Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bb38644-80df-4860-b82a-121044191ffa.roa
File: 6bb38644-80df-4860-b82a-121044191ffa.roa (raw, json)
Hash identifier: L40xo7rvAK6QucpIaQv9yUBlLyE0AKMMD4frYKQPUvk=
Subject key identifier: 71:61:8C:A7:71:4E:56:4C:32:58:46:49:85:DD:0D:79:83:EC:83:EA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 030D5E5BABDD16FD9C6C718F405C83AD1AFC916A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bb38644-80df-4860-b82a-121044191ffa.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:0d:5e:5b:ab:dd:16:fd:9c:6c:71:8f:40:5c:83:ad:1a:fc:91:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=b2f6570d353befb10762bf2e0bda62a3529cf0b35526d7f5f2e765b70bdc6e86, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:dc:34:86:ac:83:59:cc:be:42:67:99:d8:27:
c3:2b:d4:d7:d9:e8:74:59:75:78:88:61:38:b9:5b:
a4:6e:d1:76:b0:cc:40:1d:bf:9a:5f:99:80:14:7c:
31:b1:8d:ac:f4:e1:30:fa:8a:a1:ff:51:88:dd:a0:
97:c6:43:e4:9b:32:f7:83:58:87:9a:ab:4e:85:60:
6f:83:5b:1d:ea:d9:33:75:92:f3:1c:2a:e7:71:19:
91:06:cc:0e:bf:e6:90:68:ce:5d:7b:98:d3:29:ce:
70:96:45:cf:f8:98:1a:5f:17:1e:da:a8:aa:1d:7c:
f4:07:0c:29:3d:f5:1f:dd:71:f8:2a:34:e8:5f:cb:
6d:36:30:4e:d3:56:43:c0:d2:a9:27:54:3f:4a:e2:
0d:af:63:ea:ec:11:7a:69:0e:06:36:3a:bd:09:a8:
49:42:f4:2a:ca:7e:56:32:bb:01:f1:6d:07:3d:40:
b3:86:a8:88:f6:33:1c:5f:28:a2:a5:35:61:36:c3:
9b:b4:86:52:c6:5f:88:38:b2:a5:b2:b5:bb:9c:ae:
53:ab:bf:74:02:8c:d6:0d:67:f9:47:9c:f6:be:99:
f3:52:5d:94:b3:d6:23:38:80:05:93:33:7f:c0:c1:
17:1d:79:f4:81:13:97:2c:1a:99:78:87:05:1f:9c:
0a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:61:8C:A7:71:4E:56:4C:32:58:46:49:85:DD:0D:79:83:EC:83:EA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bb38644-80df-4860-b82a-121044191ffa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:2000::/40
Signature Algorithm: sha256WithRSAEncryption
94:e2:84:b5:72:29:c9:78:a1:1b:8e:13:8a:d9:53:31:c6:18:
c6:53:1e:01:81:53:b6:bc:bf:d9:f8:a7:67:d3:9a:83:53:f1:
70:25:29:85:fe:ec:2d:66:6c:04:96:0a:04:76:44:95:9d:75:
03:e7:32:c9:96:d2:13:c7:d2:12:bd:4b:f8:11:f3:46:e5:e1:
53:d7:7b:43:97:00:2c:39:a9:6a:03:52:fd:f4:ad:9f:9d:0c:
70:0a:69:83:f9:9e:34:ad:86:cc:40:94:56:18:ee:fc:ca:b8:
8d:23:11:2a:b6:32:ac:a3:4b:92:95:d5:3b:e0:a1:30:7c:88:
ea:1c:c9:95:25:f3:f1:cf:c0:e2:33:e7:02:df:24:dd:93:3f:
c4:4e:00:2d:78:2e:41:83:9f:08:f7:1a:64:f0:66:cf:f5:1f:
8e:4f:9e:bd:c9:17:b6:17:32:ef:70:97:06:be:cb:fc:f2:2c:
5c:d4:25:bc:eb:ea:73:79:1e:db:c9:4d:43:5c:a5:e5:54:57:
e5:8a:6b:82:6d:7f:9b:c7:43:3d:25:53:85:6c:db:95:85:d4:
4f:70:33:87:9f:a2:10:5b:72:15:bb:8b:4b:9a:27:a5:1f:ce:
48:13:01:74:74:df:6b:4f:49:a2:25:39:90:fd:01:05:ea:be:
11:48:c9:5c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAw1eW6vdFv2cbHGPQFyDrRr8kWowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyZjY1NzBkMzUzYmVmYjEwNzYyYmYyZTBiZGE2MmEzNTI5Y2YwYjM1NTI2
ZDdmNWYyZTc2NWI3MGJkYzZlODYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/cNIasg1nMvkJnmdgnwyvU19nodFl1eIhhOLlbpG7RdrDMQB2/ml+ZgBR8
MbGNrPThMPqKof9RiN2gl8ZD5Jsy94NYh5qrToVgb4NbHerZM3WS8xwq53EZkQbM
Dr/mkGjOXXuY0ynOcJZFz/iYGl8XHtqoqh189AcMKT31H91x+Co06F/LbTYwTtNW
Q8DSqSdUP0riDa9j6uwRemkOBjY6vQmoSUL0Ksp+VjK7AfFtBz1As4aoiPYzHF8o
oqU1YTbDm7SGUsZfiDiypbK1u5yuU6u/dAKM1g1n+Uec9r6Z81JdlLPWIziABZMz
f8DBFx159IETlywamXiHBR+cCl8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRxYYyn
cU5WTDJYRkmF3Q15g+yD6jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmJiMzg2NDQtODBkZi00ODYwLWI4MmEtMTIxMDQ0MTkxZmZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dog
MA0GCSqGSIb3DQEBCwUAA4IBAQCU4oS1cinJeKEbjhOK2VMxxhjGUx4BgVO2vL/Z
+Kdn05qDU/FwJSmF/uwtZmwElgoEdkSVnXUD5zLJltITx9ISvUv4EfNG5eFT13tD
lwAsOalqA1L99K2fnQxwCmmD+Z40rYbMQJRWGO78yriNIxEqtjKso0uSldU74KEw
fIjqHMmVJfPxz8DiM+cC3yTdkz/ETgAteC5Bg58I9xpk8GbP9R+OT569yRe2FzLv
cJcGvsv88ixc1CW86+pzeR7byU1DXKXlVFflimuCbX+bx0M9JVOFbNuVhdRPcDOH
n6IQW3IVu4tLmielH85IEwF0dN9rT0miJTmQ/QEF6r4RSMlc
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:40:29 2024 by rpki-client on console-ams.rpki-client.org