Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65e74b89-5008-4b73-92b0-311e73580735.roa
File: 65e74b89-5008-4b73-92b0-311e73580735.roa (raw, json)
Hash identifier: zGwJZrqKwRLSg4taltk8zJaK8eE5wB4PP5JRIN0iC+g=
Subject key identifier: 79:9D:81:55:9D:3C:B3:5E:B8:F8:5C:81:D4:FE:9C:70:CD:C3:0C:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7EC4EF23EEBCAF4F76537E2BD39A24EB0B57BCC6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65e74b89-5008-4b73-92b0-311e73580735.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:c4:ef:23:ee:bc:af:4f:76:53:7e:2b:d3:9a:24:eb:0b:57:bc:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=c73331a332cda65b6d7eaf5ca30b4c3bcb36c7b7f9f519dbd7cb66a2889c34ef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:06:3b:06:aa:5b:ac:49:29:f7:50:04:63:8e:
c5:7d:d0:2f:37:d9:a1:3a:8f:a6:62:38:eb:4f:ec:
1a:e6:1e:c0:0b:b0:27:b9:f0:c4:b9:ed:97:0b:0f:
a6:a8:a0:84:32:85:43:40:87:fc:50:2b:55:24:68:
3f:41:4f:73:00:74:67:ee:16:ec:26:d9:f3:15:d5:
4e:c8:aa:fe:3a:cc:7f:79:1d:09:81:25:c6:90:43:
9b:2e:44:19:f9:59:65:9e:f1:8c:37:fb:43:9b:90:
7d:42:a6:07:31:d8:2b:cf:9f:19:29:f1:6b:66:21:
5b:78:57:84:ce:d8:71:7a:4e:28:84:fc:87:7a:5b:
28:58:bc:ee:03:4d:79:44:0e:c9:70:60:f2:3e:c8:
34:a9:d5:17:8f:44:8b:83:6a:f6:1f:7c:d6:90:8f:
f8:97:6e:62:11:9d:34:f7:96:c4:77:84:53:20:a8:
0a:d5:c3:b2:bd:84:3e:20:97:c4:55:9d:9a:f4:c4:
c1:4d:ef:36:19:01:bf:81:0e:a9:17:2e:c8:2d:33:
a0:f7:7f:46:04:b4:8e:9e:e7:6b:ea:df:31:28:d2:
23:12:c0:69:23:dd:c3:fb:29:52:6b:0d:d3:86:f8:
67:3e:57:29:88:5c:a8:d7:ba:6f:e3:ef:76:c9:a4:
dd:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:9D:81:55:9D:3C:B3:5E:B8:F8:5C:81:D4:FE:9C:70:CD:C3:0C:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65e74b89-5008-4b73-92b0-311e73580735.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:9000::/40
Signature Algorithm: sha256WithRSAEncryption
5c:2c:f1:b1:b5:e2:54:61:ff:98:95:32:c3:82:5a:9b:22:6f:
a5:bd:77:49:93:5f:08:98:4c:27:b5:0c:a6:f2:a7:87:a4:05:
99:b6:b7:83:d8:db:e3:bd:f7:ee:33:f9:05:c5:36:be:27:fd:
75:7e:0f:ce:fc:d0:87:d1:03:0a:e8:d4:22:3c:c4:ba:c7:03:
b3:45:e8:53:1a:e5:0d:76:af:96:b1:12:c0:e1:b6:c4:85:dc:
23:58:80:6c:6d:35:b5:35:3d:a1:8e:70:db:6b:70:cc:fe:e3:
d4:64:7d:55:dd:88:5f:8d:54:9e:db:f1:b4:48:c3:b4:70:ad:
44:70:fe:e6:a1:d2:04:8b:68:eb:9d:52:ef:56:f8:43:7d:b2:
05:66:ce:ad:03:4f:1b:77:ce:43:67:40:f1:9b:f3:93:f0:15:
3f:56:4c:dd:5f:c4:42:2c:49:7b:e6:d5:c9:51:fa:e2:38:e7:
1c:be:b4:bc:5f:24:92:7c:51:cd:49:e7:ba:8d:99:22:40:ce:
8f:54:cf:40:20:bf:24:81:f1:4a:32:47:d8:e4:27:83:56:83:
d5:fc:c9:b8:ff:8d:9e:24:2e:0a:65:73:f0:d1:75:7b:b8:88:
15:28:4b:ad:4b:38:5a:6e:cf:8d:73:a5:f0:e8:6a:3d:28:6b:
41:d7:17:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfsTvI+68r092U34r05ok6wtXvMYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3MzMzMWEzMzJjZGE2NWI2ZDdlYWY1Y2EzMGI0YzNiY2IzNmM3YjdmOWY1
MTlkYmQ3Y2I2NmEyODg5YzM0ZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkGOwaqW6xJKfdQBGOOxX3QLzfZoTqPpmI460/sGuYewAuwJ7nwxLntlwsP
pqighDKFQ0CH/FArVSRoP0FPcwB0Z+4W7CbZ8xXVTsiq/jrMf3kdCYElxpBDmy5E
GflZZZ7xjDf7Q5uQfUKmBzHYK8+fGSnxa2YhW3hXhM7YcXpOKIT8h3pbKFi87gNN
eUQOyXBg8j7INKnVF49Ei4Nq9h981pCP+JduYhGdNPeWxHeEUyCoCtXDsr2EPiCX
xFWdmvTEwU3vNhkBv4EOqRcuyC0zoPd/RgS0jp7na+rfMSjSIxLAaSPdw/spUmsN
04b4Zz5XKYhcqNe6b+Pvdsmk3WMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR5nYFV
nTyzXrj4XIHU/pxwzcMMcTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjVlNzRiODktNTAwOC00YjczLTkyYjAtMzExZTczNTgwNzM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HeQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBcLPGxteJUYf+YlTLDglqbIm+lvXdJk18ImEwn
tQym8qeHpAWZtreD2NvjvffuM/kFxTa+J/11fg/O/NCH0QMK6NQiPMS6xwOzRehT
GuUNdq+WsRLA4bbEhdwjWIBsbTW1NT2hjnDba3DM/uPUZH1V3YhfjVSe2/G0SMO0
cK1EcP7modIEi2jrnVLvVvhDfbIFZs6tA08bd85DZ0Dxm/OT8BU/VkzdX8RCLEl7
5tXJUfriOOccvrS8XySSfFHNSee6jZkiQM6PVM9AIL8kgfFKMkfY5CeDVoPV/Mm4
/42eJC4KZXPw0XV7uIgVKEutSzhabs+Nc6Xw6Go9KGtB1xf6
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:32 2024 by rpki-client on console-fra.rpki-client.org