Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/671bf905-ec67-45af-9635-65f38b009536.roa
File: 671bf905-ec67-45af-9635-65f38b009536.roa (raw, json)
Hash identifier: WfM/1p3Z3/k9a4JKwX1H8iZEgBwgj/4kttOMJDMJY1s=
Subject key identifier: 14:22:C4:55:7E:69:E3:96:87:AE:CB:BA:26:28:B6:6E:FE:54:B5:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 03984507344DEFA19C1F072C012C9FD71E666064
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/671bf905-ec67-45af-9635-65f38b009536.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:98:45:07:34:4d:ef:a1:9c:1f:07:2c:01:2c:9f:d7:1e:66:60:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=eb6f5fdb071a9d19bf5d815f21743fddb7bdb1a8f9cf76d58e210882a9013e7f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5c:92:5d:1f:3a:42:05:c4:be:42:e4:6b:90:
57:f1:49:bd:5c:d1:bb:9c:55:6c:36:da:cb:93:0a:
fa:c1:1a:a8:de:2d:1a:18:65:70:fc:89:73:2f:51:
ec:a0:b7:a8:99:20:99:e5:bd:4d:9e:f2:b0:ec:ea:
b4:bd:50:51:13:00:1d:a0:84:bd:b9:74:f2:84:68:
21:d6:07:9d:88:04:82:f5:5f:6c:9d:9d:15:d3:d2:
19:03:6f:af:b8:98:32:74:c7:35:04:ac:00:9d:69:
64:08:0a:6c:26:e2:74:db:a3:5d:8c:55:5e:22:d5:
27:4e:31:89:59:a2:21:5a:80:e1:48:e5:6f:fe:cc:
8a:44:6e:1d:eb:82:47:bb:af:c1:f6:1b:57:a8:ee:
a3:ea:be:c7:9b:a8:22:95:89:52:5b:3d:e4:95:7d:
e2:3a:53:97:ba:77:c6:88:28:a7:a8:10:41:c2:a5:
4c:c0:e2:4a:67:b0:07:4d:c5:ae:d9:5e:af:e5:a9:
c0:58:85:c1:97:59:dc:40:8e:67:43:96:b1:d2:f3:
8b:ad:48:af:9d:12:7d:a4:93:c9:fc:bc:2d:27:9b:
d8:6e:c2:db:c1:15:3c:d2:78:c7:47:4a:23:5b:34:
ee:db:d4:ae:a7:d2:78:fc:87:f9:aa:51:41:7d:85:
f1:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:22:C4:55:7E:69:E3:96:87:AE:CB:BA:26:28:B6:6E:FE:54:B5:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/671bf905-ec67-45af-9635-65f38b009536.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:1000::/40
Signature Algorithm: sha256WithRSAEncryption
c7:da:fc:4d:f8:17:06:c7:cb:df:98:bd:19:83:63:79:27:4e:
b7:b5:d3:56:80:f0:7e:60:57:30:46:b6:f1:71:9e:fc:0c:a7:
88:91:fc:29:a3:22:c3:d2:0f:a6:dd:10:63:b5:86:43:ea:0c:
0c:d5:b6:a0:b9:42:ae:b7:e3:08:4f:bc:35:ce:35:cd:ba:b4:
36:7a:c1:5e:41:6f:7a:2a:46:ba:18:6b:8e:fb:b8:67:5b:72:
64:36:e7:2e:98:9d:76:d5:9d:53:cf:ee:24:ba:20:b2:7c:3d:
a4:7f:cf:52:4b:04:9d:7f:4e:8f:48:33:a8:b6:da:59:e7:75:
d2:9c:f0:19:85:7e:14:3f:35:4d:3e:a3:35:47:ae:9a:1d:90:
b7:1d:cf:db:83:cd:2b:08:96:3c:fc:77:b5:13:95:5b:52:58:
59:f4:a3:cb:9c:e4:cf:ad:55:cb:15:23:c0:14:a7:83:69:5e:
47:a2:4b:fd:f9:ed:a2:3b:c4:18:1b:1f:35:de:7f:47:2c:16:
8d:a8:ae:84:32:1d:35:b9:32:d5:46:0b:8e:c7:17:9c:80:92:
b0:00:8a:54:af:f0:03:52:f7:53:92:c9:87:12:17:80:04:ed:
14:99:3b:e8:f8:11:4f:cd:1b:e9:d9:a9:b1:eb:ad:db:32:ec:
61:19:e3:d8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUA5hFBzRN76GcHwcsASyf1x5mYGQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGViNmY1ZmRiMDcxYTlkMTliZjVkODE1ZjIxNzQzZmRkYjdiZGIxYThmOWNm
NzZkNThlMjEwODgyYTkwMTNlN2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9ckl0fOkIFxL5C5GuQV/FJvVzRu5xVbDbay5MK+sEaqN4tGhhlcPyJcy9R
7KC3qJkgmeW9TZ7ysOzqtL1QURMAHaCEvbl08oRoIdYHnYgEgvVfbJ2dFdPSGQNv
r7iYMnTHNQSsAJ1pZAgKbCbidNujXYxVXiLVJ04xiVmiIVqA4Ujlb/7MikRuHeuC
R7uvwfYbV6juo+q+x5uoIpWJUls95JV94jpTl7p3xogop6gQQcKlTMDiSmewB03F
rtler+WpwFiFwZdZ3ECOZ0OWsdLzi61Ir50SfaSTyfy8LSeb2G7C28EVPNJ4x0dK
I1s07tvUrqfSePyH+apRQX2F8RcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQUIsRV
fmnjloeuy7omKLZu/lS1BjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjcxYmY5MDUtZWM2Ny00NWFmLTk2MzUtNjVmMzhiMDA5NTM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HcQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDH2vxN+BcGx8vfmL0Zg2N5J063tdNWgPB+YFcw
RrbxcZ78DKeIkfwpoyLD0g+m3RBjtYZD6gwM1baguUKut+MIT7w1zjXNurQ2esFe
QW96Kka6GGuO+7hnW3JkNucumJ121Z1Tz+4kuiCyfD2kf89SSwSdf06PSDOottpZ
53XSnPAZhX4UPzVNPqM1R66aHZC3Hc/bg80rCJY8/He1E5VbUlhZ9KPLnOTPrVXL
FSPAFKeDaV5Hokv9+e2iO8QYGx813n9HLBaNqK6EMh01uTLVRguOxxecgJKwAIpU
r/ADUvdTksmHEheABO0UmTvo+BFPzRvp2amx663bMuxhGePY
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:32 2024 by rpki-client on console-ams.rpki-client.org