Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/671bf905-ec67-45af-9635-65f38b009536.roa
File: 671bf905-ec67-45af-9635-65f38b009536.roa (raw, json)
Hash identifier: NuMkN4pAabDTLqy90FTrjHCQw6ilYuhE1umI61a4dSs=
Subject key identifier: E8:99:5D:E4:F0:29:C3:29:52:1A:89:CF:69:64:F9:98:71:68:81:44
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6459837EEE22AA091421E6D0A47D022DC2EDBA78
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/671bf905-ec67-45af-9635-65f38b009536.roa
Signing time: Fri 29 Mar 2024 00:00:00 +0000
ROA not before: Fri 29 Mar 2024 00:00:00 +0000
ROA not after: Fri 03 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:59:83:7e:ee:22:aa:09:14:21:e6:d0:a4:7d:02:2d:c2:ed:ba:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 29 00:00:00 2024 GMT
Not After : May 3 23:59:59 2024 GMT
Subject: serialNumber=45ea7caa01ea48be769cdc7f0be34feeafa9c7f0041bca90aa7d14ebcde8f03e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0d:d1:5b:b5:c9:7e:79:ab:59:4e:88:dc:92:
e9:01:01:67:3b:7b:e1:ab:1b:d7:1f:ed:70:9e:d2:
8c:9b:50:1b:c0:5e:33:2d:f3:b9:35:fa:62:8d:5c:
c7:47:fa:60:49:8d:19:a8:f1:d9:3f:fd:ae:ce:c3:
99:30:55:88:6e:9b:5e:06:56:42:17:81:da:c5:a3:
14:0c:f3:dc:38:0a:73:36:d3:60:f5:d7:4a:7d:f6:
47:e3:79:00:4e:c3:4d:57:45:5b:97:a1:51:9c:58:
e6:20:73:4c:0a:80:50:9c:ad:e2:b2:06:d1:10:90:
23:aa:94:a0:78:5c:dd:71:9e:32:9e:2e:34:06:cb:
f9:79:ec:9c:21:91:56:f7:3e:bb:c4:c1:78:8b:46:
45:21:51:1b:c9:99:6e:33:e5:ee:4f:72:a6:e0:e0:
28:7a:42:f0:7d:3a:17:fe:4c:56:77:ac:72:4c:c4:
96:8c:11:3e:4a:1f:82:0b:71:b0:bd:4a:bc:b6:8e:
18:87:67:5d:d3:a1:4c:5d:2f:88:46:f8:32:36:e5:
0f:50:71:10:4c:2e:b3:f4:ac:4f:04:65:bc:d6:11:
c2:73:91:b5:a4:6e:48:7b:0a:e5:f4:55:1c:f4:75:
e9:62:24:b3:0a:8b:a9:15:a2:f0:91:ab:5d:14:b8:
b9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:99:5D:E4:F0:29:C3:29:52:1A:89:CF:69:64:F9:98:71:68:81:44
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/671bf905-ec67-45af-9635-65f38b009536.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:1000::/40
Signature Algorithm: sha256WithRSAEncryption
82:41:ce:d6:b7:3e:e9:35:92:6f:1d:fd:9f:18:10:bf:a2:70:
5e:57:87:eb:b3:f5:3c:80:06:de:60:06:84:f8:50:5c:d2:85:
e3:78:f6:c2:2b:7e:c5:1d:d7:ee:76:98:c4:c9:24:c8:d8:31:
99:fc:88:62:d7:15:b9:b2:c1:ac:ad:72:e8:5b:d5:00:c1:89:
93:d7:10:7d:b0:4d:dc:f7:c4:2e:bb:e1:d0:52:cf:1c:e1:76:
8b:2c:be:15:61:ad:63:00:93:7d:6a:b0:8b:d3:29:be:fb:9e:
7c:35:3a:b9:fd:28:18:49:47:90:d6:2b:b8:f8:37:fe:d3:8d:
c6:2d:11:55:6d:72:1a:b6:83:7c:30:b3:a1:fb:95:c9:fd:b7:
9f:0e:44:b1:dc:14:45:f0:95:8b:e5:55:73:8b:17:c3:32:6a:
6d:13:2d:03:e5:0e:9f:14:9d:e8:ec:0a:4d:6e:2f:e6:09:bf:
92:0f:09:2b:a0:09:c4:7e:b0:e6:37:45:65:88:d5:d7:b3:a0:
cc:cd:be:87:7b:11:8d:bb:21:27:4d:11:a3:ef:44:e5:13:bb:
5f:0d:ce:cc:ef:a7:97:6a:13:e1:9a:f8:4a:a8:1b:2c:da:6a:
2b:e1:ac:2f:3e:25:96:25:1e:ab:df:f8:58:96:5e:c6:29:5f:
83:f5:59:92
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZFmDfu4iqgkUIebQpH0CLcLtungwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDAzMjkwMDAwMDBaFw0yNDA1MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1ZWE3Y2FhMDFlYTQ4YmU3NjljZGM3ZjBiZTM0ZmVlYWZhOWM3ZjAwNDFi
Y2E5MGFhN2QxNGViY2RlOGYwM2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAN0Vu1yX55q1lOiNyS6QEBZzt74asb1x/tcJ7SjJtQG8BeMy3zuTX6Yo1c
x0f6YEmNGajx2T/9rs7DmTBViG6bXgZWQheB2sWjFAzz3DgKczbTYPXXSn32R+N5
AE7DTVdFW5ehUZxY5iBzTAqAUJyt4rIG0RCQI6qUoHhc3XGeMp4uNAbL+XnsnCGR
Vvc+u8TBeItGRSFRG8mZbjPl7k9ypuDgKHpC8H06F/5MVnesckzElowRPkofggtx
sL1KvLaOGIdnXdOhTF0viEb4MjblD1BxEEwus/SsTwRlvNYRwnORtaRuSHsK5fRV
HPR16WIkswqLqRWi8JGrXRS4uSsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTomV3k
8CnDKVIaic9pZPmYcWiBRDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjcxYmY5MDUtZWM2Ny00NWFmLTk2MzUtNjVmMzhiMDA5NTM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HcQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCCQc7Wtz7pNZJvHf2fGBC/onBeV4frs/U8gAbe
YAaE+FBc0oXjePbCK37FHdfudpjEySTI2DGZ/Ihi1xW5ssGsrXLoW9UAwYmT1xB9
sE3c98Quu+HQUs8c4XaLLL4VYa1jAJN9arCL0ym++558NTq5/SgYSUeQ1iu4+Df+
043GLRFVbXIatoN8MLOh+5XJ/befDkSx3BRF8JWL5VVzixfDMmptEy0D5Q6fFJ3o
7ApNbi/mCb+SDwkroAnEfrDmN0VliNXXs6DMzb6HexGNuyEnTRGj70TlE7tfDc7M
76eXahPhmvhKqBss2mor4awvPiWWJR6r3/hYll7GKV+D9VmS
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:02:32 2024 by rpki-client on console-fra.rpki-client.org