Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/636fd47b-89eb-4828-873d-2c6e06a89e85.roa
File: 636fd47b-89eb-4828-873d-2c6e06a89e85.roa (raw, json)
Hash identifier: /yunQwgrlADZ7BL1Zk+TBBxYlpA4LVXCwoB9zuoDP30=
Subject key identifier: DF:B9:F9:8C:37:E0:A0:07:E2:80:4F:C2:37:3B:FC:49:29:9D:74:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7F9620EC33599A34839D2BBAD10A720E43AFE626
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/636fd47b-89eb-4828-873d-2c6e06a89e85.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:96:20:ec:33:59:9a:34:83:9d:2b:ba:d1:0a:72:0e:43:af:e6:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=b3b14c6afbfee931d2c74a2f2f0ede30531e29e0f2580652e1bfa103d3171a91, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f9:76:d8:f0:5d:61:ae:23:76:28:d5:3b:a9:
f5:84:89:0b:54:ab:86:8b:98:4e:ff:8b:e8:f3:97:
75:05:fc:25:ca:81:69:17:c3:23:c4:19:12:f2:4f:
33:04:5e:91:4e:e4:ae:3a:5e:bb:ec:73:42:ff:16:
a1:0e:f1:96:67:8b:d4:e3:09:28:6d:c0:8f:22:4e:
9e:f3:a9:ec:19:35:61:df:c6:be:60:ea:d8:56:c2:
45:79:e3:bc:fd:11:1f:65:d4:dd:ce:db:b8:ac:3d:
e9:d4:6b:6e:6d:4d:f8:0e:5a:68:d7:a5:02:bb:d9:
24:ef:c3:15:97:88:7b:46:ba:32:8b:c4:46:6f:75:
3d:7b:50:66:8c:d5:59:2d:16:ea:b8:91:5d:81:0c:
25:e1:85:90:87:e0:b0:dc:59:fb:94:6d:44:f7:ae:
09:5a:f0:60:a5:df:13:ea:c9:f4:35:fe:9a:e5:81:
14:cd:c9:a8:99:31:80:18:0d:1a:01:f7:68:5a:ca:
a6:4c:05:bc:0c:c9:57:89:81:95:9f:b4:72:cd:76:
1a:cf:04:e1:c4:75:f6:aa:f4:5b:51:52:df:80:6f:
85:ad:e7:15:55:19:6f:f9:b7:36:f3:24:e3:66:9e:
c4:d9:2b:bb:ba:4d:89:f6:1d:5f:34:b5:4c:de:3e:
2b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:B9:F9:8C:37:E0:A0:07:E2:80:4F:C2:37:3B:FC:49:29:9D:74:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/636fd47b-89eb-4828-873d-2c6e06a89e85.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011::/36
Signature Algorithm: sha256WithRSAEncryption
a4:ce:c7:97:91:7b:3f:89:99:fc:22:07:c8:c9:f1:eb:cd:2e:
4a:af:73:4d:80:fe:e0:79:c1:37:67:be:af:4e:61:fd:48:40:
19:5a:21:a9:19:9d:dd:61:00:97:4c:f8:81:c0:b9:cb:c0:cc:
fa:45:df:ea:51:14:d9:0e:13:7e:5c:64:81:9f:a3:31:64:5c:
3e:c3:a5:e4:a5:68:a3:68:3d:86:58:58:2f:84:bb:c6:b3:d2:
1e:99:41:d0:1c:3c:af:41:21:4a:2e:5f:04:72:8f:76:28:a9:
f5:7c:a4:66:f0:5b:a6:ed:dd:78:70:43:96:94:ea:9a:e0:cd:
56:5c:3b:87:31:33:ff:e8:7c:67:2c:5e:58:9e:9c:86:14:a7:
b7:d4:65:d8:fb:e8:63:32:e8:71:1e:8e:67:d2:46:41:b6:a0:
f1:15:d3:cf:51:39:2d:7a:f6:32:13:59:3f:42:aa:35:d8:93:
60:88:c6:3b:d3:5d:93:79:fa:2b:42:4b:1a:0b:30:46:85:03:
48:ca:38:6a:b0:85:54:b8:df:e7:43:33:ee:a1:52:77:dd:e0:
7f:ac:a1:55:48:8c:12:8e:41:28:2c:0e:f0:59:21:74:9b:ea:
18:8f:f0:4c:5a:5a:23:ae:39:fa:f8:bb:93:07:4e:41:27:67:
1c:35:2d:01
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf5Yg7DNZmjSDnSu60QpyDkOv5iYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzYjE0YzZhZmJmZWU5MzFkMmM3NGEyZjJmMGVkZTMwNTMxZTI5ZTBmMjU4
MDY1MmUxYmZhMTAzZDMxNzFhOTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALH5dtjwXWGuI3Yo1Tup9YSJC1SrhouYTv+L6POXdQX8JcqBaRfDI8QZEvJP
MwRekU7krjpeu+xzQv8WoQ7xlmeL1OMJKG3AjyJOnvOp7Bk1Yd/GvmDq2FbCRXnj
vP0RH2XU3c7buKw96dRrbm1N+A5aaNelArvZJO/DFZeIe0a6MovERm91PXtQZozV
WS0W6riRXYEMJeGFkIfgsNxZ+5RtRPeuCVrwYKXfE+rJ9DX+muWBFM3JqJkxgBgN
GgH3aFrKpkwFvAzJV4mBlZ+0cs12Gs8E4cR19qr0W1FS34Bvha3nFVUZb/m3NvMk
42aexNkru7pNifYdXzS1TN4+Ky8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTfufmM
N+CgB+KAT8I3O/xJKZ10azAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjM2ZmQ0N2ItODllYi00ODI4LTg3M2QtMmM2ZTA2YTg5ZTg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BEA
MA0GCSqGSIb3DQEBCwUAA4IBAQCkzseXkXs/iZn8IgfIyfHrzS5Kr3NNgP7gecE3
Z76vTmH9SEAZWiGpGZ3dYQCXTPiBwLnLwMz6Rd/qURTZDhN+XGSBn6MxZFw+w6Xk
pWijaD2GWFgvhLvGs9IemUHQHDyvQSFKLl8Eco92KKn1fKRm8Fum7d14cEOWlOqa
4M1WXDuHMTP/6HxnLF5YnpyGFKe31GXY++hjMuhxHo5n0kZBtqDxFdPPUTktevYy
E1k/Qqo12JNgiMY7012TeforQksaCzBGhQNIyjhqsIVUuN/nQzPuoVJ33eB/rKFV
SIwSjkEoLA7wWSF0m+oYj/BMWlojrjn6+LuTB05BJ2ccNS0B
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:31 2024 by rpki-client on console-fra.rpki-client.org