22:
90:b2:67:b9:ae:74:e4:c8:4f:40:28:dc:60:dc:ca:ef:25:77:
57:c9:a0:67:e8:a2:fe:d6:33:0a:43:6e:05:4c:9d:91:53:b1:
cc:ad:05:60:47:ca:b2:c0:36:22:e3:b7:fd:52:f3:0a:e5:a1:
09:53:cb:6e:13:a3:4c:13:c7:c4:34:7f:85:2a:cf:c5:33:98:
72:77:5c:d7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPcZiYVpVQCR5H9Q6jZbaYBXE0GkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmNTRjYTRkYzFkYzVlNTE4M2ZjZjQ0YTFiNTljNGQ0NjkwNzNmYzA0Mzg4
NWI2MzEyN2M2NWYxNzQzYmM2M2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMxwPpjcRCqvzk8cjUgJHhb+vTUERilEERL/SAsJv2FzTIMJEqszun5tv1dE
BfLZdKAzsUHtT/PRZY3tdVN6J5m8zzOuFKoZzfWAyf3fVYbqVU/YKbtFmtmJY5qg
Lf5buKzWqyX2uvFJG5xSTPizQfBL6CsWPskbQPsVutY1PtJb7emALzFWyKnIvJsi
7MuX9rKcB4uXcrzWBD6SLafeqfCZJc6gd7YW9MbyOaf3WI6mODj2Y0c6wfvfXfgX
rHzvIX5NM8k6/hts7L+jXTsJEzYUbx+MfJzRbUIlErswR6PQg9PtDDB53Lh98F+5
LJt2zdjXWXqA6hqsxfK7ji+4xmUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSqx7C1
EdPW5FSCCt5wljPufUvC2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWE1ODVlOWQtOGJmMC00YmMxLWFkN2ItYjZjM2UwYmY5YjkzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCPRM52SzDtzLNVIUnfL0Hs4drMWqpZnada8Ck3
EtoAXvD9ZVUZJKk4hW7xOUI1V3fUJ+tZpEIUSbrd2GoRziT1xED/93JwR6dpal3C
EfKLFmhiNtaVd1uHH/IGqsKs0fj7hCQnyBY8Fgsqxeane7MyLC8NWZrlARRL30/z
NkPLMwesJkcJxrba4fPl8S5LOTNfBAoQgLwLGIFiDQeZpPD4ah+RuS1KJYqRX6sN
pdkjmW8AHyKQsme5rnTkyE9AKNxg3MrvJXdXyaBn6KL+1jMKQ24FTJ2RU7HMrQVg
R8qywDYi47f9UvMK5aEJU8tuE6NME8fENH+FKs/FM5hyd1zX
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:44 2024 by rpki-client on console-ams.rpki-client.org