Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6de7ce05-e2a4-4c90-9025-5ec5a64a098c.roa
File: 6de7ce05-e2a4-4c90-9025-5ec5a64a098c.roa (raw, json)
Hash identifier: 4mvGEqnuRfPbsenBEES9nTREFVPK5PAPl/BRuc/pKeM=
Subject key identifier: 9D:2E:0B:E7:D1:A6:03:EE:9B:2C:CA:65:EC:4D:13:E3:75:BA:6D:A2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A454A2E5E1F5956CB9C577673BC5A60AA41AF90
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6de7ce05-e2a4-4c90-9025-5ec5a64a098c.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Dec 2024 15:18:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:45:4a:2e:5e:1f:59:56:cb:9c:57:76:73:bc:5a:60:aa:41:af:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=784d530bcb1453a11db64dcd63d88bdc4c183bf1c2879bba135803ba1c8094ee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:cd:03:6f:51:3b:b9:89:bd:d7:42:b8:92:1c:
89:4b:22:74:28:de:32:bb:63:2d:8a:f3:a5:f8:ad:
47:1f:dd:5a:25:69:4c:4a:0f:0d:17:7c:66:04:62:
94:0e:ef:c3:73:cb:51:4e:35:6a:28:ce:da:51:e1:
34:36:76:d9:70:8f:fa:42:c7:2c:a2:e8:ab:d3:ea:
3c:90:4f:09:7d:23:28:74:09:1f:32:dc:8c:4c:50:
27:3d:6b:da:0e:08:37:c1:5a:b0:a1:f6:c9:f9:cc:
ed:e0:10:e1:10:a7:fc:a3:a3:03:ee:26:6b:f0:1d:
ab:80:d5:ef:d4:67:a1:09:45:75:02:57:db:11:4e:
a7:cb:a0:cf:cb:6e:f0:0c:c7:26:c2:8f:8c:6a:ef:
fc:1b:17:29:e1:cb:52:94:42:7a:53:32:b3:8a:f7:
d9:3d:d0:58:76:40:4b:36:62:4f:a6:72:56:f9:aa:
b0:fd:7a:cb:af:32:10:5e:06:c6:b8:13:75:75:74:
b9:f1:44:0f:a4:79:7c:d4:df:d4:e1:07:53:09:0d:
b9:0f:bf:17:a7:69:ad:d2:80:c2:e7:c7:7c:4a:23:
c5:24:02:e4:df:96:27:93:40:18:82:99:b3:15:ef:
e3:a0:0f:a8:9a:4e:e4:b0:79:63:57:62:ed:70:55:
18:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:2E:0B:E7:D1:A6:03:EE:9B:2C:CA:65:EC:4D:13:E3:75:BA:6D:A2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6de7ce05-e2a4-4c90-9025-5ec5a64a098c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:1000::/40
Signature Algorithm: sha256WithRSAEncryption
0e:a3:4c:2c:94:60:f2:18:79:c9:03:62:eb:ec:3a:45:e6:08:
50:a7:ae:5f:2c:53:45:4b:06:b9:66:c3:a6:21:a7:1a:36:a8:
ad:8b:fa:14:49:4c:07:b6:28:29:4e:e6:a5:d1:ce:6a:28:45:
2c:ad:62:21:fe:8d:0a:a5:87:c8:a5:63:da:0b:11:6c:65:03:
bc:4c:d8:86:ea:17:77:c1:91:b3:7b:8d:ea:b9:2a:19:b5:84:
f5:91:e4:04:dd:b1:1d:34:1b:91:99:39:60:6f:da:92:84:cf:
16:51:f7:47:22:69:f6:3b:a0:73:fa:cc:2a:24:dd:55:f4:a5:
1d:d4:07:7e:ac:8f:80:27:8a:3a:65:5d:ad:73:a8:47:3c:84:
c0:4f:14:64:14:24:14:cc:18:5c:18:d6:71:3a:b1:cd:56:2a:
fe:54:ef:74:7c:5b:19:72:04:94:8d:5c:22:a3:03:79:85:c1:
d4:f0:f8:0d:02:45:51:bf:bb:ff:d9:3e:a2:e6:6e:d2:36:14:
c5:6c:e0:3a:d3:cd:07:f3:b0:3f:80:b8:08:40:fb:d6:d9:e3:
f7:1e:c7:bf:31:1b:e2:cd:a5:72:1e:9d:05:ae:37:d9:ef:23:
eb:07:e8:ca:64:98:08:7d:31:6e:8a:3f:7d:a1:c8:81:fa:8f:
f5:05:72:5e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGkVKLl4fWVbLnFd2c7xaYKpBr5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4NGQ1MzBiY2IxNDUzYTExZGI2NGRjZDYzZDg4YmRjNGMxODNiZjFjMjg3
OWJiYTEzNTgwM2JhMWM4MDk0ZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ7NA29RO7mJvddCuJIciUsidCjeMrtjLYrzpfitRx/dWiVpTEoPDRd8ZgRi
lA7vw3PLUU41aijO2lHhNDZ22XCP+kLHLKLoq9PqPJBPCX0jKHQJHzLcjExQJz1r
2g4IN8FasKH2yfnM7eAQ4RCn/KOjA+4ma/Adq4DV79RnoQlFdQJX2xFOp8ugz8tu
8AzHJsKPjGrv/BsXKeHLUpRCelMys4r32T3QWHZASzZiT6ZyVvmqsP16y68yEF4G
xrgTdXV0ufFED6R5fNTf1OEHUwkNuQ+/F6dprdKAwufHfEojxSQC5N+WJ5NAGIKZ
sxXv46APqJpO5LB5Y1di7XBVGHECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSdLgvn
0aYD7pssymXsTRPjdbptojAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmRlN2NlMDUtZTJhNC00YzkwLTkwMjUtNWVjNWE2NGEwOThjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HIQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAOo0wslGDyGHnJA2Lr7DpF5ghQp65fLFNFSwa5
ZsOmIacaNqiti/oUSUwHtigpTual0c5qKEUsrWIh/o0KpYfIpWPaCxFsZQO8TNiG
6hd3wZGze43quSoZtYT1keQE3bEdNBuRmTlgb9qShM8WUfdHImn2O6Bz+swqJN1V
9KUd1Ad+rI+AJ4o6ZV2tc6hHPITATxRkFCQUzBhcGNZxOrHNVir+VO90fFsZcgSU
jVwiowN5hcHU8PgNAkVRv7v/2T6i5m7SNhTFbOA6080H87A/gLgIQPvW2eP3Hse/
MRvizaVyHp0FrjfZ7yPrB+jKZJgIfTFuij99ociB+o/1BXJe
-----END CERTIFICATE-----
Generated at Mon Dec 9 19:07:31 2024 by rpki-client on console-ams.rpki-client.org