Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
File: 5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa (raw, json)
Hash identifier: INcbsrEr9Jfx610bsZEVZDg+bLjGSld1sXncuz34ZdY=
Subject key identifier: B1:38:9E:CC:06:AE:8F:70:90:22:99:6E:C7:AA:4A:A4:FA:2A:DF:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 10E4092CF0DB3F348844EC685A475C21277F65EE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:e4:09:2c:f0:db:3f:34:88:44:ec:68:5a:47:5c:21:27:7f:65:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=e4625bb594dbd834295466f7292d2ee6e7dd82064b098d2318150f5b58d9cb2b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ea:67:ce:11:70:da:45:96:09:16:58:35:d0:
fc:29:f3:9c:1b:1b:51:c4:c1:44:78:af:7e:0a:a7:
0e:34:3b:4a:f0:84:a1:74:2b:9b:d1:af:46:7c:90:
a5:18:12:3e:4e:bd:ac:b0:37:a5:84:97:88:4f:d0:
51:3c:ef:17:0d:6d:86:e8:f4:36:64:47:ce:b9:0f:
07:be:d2:22:76:8e:fc:2f:45:39:94:49:35:25:6f:
69:35:30:4e:71:ee:62:d6:fd:27:d5:a6:6a:01:d5:
46:c6:81:ab:62:bb:e6:bb:78:c5:15:92:92:e5:f3:
45:98:45:c7:4f:79:4b:66:bc:5f:65:7f:b0:e5:0f:
cc:6e:e4:60:51:09:dd:2c:8b:95:3e:4f:71:e5:96:
e9:32:14:6d:22:94:43:5e:f4:73:a4:84:49:90:a1:
58:3a:48:70:60:47:2e:02:7e:06:be:de:58:9b:80:
06:1e:01:d3:af:49:ed:1b:3a:a4:1a:f1:bb:fa:df:
a8:a8:87:c1:15:f2:49:dd:f1:9c:90:89:39:ce:38:
1a:6c:47:c9:d0:93:27:50:06:e6:93:45:55:dc:48:
7b:63:53:fe:ca:68:96:af:b3:a9:18:c4:45:dd:32:
cb:97:58:3d:53:31:91:ee:e0:d0:9f:58:e1:85:77:
34:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:38:9E:CC:06:AE:8F:70:90:22:99:6E:C7:AA:4A:A4:FA:2A:DF:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:8000::/40
Signature Algorithm: sha256WithRSAEncryption
2b:a1:61:00:06:91:ba:e2:97:01:3c:28:ad:d7:1a:ff:06:7d:
05:98:e4:eb:ee:85:0c:d1:3c:eb:a1:c5:1d:ee:05:e3:e5:b8:
6c:12:67:26:41:26:43:38:38:59:cf:0b:d5:0c:00:45:56:c4:
d3:97:43:19:db:35:89:8b:ff:dd:8f:74:85:08:4f:18:9e:69:
81:d5:ac:4b:86:c0:5b:a2:0f:96:a7:92:ad:6b:1c:38:35:b4:
c5:0d:54:b0:82:ae:2c:f7:4f:64:da:4c:06:4d:2d:fc:8b:de:
5e:d3:89:a6:28:15:d3:e5:fd:4b:6e:c9:90:15:2b:8b:56:c8:
ab:6e:a3:8c:95:aa:79:26:ab:af:4e:7f:ea:d9:f3:2e:d4:c6:
5d:87:2a:78:7e:ee:73:e0:c0:ab:14:95:8b:ce:c1:27:8d:5e:
67:8a:71:df:4b:ab:24:c0:cd:35:d1:a2:40:e9:f9:25:a7:ff:
5d:ac:e3:84:ba:ae:0f:b1:f4:27:e5:d0:d3:64:8e:fb:5d:af:
37:83:38:41:39:79:1b:94:21:a5:cf:84:7d:7a:42:63:ca:71:
7c:c5:8a:ef:e6:0d:ee:8c:0c:bc:6b:dc:ce:02:04:fb:2a:b9:
ea:24:d9:7f:43:d8:5d:31:c0:61:65:ed:d9:74:e9:97:1b:c8:
91:b9:ef:52
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEOQJLPDbPzSIROxoWkdcISd/Ze4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0NjI1YmI1OTRkYmQ4MzQyOTU0NjZmNzI5MmQyZWU2ZTdkZDgyMDY0YjA5
OGQyMzE4MTUwZjViNThkOWNiMmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXqZ84RcNpFlgkWWDXQ/CnznBsbUcTBRHivfgqnDjQ7SvCEoXQrm9GvRnyQ
pRgSPk69rLA3pYSXiE/QUTzvFw1thuj0NmRHzrkPB77SInaO/C9FOZRJNSVvaTUw
TnHuYtb9J9WmagHVRsaBq2K75rt4xRWSkuXzRZhFx095S2a8X2V/sOUPzG7kYFEJ
3SyLlT5PceWW6TIUbSKUQ170c6SESZChWDpIcGBHLgJ+Br7eWJuABh4B069J7Rs6
pBrxu/rfqKiHwRXySd3xnJCJOc44GmxHydCTJ1AG5pNFVdxIe2NT/spolq+zqRjE
Rd0yy5dYPVMxke7g0J9Y4YV3NL8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSxOJ7M
Bq6PcJAimW7Hqkqk+irfkDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWYzMDU0YjgtNTRlZS00YjhiLWFmYzgtNTMxZjI0ZDU5ZmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSA
MA0GCSqGSIb3DQEBCwUAA4IBAQAroWEABpG64pcBPCit1xr/Bn0FmOTr7oUM0Tzr
ocUd7gXj5bhsEmcmQSZDODhZzwvVDABFVsTTl0MZ2zWJi//dj3SFCE8YnmmB1axL
hsBbog+Wp5Ktaxw4NbTFDVSwgq4s909k2kwGTS38i95e04mmKBXT5f1LbsmQFSuL
VsirbqOMlap5JquvTn/q2fMu1MZdhyp4fu5z4MCrFJWLzsEnjV5ninHfS6skwM01
0aJA6fklp/9drOOEuq4PsfQn5dDTZI77Xa83gzhBOXkblCGlz4R9ekJjynF8xYrv
5g3ujAy8a9zOAgT7KrnqJNl/Q9hdMcBhZe3ZdOmXG8iRue9S
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:32 2024 by rpki-client on console-ams.rpki-client.org