Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
File: 739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa (raw, json)
Hash identifier: RbHCILnYR1ml7YJr4wiFjHIwK6J3okl0tDfRQk0dx44=
Subject key identifier: 33:CA:70:60:69:03:76:11:D8:10:61:94:BA:5F:BB:50:57:1F:2A:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3EA9D9EA70B492F12741189AF4D50696ED8DE858
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:a9:d9:ea:70:b4:92:f1:27:41:18:9a:f4:d5:06:96:ed:8d:e8:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=abc8702ed407b17643a1b72b1050c933b988cb365f5b41e258d76650e258f0b9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:31:e9:ae:92:fe:bc:01:b1:a8:7d:5a:5f:7d:
21:93:37:59:da:d7:1b:28:21:85:8f:8a:d6:94:e5:
5d:8f:d8:85:18:43:42:48:d8:e2:83:75:e1:31:5f:
c9:c4:1d:cf:88:ed:32:4c:39:47:1d:6e:43:72:6b:
a9:69:85:54:e6:ad:a2:02:34:a5:11:69:cd:40:19:
40:db:66:7e:10:68:8d:15:27:38:14:98:6a:49:47:
8d:7e:8b:33:50:3e:d2:fd:00:58:6e:5b:88:b8:f7:
c1:08:fa:44:57:fe:9a:48:60:89:0e:bf:af:55:e6:
95:b5:c9:bb:2d:79:5e:1d:b9:eb:94:a3:44:ac:d6:
e3:0f:68:51:58:5d:dc:f2:0c:29:62:3b:02:a0:ad:
43:68:56:d6:3d:1b:a8:0a:ee:7d:0e:1b:a9:29:bc:
b1:c0:d7:79:c5:2a:a1:e3:fd:c9:3f:32:1a:b8:46:
f0:15:65:40:44:87:d2:a3:95:d9:c3:f8:21:93:d7:
bf:de:31:ab:58:76:cb:e4:15:49:87:d9:9b:0e:41:
41:16:14:94:39:c9:ed:0e:04:20:3e:a3:21:86:97:
52:a0:d7:38:73:fc:d4:3e:c9:86:3b:97:30:5d:2c:
8c:ac:13:ba:93:c5:8b:88:a0:08:cd:d8:89:f5:7b:
35:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:CA:70:60:69:03:76:11:D8:10:61:94:BA:5F:BB:50:57:1F:2A:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:9000::/40
Signature Algorithm: sha256WithRSAEncryption
31:98:e8:e6:bf:96:9c:97:7d:a8:ba:90:dd:53:f5:88:53:77:
6a:56:d5:06:8d:62:3d:7f:0c:25:ca:6f:ef:44:43:ee:97:0e:
fd:a9:58:ac:b1:3a:13:74:c7:31:88:7a:52:0b:1e:5e:e7:54:
1d:a5:97:40:80:f1:d3:59:7a:96:4b:d7:1d:57:e6:5e:20:69:
24:de:fa:1c:91:43:65:19:83:0e:07:c5:01:9e:e4:11:28:83:
a2:83:54:87:b4:b9:1d:83:d0:66:65:27:20:c7:86:24:83:7f:
76:d0:19:f9:8c:f5:88:c3:2f:34:18:e3:ac:f3:47:da:da:0a:
41:2d:8f:99:39:de:79:f7:a3:55:bf:ee:51:c9:c7:37:fc:56:
71:08:af:0d:6b:6d:a1:c8:a1:9d:25:aa:c0:d1:40:72:3c:66:
2b:a4:ff:45:f7:6e:4e:56:72:1d:c4:5a:3b:6a:04:70:a6:75:
cf:ac:19:67:28:b6:3b:08:d4:fb:a4:45:9e:08:3d:7e:67:47:
fb:4e:b5:f7:1e:26:dc:95:63:eb:56:74:cd:4f:38:22:4f:c7:
01:48:9c:12:82:2e:20:77:e1:7f:b3:8b:d6:8c:ba:4e:63:85:
2e:7f:de:56:1c:5a:d5:93:e6:1e:eb:91:08:45:fb:2a:c9:9d:
50:5a:62:b4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPqnZ6nC0kvEnQRia9NUGlu2N6FgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiYzg3MDJlZDQwN2IxNzY0M2ExYjcyYjEwNTBjOTMzYjk4OGNiMzY1ZjVi
NDFlMjU4ZDc2NjUwZTI1OGYwYjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANUx6a6S/rwBsah9Wl99IZM3WdrXGyghhY+K1pTlXY/YhRhDQkjY4oN14TFf
ycQdz4jtMkw5Rx1uQ3JrqWmFVOatogI0pRFpzUAZQNtmfhBojRUnOBSYaklHjX6L
M1A+0v0AWG5biLj3wQj6RFf+mkhgiQ6/r1XmlbXJuy15Xh2565SjRKzW4w9oUVhd
3PIMKWI7AqCtQ2hW1j0bqArufQ4bqSm8scDXecUqoeP9yT8yGrhG8BVlQESH0qOV
2cP4IZPXv94xq1h2y+QVSYfZmw5BQRYUlDnJ7Q4EID6jIYaXUqDXOHP81D7JhjuX
MF0sjKwTupPFi4igCM3YifV7NZECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQzynBg
aQN2EdgQYZS6X7tQVx8qpDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzM5ZDhiMDgtZjgyYi00YTJhLTg0MWMtMmZhZjdhMzMxZmZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAxmOjmv5acl32oupDdU/WIU3dqVtUGjWI9fwwl
ym/vREPulw79qVissToTdMcxiHpSCx5e51QdpZdAgPHTWXqWS9cdV+ZeIGkk3voc
kUNlGYMOB8UBnuQRKIOig1SHtLkdg9BmZScgx4Ykg3920Bn5jPWIwy80GOOs80fa
2gpBLY+ZOd5596NVv+5Rycc3/FZxCK8Na22hyKGdJarA0UByPGYrpP9F925OVnId
xFo7agRwpnXPrBlnKLY7CNT7pEWeCD1+Z0f7TrX3HibclWPrVnTNTzgiT8cBSJwS
gi4gd+F/s4vWjLpOY4Uuf95WHFrVk+Ye65EIRfsqyZ1QWmK0
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:11 2024 by rpki-client on console-fra.rpki-client.org