Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/636fd47b-89eb-4828-873d-2c6e06a89e85.roa
File: 636fd47b-89eb-4828-873d-2c6e06a89e85.roa (raw, json)
Hash identifier: 1rS1i3Xymt4xZEW01+68BcgN2/Hn+KJ/Y7rSQuHoVYM=
Subject key identifier: 8C:2D:0F:0E:C0:5F:A4:AB:88:DC:5C:2E:A9:78:5E:98:BB:DE:AB:F4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3BEC2FEEEC02184FC4E9114B20259CCE285BAEFC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/636fd47b-89eb-4828-873d-2c6e06a89e85.roa
Signing time: Fri 12 Jul 2024 00:00:00 +0000
ROA not before: Fri 12 Jul 2024 00:00:00 +0000
ROA not after: Fri 16 Aug 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Jul 2024 15:17:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:ec:2f:ee:ec:02:18:4f:c4:e9:11:4b:20:25:9c:ce:28:5b:ae:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:00:00 2024 GMT
Not After : Aug 16 23:59:59 2024 GMT
Subject: serialNumber=a2a856187fd6b48d9876fa6119273264e8eb6177c77dd3503b21ab17a8e154ce, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9c:e5:f3:c1:40:5c:25:08:93:05:fb:4f:51:
28:36:f8:5c:39:42:41:51:6d:f9:14:d2:ee:02:91:
80:76:cd:bf:be:38:b0:f5:10:26:ad:ac:23:9d:5d:
4f:7a:93:7e:f9:32:72:cd:d2:61:2a:46:de:a0:71:
b4:0b:0b:15:fe:aa:d1:83:9e:9e:d8:fc:b7:fe:db:
df:9c:a5:90:d9:65:b8:24:19:83:d8:60:30:35:d6:
80:1d:14:af:d3:2b:2b:34:c3:85:53:b3:1a:b3:e1:
7e:9c:ce:e4:4b:2f:e5:99:5e:a3:ec:03:5c:ed:67:
49:70:83:b4:1c:a5:cb:b8:69:f1:8d:89:6f:7d:df:
ad:87:a8:17:67:10:95:0a:d1:53:e1:c0:c8:a6:d9:
47:36:cb:19:45:b2:0d:25:22:02:af:af:a9:a9:34:
dc:d2:13:70:67:32:67:65:f0:f2:db:82:fc:5e:b4:
70:e2:5a:eb:d0:27:e9:f9:5d:95:f7:ae:9c:64:67:
81:92:49:2f:e6:3e:bf:78:7d:38:5c:be:4b:32:4d:
82:98:95:18:5a:f7:15:fc:dd:f7:74:65:66:b7:32:
b3:f3:ea:76:7a:fd:d5:d1:a0:4b:b8:fa:42:8a:c0:
ea:20:5c:1f:59:cc:6f:e9:99:81:30:a0:10:35:62:
3e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:2D:0F:0E:C0:5F:A4:AB:88:DC:5C:2E:A9:78:5E:98:BB:DE:AB:F4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/636fd47b-89eb-4828-873d-2c6e06a89e85.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011::/36
Signature Algorithm: sha256WithRSAEncryption
18:29:8d:fd:4f:f8:bf:b6:94:dd:1a:28:54:1d:c7:ae:1f:6f:
46:b2:96:cc:27:23:d6:f3:5d:5e:96:8b:21:76:43:6c:1d:eb:
f0:b4:26:31:b8:8e:06:ff:cb:62:7b:61:1b:00:79:9f:dd:76:
62:3b:a9:3d:73:b0:9e:40:43:18:6d:c2:d2:47:72:13:ca:07:
4c:e3:2b:8a:f6:55:55:57:94:e8:08:bd:5c:2e:43:d7:59:da:
21:d8:ef:18:ba:80:0e:da:db:ee:3c:59:79:ac:22:68:cd:96:
b9:53:e0:c8:58:90:b7:41:9e:25:a2:b0:ae:9f:3f:c3:ef:dc:
cc:9d:0f:c8:00:fe:7c:de:11:5a:1b:43:42:90:7f:6e:93:98:
74:d9:d9:3a:6e:d3:48:0f:91:f5:7a:cf:a7:8f:79:23:a6:5c:
a5:e0:90:ba:f0:0c:66:90:42:ea:92:ba:79:51:8e:4a:ab:70:
85:dc:f0:df:55:cb:0d:7f:b0:50:0b:23:67:c0:da:c4:aa:28:
f9:b5:22:d2:74:a5:66:78:64:28:d7:fe:5d:3b:5b:9f:38:8c:
2d:cc:00:26:c5:ba:89:b4:de:2f:81:07:43:42:d1:58:19:99:
06:97:64:1d:02:2d:ff:41:85:2b:54:b6:9d:9b:0f:03:be:db:
2e:ae:62:7b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUO+wv7uwCGE/E6RFLICWczihbrvwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA3MTIwMDAwMDBaFw0yNDA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyYTg1NjE4N2ZkNmI0OGQ5ODc2ZmE2MTE5MjczMjY0ZThlYjYxNzdjNzdk
ZDM1MDNiMjFhYjE3YThlMTU0Y2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGc5fPBQFwlCJMF+09RKDb4XDlCQVFt+RTS7gKRgHbNv744sPUQJq2sI51d
T3qTfvkycs3SYSpG3qBxtAsLFf6q0YOentj8t/7b35ylkNlluCQZg9hgMDXWgB0U
r9MrKzTDhVOzGrPhfpzO5Esv5Zleo+wDXO1nSXCDtByly7hp8Y2Jb33frYeoF2cQ
lQrRU+HAyKbZRzbLGUWyDSUiAq+vqak03NITcGcyZ2Xw8tuC/F60cOJa69An6fld
lfeunGRngZJJL+Y+v3h9OFy+SzJNgpiVGFr3Ffzd93RlZrcys/Pqdnr91dGgS7j6
QorA6iBcH1nMb+mZgTCgEDViPrMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSMLQ8O
wF+kq4jcXC6peF6Yu96r9DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjM2ZmQ0N2ItODllYi00ODI4LTg3M2QtMmM2ZTA2YTg5ZTg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BEA
MA0GCSqGSIb3DQEBCwUAA4IBAQAYKY39T/i/tpTdGihUHceuH29GspbMJyPW811e
loshdkNsHevwtCYxuI4G/8tie2EbAHmf3XZiO6k9c7CeQEMYbcLSR3ITygdM4yuK
9lVVV5ToCL1cLkPXWdoh2O8YuoAO2tvuPFl5rCJozZa5U+DIWJC3QZ4lorCunz/D
79zMnQ/IAP583hFaG0NCkH9uk5h02dk6btNID5H1es+nj3kjplyl4JC68AxmkELq
krp5UY5Kq3CF3PDfVcsNf7BQCyNnwNrEqij5tSLSdKVmeGQo1/5dO1ufOIwtzAAm
xbqJtN4vgQdDQtFYGZkGl2QdAi3/QYUrVLadmw8DvtsurmJ7
-----END CERTIFICATE-----
Generated at Fri Jul 26 18:53:02 2024 by rpki-client on console-ams.rpki-client.org