Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6de7ce05-e2a4-4c90-9025-5ec5a64a098c.roa
File: 6de7ce05-e2a4-4c90-9025-5ec5a64a098c.roa (raw, json)
Hash identifier: Z1er5L4FMmKYe2+/oJunq9pg9xHPbwapywWD9Xlno9Q=
Subject key identifier: C6:AA:E9:9B:FB:1C:F7:CB:01:B2:60:0D:05:FA:67:87:64:1A:8D:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72E44737F9C94EC848096FA133D78348BC2774F6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6de7ce05-e2a4-4c90-9025-5ec5a64a098c.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:e4:47:37:f9:c9:4e:c8:48:09:6f:a1:33:d7:83:48:bc:27:74:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=8b3b9f888eee04ffba9a86dfb5bc352b57ca42e7a8ace4473ab8d6d36368b0f9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c3:38:39:a8:96:a7:6c:25:5c:df:f6:3c:59:
dd:fc:00:e4:5d:b7:da:78:24:ed:e4:1c:b2:2d:c9:
85:31:ce:83:6d:c1:11:92:6c:fe:60:91:6c:ad:10:
82:97:de:30:14:3f:b4:a9:bc:ec:cc:85:f8:27:d1:
05:32:e6:84:15:a9:7f:b9:c2:a1:89:40:e3:c2:0b:
31:da:be:a9:f8:a2:41:b6:0f:72:85:a8:7c:8f:5d:
f7:21:5c:53:1e:66:8a:c8:76:40:15:67:07:31:f1:
fd:3b:52:27:77:70:71:ed:be:22:30:cb:36:1e:93:
dc:7a:aa:df:56:32:2c:7b:41:53:9f:d3:f2:94:9b:
20:f0:cb:66:8a:b3:69:88:38:1a:9f:eb:5c:85:50:
65:6c:1c:bc:f5:71:43:26:3e:c9:fc:2b:8a:6b:3e:
f8:55:9b:27:ba:94:f1:95:30:00:bd:5f:34:06:9b:
48:c2:e3:4d:8e:af:19:aa:6f:bd:f5:b1:b8:99:fd:
48:03:fd:b1:6f:f0:cf:d3:7c:6c:f0:01:df:47:dc:
57:b8:c3:1b:3f:dd:c1:d5:c0:1e:78:1f:c1:1e:83:
fc:a6:8c:f6:ed:19:71:ac:a7:6d:03:e5:01:c7:81:
80:84:69:5c:f1:6c:9b:02:79:31:71:1f:71:f7:f9:
2f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:AA:E9:9B:FB:1C:F7:CB:01:B2:60:0D:05:FA:67:87:64:1A:8D:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6de7ce05-e2a4-4c90-9025-5ec5a64a098c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:1000::/40
Signature Algorithm: sha256WithRSAEncryption
92:66:b6:cd:02:72:93:e3:cb:34:99:11:fa:3f:47:50:6d:b3:
0e:84:e2:ae:fe:e2:b6:29:f2:2a:0e:10:51:db:fa:8a:be:c9:
ba:92:bf:b2:d1:18:a3:95:87:03:f3:e5:58:4f:ae:71:be:0a:
6d:70:c5:cd:e6:0d:91:23:5c:30:3a:ac:c3:7f:45:f9:11:65:
c2:fe:eb:74:ba:3f:82:2e:46:69:81:22:fa:dd:23:b7:f3:8a:
74:b1:df:0d:ac:d1:ee:f0:85:43:cf:7f:9b:6b:61:ab:5b:92:
75:ea:7a:c3:93:89:6f:88:c4:4d:c3:46:bb:39:ed:6b:11:1d:
55:ba:ad:e7:6e:c4:92:87:e0:0c:a1:ff:07:bd:84:e9:a4:ad:
74:56:7d:ab:5f:c0:99:56:eb:25:2e:2d:e3:62:fc:6a:8f:5d:
82:58:e1:fc:c2:1d:9f:a8:da:ac:29:8a:1d:e7:0e:5d:7e:f4:
81:ed:ce:c6:c2:c1:74:4a:e7:7a:7b:ab:cd:a8:75:76:b6:17:
26:05:38:8c:e7:c2:ce:5e:f5:a5:3d:1a:88:73:7e:d0:bb:9b:
73:ad:ff:e7:b0:85:a7:8a:d8:1e:86:ee:12:b8:aa:19:33:bf:
d9:98:3f:72:49:a1:7c:de:2a:8a:90:bc:18:63:e6:ce:b2:bf:
98:df:19:ff
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcuRHN/nJTshICW+hM9eDSLwndPYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiM2I5Zjg4OGVlZTA0ZmZiYTlhODZkZmI1YmMzNTJiNTdjYTQyZTdhOGFj
ZTQ0NzNhYjhkNmQzNjM2OGIwZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPDODmolqdsJVzf9jxZ3fwA5F232ngk7eQcsi3JhTHOg23BEZJs/mCRbK0Q
gpfeMBQ/tKm87MyF+CfRBTLmhBWpf7nCoYlA48ILMdq+qfiiQbYPcoWofI9d9yFc
Ux5mish2QBVnBzHx/TtSJ3dwce2+IjDLNh6T3Hqq31YyLHtBU5/T8pSbIPDLZoqz
aYg4Gp/rXIVQZWwcvPVxQyY+yfwrims++FWbJ7qU8ZUwAL1fNAabSMLjTY6vGapv
vfWxuJn9SAP9sW/wz9N8bPAB30fcV7jDGz/dwdXAHngfwR6D/KaM9u0ZcaynbQPl
AceBgIRpXPFsmwJ5MXEfcff5LyUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTGqumb
+xz3ywGyYA0F+meHZBqNczAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmRlN2NlMDUtZTJhNC00YzkwLTkwMjUtNWVjNWE2NGEwOThjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HIQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCSZrbNAnKT48s0mRH6P0dQbbMOhOKu/uK2KfIq
DhBR2/qKvsm6kr+y0RijlYcD8+VYT65xvgptcMXN5g2RI1wwOqzDf0X5EWXC/ut0
uj+CLkZpgSL63SO384p0sd8NrNHu8IVDz3+ba2GrW5J16nrDk4lviMRNw0a7Oe1r
ER1Vuq3nbsSSh+AMof8HvYTppK10Vn2rX8CZVuslLi3jYvxqj12CWOH8wh2fqNqs
KYod5w5dfvSB7c7GwsF0Sud6e6vNqHV2thcmBTiM58LOXvWlPRqIc37Qu5tzrf/n
sIWnitgehu4SuKoZM7/ZmD9ySaF83iqKkLwYY+bOsr+Y3xn/
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:27 2024 by rpki-client on console-ams.rpki-client.org