Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
File: 5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa (raw, json)
Hash identifier: 1ewx/7SVTRdeXEjOH1tdqjjJrmit9SGfk2C5S4Lq+eE=
Subject key identifier: E9:6C:B2:6F:05:37:C4:56:68:48:85:85:92:8F:87:1B:2C:25:77:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C566E0C49078DD562E267049C1C2038B2D2CC48
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:56:6e:0c:49:07:8d:d5:62:e2:67:04:9c:1c:20:38:b2:d2:cc:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=471aaf723dd3072fecfb8e632612ceff80f7b0868d010bfca7300fc65cc40141, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:03:b8:9d:d7:fa:da:8c:6c:68:35:b6:16:38:
83:22:c5:4f:42:b3:96:e8:bc:c1:e2:06:ad:99:b1:
8a:78:dc:9d:2b:21:a7:18:dc:e3:d8:24:a0:80:e6:
78:d1:be:8d:f8:35:74:ba:92:eb:82:fe:ec:4d:21:
18:20:1a:79:d7:3e:5d:2b:b6:54:c8:9e:be:c3:61:
a5:72:32:ca:3a:58:7b:3c:0e:dc:a7:96:f7:b9:e3:
00:66:13:03:7c:c4:a8:38:d3:c3:84:7a:48:66:c6:
20:88:10:ac:9c:5a:5d:89:29:94:ea:a6:90:69:8b:
23:ca:4a:29:c8:3e:a5:ea:b2:00:d7:26:40:3b:f3:
15:10:b5:56:9b:2b:e7:eb:56:83:1c:bb:23:20:fe:
fb:bb:14:3c:c6:92:25:ad:43:47:b8:a6:ef:f6:ce:
a5:e0:4f:a2:d0:35:d0:0b:9e:29:7a:58:c7:1c:87:
fe:aa:57:13:d1:1c:9a:1a:c1:68:07:97:51:cb:09:
bc:4d:ec:17:1b:28:da:58:1e:c2:5d:a5:37:ea:97:
27:ef:80:ae:e9:f5:65:a8:71:6d:a5:2f:83:21:c5:
86:03:03:e7:13:e3:7a:e7:06:2f:13:8e:8b:b6:dc:
e0:0e:82:be:8e:85:b9:fe:4c:20:16:92:d3:da:a1:
a2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:6C:B2:6F:05:37:C4:56:68:48:85:85:92:8F:87:1B:2C:25:77:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:8000::/40
Signature Algorithm: sha256WithRSAEncryption
1f:98:05:69:da:5a:8c:86:90:f3:cd:db:11:ed:fb:8a:be:84:
7a:71:45:00:e7:6d:23:a0:43:cc:a4:82:a3:ab:b1:0e:20:75:
1d:ae:bb:3c:3a:dd:47:9a:a4:cc:7d:4c:c0:eb:59:20:cf:93:
95:d8:cc:eb:69:fa:9d:18:8a:7e:c8:77:72:30:dc:df:40:63:
d0:22:1f:fa:84:6f:a5:17:d1:87:1a:70:da:b7:0e:23:6e:53:
b7:11:ed:05:3c:a3:37:3e:2a:f9:81:c6:2a:27:34:72:40:33:
0f:7a:60:74:d8:64:54:ba:ad:c0:19:98:ee:d4:51:11:cd:53:
e9:b2:98:b0:15:a2:06:a0:2d:21:76:20:c5:0d:2d:2b:35:09:
98:ad:99:f2:7b:d6:87:76:f6:a5:0b:08:53:58:06:32:66:20:
49:90:99:55:06:7b:20:d4:ba:4a:17:7c:9e:c1:86:ac:7d:7a:
19:ce:2d:06:6c:23:4e:53:ef:ec:d5:5c:50:7c:a5:15:3b:ff:
f0:4b:44:94:2a:de:c4:c5:b8:85:6a:59:5b:4b:be:20:0f:f8:
0c:b4:98:76:89:34:88:b9:94:38:03:80:b9:9b:6d:4d:08:3b:
45:2f:60:e1:07:54:05:6c:11:e8:3b:74:18:c0:ff:c2:c1:45:
71:a0:c0:81
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXFZuDEkHjdVi4mcEnBwgOLLSzEgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3MWFhZjcyM2RkMzA3MmZlY2ZiOGU2MzI2MTJjZWZmODBmN2IwODY4ZDAx
MGJmY2E3MzAwZmM2NWNjNDAxNDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoDuJ3X+tqMbGg1thY4gyLFT0Kzlui8weIGrZmxinjcnSshpxjc49gkoIDm
eNG+jfg1dLqS64L+7E0hGCAaedc+XSu2VMievsNhpXIyyjpYezwO3KeW97njAGYT
A3zEqDjTw4R6SGbGIIgQrJxaXYkplOqmkGmLI8pKKcg+peqyANcmQDvzFRC1Vpsr
5+tWgxy7IyD++7sUPMaSJa1DR7im7/bOpeBPotA10AueKXpYxxyH/qpXE9EcmhrB
aAeXUcsJvE3sFxso2lgewl2lN+qXJ++Arun1ZahxbaUvgyHFhgMD5xPjeucGLxOO
i7bc4A6Cvo6Fuf5MIBaS09qhoscCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTpbLJv
BTfEVmhIhYWSj4cbLCV3WjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWYzMDU0YjgtNTRlZS00YjhiLWFmYzgtNTMxZjI0ZDU5ZmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSA
MA0GCSqGSIb3DQEBCwUAA4IBAQAfmAVp2lqMhpDzzdsR7fuKvoR6cUUA520joEPM
pIKjq7EOIHUdrrs8Ot1HmqTMfUzA61kgz5OV2MzrafqdGIp+yHdyMNzfQGPQIh/6
hG+lF9GHGnDatw4jblO3Ee0FPKM3Pir5gcYqJzRyQDMPemB02GRUuq3AGZju1FER
zVPpspiwFaIGoC0hdiDFDS0rNQmYrZnye9aHdvalCwhTWAYyZiBJkJlVBnsg1LpK
F3yewYasfXoZzi0GbCNOU+/s1VxQfKUVO//wS0SUKt7ExbiFallbS74gD/gMtJh2
iTSIuZQ4A4C5m21NCDtFL2DhB1QFbBHoO3QYwP/CwUVxoMCB
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:11 2024 by rpki-client on console-fra.rpki-client.org