Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f8d79c6-b773-4073-9ff4-2210e6a111b7.roa
File: 6f8d79c6-b773-4073-9ff4-2210e6a111b7.roa (raw, json)
Hash identifier: a+ej1sBNZxMA3Wtk9Xz25fLHQm1vQ6Sdff7R1lI5Im0=
Subject key identifier: ED:E5:73:E0:CB:70:FA:D6:46:CE:3C:DC:09:89:B4:89:1B:5B:56:09
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 427A0EC2E9149419341D5CA4A8EF8822459B3A14
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f8d79c6-b773-4073-9ff4-2210e6a111b7.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:7a:0e:c2:e9:14:94:19:34:1d:5c:a4:a8:ef:88:22:45:9b:3a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=92df8b2d731665be0260222c1b301324ee5acd59438f1bcf35757bbbd2f2be6a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f1:47:00:b8:3f:97:85:04:c2:a9:3b:f9:9e:
fc:d9:c8:9b:67:2a:e6:7b:d9:2a:51:cb:c3:9a:45:
63:f2:fe:f0:13:94:51:0d:d7:d6:73:9a:af:44:c0:
c4:b4:a4:f0:d3:3d:dc:48:71:ae:6d:ff:77:a7:ab:
af:b1:54:71:cb:04:ad:09:cb:27:e1:dd:94:30:56:
53:61:4a:23:50:21:d8:34:40:52:8d:8b:ed:c8:0d:
ed:1b:2f:6b:55:38:a2:24:86:8e:8c:f6:cc:d2:7b:
ab:84:42:43:10:cf:08:bc:b0:64:df:a8:df:0c:76:
a5:83:4b:32:47:d7:11:c6:9f:ab:f0:7b:82:de:1d:
ee:4f:4b:98:59:1c:b2:78:1d:60:97:f4:8a:3f:06:
13:bb:63:22:87:39:d2:d9:7c:72:71:c8:0b:05:16:
86:93:15:ed:c8:f1:f0:05:60:8e:5d:3c:86:7e:cc:
29:b9:9c:23:0f:11:1a:20:9a:2a:60:a6:56:40:41:
f6:a4:cd:9a:ab:74:6e:b8:f9:c7:38:af:0b:60:ac:
2b:82:87:77:3f:f9:23:0e:a1:55:e4:1f:be:c6:26:
08:78:70:a4:98:68:1b:a7:68:90:88:b2:ce:ba:5b:
01:0a:b5:b2:7a:30:25:62:ff:e0:47:95:23:4c:fe:
cf:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:E5:73:E0:CB:70:FA:D6:46:CE:3C:DC:09:89:B4:89:1B:5B:56:09
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f8d79c6-b773-4073-9ff4-2210e6a111b7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:1000::/40
Signature Algorithm: sha256WithRSAEncryption
b2:80:8c:69:a7:fd:4d:56:79:c6:03:9a:88:91:ef:6d:67:42:
b2:bf:85:d5:c7:6d:f2:de:f9:95:0a:58:45:f1:4a:92:71:99:
e8:02:05:34:97:aa:88:de:ba:e0:a1:d8:16:da:6a:a6:d2:b0:
fe:b1:76:de:44:91:92:ed:d7:18:80:1f:b9:ef:24:da:db:a5:
c9:f6:ce:3b:94:74:ad:6d:ff:94:6b:81:5b:c6:0c:26:d6:b6:
d6:7a:b5:a5:90:cf:4d:41:8f:d3:5f:6e:81:b2:20:a9:42:3f:
42:f0:20:8a:d5:69:d9:6a:43:5c:46:d1:1a:79:af:48:1e:a4:
fb:8b:45:fe:eb:6c:83:b0:0e:7a:57:f2:44:80:53:84:c3:11:
1f:9d:1b:83:8a:1d:ae:5f:1e:9e:5e:2e:7a:36:d4:79:98:cd:
47:5f:a8:01:94:d3:d3:50:f6:ac:16:4a:a1:05:51:ab:f8:e7:
8d:ab:14:18:12:ca:bc:96:45:84:74:31:40:98:68:e8:4d:02:
5f:bc:c8:50:6d:cb:76:a4:53:95:79:b6:1a:c4:73:ad:1c:e8:
49:36:5b:f3:0d:a7:2b:d5:a5:54:fb:44:73:7b:9d:9a:95:a4:
b0:36:f2:9b:18:b8:80:d8:ae:0e:c4:cb:ad:72:82:6b:b7:97:
14:04:cb:a4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQnoOwukUlBk0HVykqO+IIkWbOhQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyZGY4YjJkNzMxNjY1YmUwMjYwMjIyYzFiMzAxMzI0ZWU1YWNkNTk0Mzhm
MWJjZjM1NzU3YmJiZDJmMmJlNmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3xRwC4P5eFBMKpO/me/NnIm2cq5nvZKlHLw5pFY/L+8BOUUQ3X1nOar0TA
xLSk8NM93Ehxrm3/d6err7FUccsErQnLJ+HdlDBWU2FKI1Ah2DRAUo2L7cgN7Rsv
a1U4oiSGjoz2zNJ7q4RCQxDPCLywZN+o3wx2pYNLMkfXEcafq/B7gt4d7k9LmFkc
sngdYJf0ij8GE7tjIoc50tl8cnHICwUWhpMV7cjx8AVgjl08hn7MKbmcIw8RGiCa
KmCmVkBB9qTNmqt0brj5xzivC2CsK4KHdz/5Iw6hVeQfvsYmCHhwpJhoG6dokIiy
zrpbAQq1snowJWL/4EeVI0z+z98CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTt5XPg
y3D61kbOPNwJibSJG1tWCTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmY4ZDc5YzYtYjc3My00MDczLTlmZjQtMjIxMGU2YTExMWI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H4Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCygIxpp/1NVnnGA5qIke9tZ0Kyv4XVx23y3vmV
ClhF8UqScZnoAgU0l6qI3rrgodgW2mqm0rD+sXbeRJGS7dcYgB+57yTa26XJ9s47
lHStbf+Ua4Fbxgwm1rbWerWlkM9NQY/TX26BsiCpQj9C8CCK1WnZakNcRtEaea9I
HqT7i0X+62yDsA56V/JEgFOEwxEfnRuDih2uXx6eXi56NtR5mM1HX6gBlNPTUPas
FkqhBVGr+OeNqxQYEsq8lkWEdDFAmGjoTQJfvMhQbct2pFOVebYaxHOtHOhJNlvz
Dacr1aVU+0Rze52alaSwNvKbGLiA2K4OxMutcoJrt5cUBMuk
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:27 2024 by rpki-client on console-ams.rpki-client.org