Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bb38644-80df-4860-b82a-121044191ffa.roa
File: 6bb38644-80df-4860-b82a-121044191ffa.roa (raw, json)
Hash identifier: FcEsvYn07raV3tFqxe6y7NyGIVUhmQCytJHKs3F/I7w=
Subject key identifier: B6:0A:4B:C1:49:FB:5D:FD:08:DF:87:68:EA:40:5F:43:8A:3A:F9:86
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 244B57F736FA19C20FC5069B0CEA6EAE88188FD4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bb38644-80df-4860-b82a-121044191ffa.roa
Signing time: Fri 27 Sep 2024 00:00:00 +0000
ROA not before: Fri 27 Sep 2024 00:00:00 +0000
ROA not after: Fri 01 Nov 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Oct 2024 14:16:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:4b:57:f7:36:fa:19:c2:0f:c5:06:9b:0c:ea:6e:ae:88:18:8f:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 27 00:00:00 2024 GMT
Not After : Nov 1 23:59:59 2024 GMT
Subject: serialNumber=c1a0833438841d8b7df3729da063ec94bd141ea2aa4ab20f5a372ca8cc3f1c52, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:30:a7:9d:de:f1:0f:a1:21:7e:0c:82:48:a3:
78:d2:dc:20:11:56:7e:86:82:f5:69:b7:98:b5:8e:
5b:73:02:c2:6e:40:f4:72:51:30:fe:c5:f2:09:45:
f3:49:f2:1d:2f:ae:98:a3:e9:53:07:17:52:fc:f0:
55:89:8e:07:e9:33:a5:15:e6:ec:86:a7:38:a1:b7:
06:b9:a1:1a:7f:24:10:89:19:24:26:2e:78:44:cf:
0b:8e:a5:1e:4a:d6:f5:cc:7f:42:63:52:98:48:c5:
0a:ad:f4:87:ff:94:dc:c0:b3:8d:b6:90:5d:c1:4d:
ac:99:b0:49:05:4a:14:a4:0c:d7:f4:14:25:16:e3:
b1:24:b7:a5:41:f3:eb:b5:cf:df:99:43:b3:44:d7:
73:c5:29:fe:28:db:4a:53:af:40:46:68:43:e1:e7:
db:ff:a3:c0:b0:6e:94:01:58:9f:a5:0f:d1:0c:8f:
2b:da:18:0c:39:7a:8b:40:b5:ba:18:d1:d2:87:89:
e9:4b:59:cc:00:c5:14:cd:d1:59:f2:e9:31:27:14:
e9:4b:f5:42:6d:dd:8b:b1:85:57:07:96:47:91:07:
ae:5d:50:98:9e:de:2f:d0:e2:4e:c1:e1:6b:7f:ae:
1f:73:03:07:9e:c1:34:c5:7d:cb:09:6e:ff:ad:ff:
29:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:0A:4B:C1:49:FB:5D:FD:08:DF:87:68:EA:40:5F:43:8A:3A:F9:86
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bb38644-80df-4860-b82a-121044191ffa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:2000::/40
Signature Algorithm: sha256WithRSAEncryption
8b:04:a9:fe:08:d9:0c:dd:b0:ea:be:c2:7d:eb:ce:0f:12:39:
cf:df:29:cd:6e:65:e1:6c:43:ba:2a:9d:66:b8:47:2c:29:e7:
25:a3:f7:48:1f:ff:6e:07:21:c2:56:db:bd:2f:57:ea:02:55:
9f:b9:17:0d:ee:15:7b:db:b4:85:2e:a4:a2:7c:89:24:a7:c4:
ef:ef:84:be:68:23:76:b0:66:f5:cb:91:fd:ee:9d:2d:1c:9e:
bb:a1:52:c2:3a:7a:eb:28:b9:95:4f:a8:b2:b0:11:2a:0b:6c:
28:4c:12:84:82:33:e3:d1:90:e0:19:63:68:59:ea:e3:69:e9:
0a:5a:86:9e:0b:05:91:0c:f6:79:43:f9:05:57:12:e7:ed:a6:
20:0c:1d:67:36:fa:02:56:c4:f1:12:1d:d0:d9:b1:10:37:7f:
5e:80:11:08:a7:46:f7:96:e4:ab:40:ff:92:e6:11:5b:e7:bb:
df:f5:a6:3a:e3:8d:bf:2e:42:42:65:4f:47:e9:52:d6:85:d5:
02:d8:9e:ad:89:12:21:47:fa:e5:9f:0b:b1:48:98:4a:d4:64:
2c:d8:bd:25:31:48:75:8e:79:94:56:cb:f2:cb:61:da:aa:d6:
a2:ea:af:8c:fc:8e:f3:3b:b5:96:40:9a:fb:cf:8e:15:69:44:
ce:0b:a9:42
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJEtX9zb6GcIPxQabDOpurogYj9QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA5MjcwMDAwMDBaFw0yNDExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxYTA4MzM0Mzg4NDFkOGI3ZGYzNzI5ZGEwNjNlYzk0YmQxNDFlYTJhYTRh
YjIwZjVhMzcyY2E4Y2MzZjFjNTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKEwp53e8Q+hIX4MgkijeNLcIBFWfoaC9Wm3mLWOW3MCwm5A9HJRMP7F8glF
80nyHS+umKPpUwcXUvzwVYmOB+kzpRXm7IanOKG3BrmhGn8kEIkZJCYueETPC46l
HkrW9cx/QmNSmEjFCq30h/+U3MCzjbaQXcFNrJmwSQVKFKQM1/QUJRbjsSS3pUHz
67XP35lDs0TXc8Up/ijbSlOvQEZoQ+Hn2/+jwLBulAFYn6UP0QyPK9oYDDl6i0C1
uhjR0oeJ6UtZzADFFM3RWfLpMScU6Uv1Qm3di7GFVweWR5EHrl1QmJ7eL9DiTsHh
a3+uH3MDB57BNMV9ywlu/63/KS8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS2CkvB
Sftd/Qjfh2jqQF9Dijr5hjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmJiMzg2NDQtODBkZi00ODYwLWI4MmEtMTIxMDQ0MTkxZmZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dog
MA0GCSqGSIb3DQEBCwUAA4IBAQCLBKn+CNkM3bDqvsJ9684PEjnP3ynNbmXhbEO6
Kp1muEcsKeclo/dIH/9uByHCVtu9L1fqAlWfuRcN7hV727SFLqSifIkkp8Tv74S+
aCN2sGb1y5H97p0tHJ67oVLCOnrrKLmVT6iysBEqC2woTBKEgjPj0ZDgGWNoWerj
aekKWoaeCwWRDPZ5Q/kFVxLn7aYgDB1nNvoCVsTxEh3Q2bEQN39egBEIp0b3luSr
QP+S5hFb57vf9aY6442/LkJCZU9H6VLWhdUC2J6tiRIhR/rlnwuxSJhK1GQs2L0l
MUh1jnmUVsvyy2Haqtai6q+M/I7zO7WWQJr7z44VaUTOC6lC
-----END CERTIFICATE-----
Generated at Wed Oct 9 18:18:05 2024 by rpki-client on console-fra.rpki-client.org