Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/706b4d5a-dbff-436a-9e9a-0c243ef12d01.roa
File: 706b4d5a-dbff-436a-9e9a-0c243ef12d01.roa (raw, json)
Hash identifier: U3Ovc5gUhnxxyyzXb8KEfv1e7X05L7LolJmfFZheKns=
Subject key identifier: 94:35:BE:0A:57:92:78:A8:C6:C5:0F:05:74:1C:25:0A:62:44:01:91
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1663E08609782B44244C06F49F1944978383692C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/706b4d5a-dbff-436a-9e9a-0c243ef12d01.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:63:e0:86:09:78:2b:44:24:4c:06:f4:9f:19:44:97:83:83:69:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=14b4503501507ebe01205ef1c5742fd9982c6461512ecabe3944434dbd3d6e98, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ac:b8:ea:eb:5f:a6:12:8d:5e:a1:83:8f:5c:
21:47:6d:75:a0:01:c5:58:f7:85:7d:d0:8e:8e:1f:
2e:29:26:87:23:d8:e7:2b:0d:90:ca:fa:f0:30:75:
6c:ca:c6:60:04:5c:a1:6c:db:70:fc:0b:01:c1:a9:
44:bc:75:91:2f:6d:d4:d0:73:ce:1e:e6:2a:ea:52:
5c:ca:b3:93:55:77:05:ed:c7:4b:d4:aa:bc:a5:a0:
00:15:7c:3f:2c:42:23:22:48:e3:5c:57:08:fe:11:
d6:5f:ab:42:05:43:ff:3c:ab:70:44:7c:49:39:50:
3a:19:44:07:f3:9a:a5:8b:00:e5:d7:ad:71:6b:cf:
ec:33:05:47:83:ce:75:76:08:5f:55:f1:79:29:b5:
d7:a7:e1:a1:e8:a6:5d:49:38:ad:4b:ba:d3:90:96:
f6:3d:12:ac:23:87:a1:b8:9d:81:32:19:ea:74:d1:
ac:f8:f0:b7:57:77:4e:0b:95:fb:9c:d8:68:fd:f3:
49:9f:b0:96:bd:00:d8:f9:94:2e:08:f4:50:20:e6:
70:fd:c2:6f:df:b7:80:15:35:23:b5:89:b2:75:48:
17:36:00:86:5a:da:f0:9f:ff:f1:62:da:9b:c7:7f:
83:b0:15:cc:12:e3:86:e5:de:e0:35:5b:85:af:63:
aa:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:35:BE:0A:57:92:78:A8:C6:C5:0F:05:74:1C:25:0A:62:44:01:91
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/706b4d5a-dbff-436a-9e9a-0c243ef12d01.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:9000::/40
Signature Algorithm: sha256WithRSAEncryption
9d:07:12:62:77:50:bc:62:96:28:37:c3:af:d9:7e:af:64:0f:
b7:1e:83:37:75:7a:d7:86:ff:b0:43:ca:8f:d4:53:29:04:5c:
6d:bd:f7:8c:ec:51:d4:f5:7f:f0:e7:30:df:01:d4:14:01:bd:
4c:5e:ed:2f:b3:4f:7b:59:f0:62:53:c2:e9:36:d4:fc:3e:5a:
02:e1:41:56:b7:18:b7:eb:15:a0:9d:9a:7b:6e:a6:2d:dd:d6:
6e:a5:fd:61:23:11:70:c5:48:1f:ec:4f:b4:fc:4a:c5:82:d7:
b9:1f:47:bb:a1:41:6a:19:b4:90:e3:24:a1:ed:86:16:b3:a1:
f2:a5:17:8c:e8:49:89:d4:a2:53:22:94:44:04:bd:14:e6:8d:
5a:ef:cd:53:87:d4:9f:d1:52:1c:c2:ca:d7:92:ab:2d:7d:21:
d2:59:44:25:61:cf:77:21:73:4c:81:33:f8:48:cf:7f:d8:3e:
40:96:21:26:97:6b:f0:78:41:4b:69:2f:09:4b:b9:a1:2f:c7:
73:13:13:5e:f4:b4:53:c8:82:8d:40:c9:81:cc:96:25:3a:37:
28:3b:df:a3:7f:93:26:86:d3:9b:eb:3f:87:b5:2b:b7:9d:cb:
91:90:84:77:fc:a5:d7:4e:f1:e9:79:97:ff:27:6b:ac:8d:a9:
e9:9c:c5:a1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFmPghgl4K0QkTAb0nxlEl4ODaSwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0YjQ1MDM1MDE1MDdlYmUwMTIwNWVmMWM1NzQyZmQ5OTgyYzY0NjE1MTJl
Y2FiZTM5NDQ0MzRkYmQzZDZlOTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ6suOrrX6YSjV6hg49cIUdtdaABxVj3hX3Qjo4fLikmhyPY5ysNkMr68DB1
bMrGYARcoWzbcPwLAcGpRLx1kS9t1NBzzh7mKupSXMqzk1V3Be3HS9SqvKWgABV8
PyxCIyJI41xXCP4R1l+rQgVD/zyrcER8STlQOhlEB/OapYsA5detcWvP7DMFR4PO
dXYIX1XxeSm116fhoeimXUk4rUu605CW9j0SrCOHobidgTIZ6nTRrPjwt1d3TguV
+5zYaP3zSZ+wlr0A2PmULgj0UCDmcP3Cb9+3gBU1I7WJsnVIFzYAhlra8J//8WLa
m8d/g7AVzBLjhuXe4DVbha9jqpcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSUNb4K
V5J4qMbFDwV0HCUKYkQBkTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzA2YjRkNWEtZGJmZi00MzZhLTllOWEtMGMyNDNlZjEyZDAxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HmQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCdBxJid1C8YpYoN8Ov2X6vZA+3HoM3dXrXhv+w
Q8qP1FMpBFxtvfeM7FHU9X/w5zDfAdQUAb1MXu0vs097WfBiU8LpNtT8PloC4UFW
txi36xWgnZp7bqYt3dZupf1hIxFwxUgf7E+0/ErFgte5H0e7oUFqGbSQ4ySh7YYW
s6HypReM6EmJ1KJTIpREBL0U5o1a781Th9Sf0VIcwsrXkqstfSHSWUQlYc93IXNM
gTP4SM9/2D5AliEml2vweEFLaS8JS7mhL8dzExNe9LRTyIKNQMmBzJYlOjcoO9+j
f5MmhtOb6z+HtSu3ncuRkIR3/KXXTvHpeZf/J2usjanpnMWh
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:58:39 2024 by rpki-client on console-fra.rpki-client.org