Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa
File: 7802179a-c80f-42f1-a50b-a0af1df078c2.roa (raw, json)
Hash identifier: E/ZgHelGVYqs90crLTYrNPqhajCCz5/LG0g+kVEU6b8=
Subject key identifier: 26:13:07:97:DD:C7:8F:E0:F4:47:CB:E8:9A:41:89:31:6F:57:1E:1F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 15FB7D02CBA13A49EEF333180356A6F42C918CF8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa
Signing time: Fri 22 Nov 2024 00:00:00 +0000
ROA not before: Fri 22 Nov 2024 00:00:00 +0000
ROA not after: Fri 27 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:fb:7d:02:cb:a1:3a:49:ee:f3:33:18:03:56:a6:f4:2c:91:8c:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 22 00:00:00 2024 GMT
Not After : Dec 27 23:59:59 2024 GMT
Subject: serialNumber=ae5289eb9505a32408ee5c2de8d529d493f189c7f24809802d9bf38dd7bb692c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5f:bf:1e:df:35:27:d2:3c:66:81:81:13:ef:
cd:d0:97:71:a0:5e:7d:3f:d9:f7:18:23:1c:e5:9f:
d0:f9:24:44:99:17:3d:02:0a:5f:06:e8:df:df:13:
bc:eb:ac:f3:13:65:c6:a0:e0:01:17:8f:a8:b5:4d:
1e:0f:4f:9a:a5:46:c0:c8:2a:9f:87:d3:22:29:90:
80:00:17:7f:bc:eb:3f:ab:b0:c7:37:2f:65:00:6b:
08:61:df:e0:69:12:32:6b:32:02:4c:ed:a2:71:d4:
a8:c8:74:fd:c7:4e:56:e4:ba:81:b4:2f:dc:30:6a:
ad:29:a0:6e:e5:13:aa:fb:fc:f1:46:9a:de:e9:0a:
67:08:2b:7e:3d:65:31:5a:2c:3e:6c:3d:37:3d:89:
89:b3:4f:fb:e7:2d:86:78:bd:6c:d2:df:18:38:58:
be:61:44:7b:89:21:10:28:4c:a1:ff:e4:94:9b:91:
61:80:80:e0:84:ba:2f:90:88:8d:4f:29:68:d5:13:
de:32:ab:83:f6:c3:89:1a:83:34:b8:2c:cd:f8:c0:
3f:04:ab:96:5a:65:fd:c0:e1:c9:75:ba:9d:3b:9a:
dc:de:63:5a:02:0a:af:83:e3:c0:c4:7c:4b:4e:1f:
e1:90:86:f2:b4:8c:44:08:54:41:23:00:bd:c6:6c:
19:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:13:07:97:DD:C7:8F:E0:F4:47:CB:E8:9A:41:89:31:6F:57:1E:1F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:4000::/40
Signature Algorithm: sha256WithRSAEncryption
6a:36:74:6b:73:fb:fe:b5:84:5b:3b:5a:87:01:23:77:0a:7a:
8d:4c:8a:de:28:49:dc:5d:23:2c:01:73:ff:67:d6:2f:bc:a2:
13:d5:54:9a:90:e4:0e:31:a7:45:40:3d:fe:3f:f5:c5:b2:5b:
60:d0:12:55:07:86:00:52:e4:ad:bc:25:15:2f:ef:bb:2f:bd:
81:79:3e:79:ef:8e:3f:b0:85:70:f5:d5:b3:61:57:1e:4a:c5:
b1:20:bc:cc:74:8d:df:7f:b2:13:61:80:1e:67:d0:db:ca:0e:
70:38:be:63:5e:d6:bf:70:1c:0d:7f:f8:d0:e9:cc:a0:0a:9a:
52:d4:34:e2:04:43:88:b3:c0:2b:b5:06:85:84:10:8e:8b:ab:
98:c4:9a:71:ee:81:8a:41:04:f1:4d:02:a5:61:13:a1:28:ae:
9c:e6:03:28:26:35:c2:81:87:a9:0a:86:17:08:9c:a6:45:a3:
70:25:0e:c2:c1:5b:6a:2a:31:e1:f2:1c:f3:7d:c0:a3:42:f9:
b1:26:da:63:cd:c7:92:fd:ec:ae:cd:cd:f8:83:50:b3:65:ea:
f3:1e:ff:6d:aa:4a:30:ac:78:1d:1c:f0:47:e8:06:8d:ca:e6:
8c:53:e4:4a:f2:9e:a9:a2:fb:f5:ac:cd:91:25:e5:e6:71:2e:
ac:57:f8:49
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFft9AsuhOknu8zMYA1am9CyRjPgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMjIwMDAwMDBaFw0yNDEyMjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlNTI4OWViOTUwNWEzMjQwOGVlNWMyZGU4ZDUyOWQ0OTNmMTg5YzdmMjQ4
MDk4MDJkOWJmMzhkZDdiYjY5MmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxfvx7fNSfSPGaBgRPvzdCXcaBefT/Z9xgjHOWf0PkkRJkXPQIKXwbo398T
vOus8xNlxqDgARePqLVNHg9PmqVGwMgqn4fTIimQgAAXf7zrP6uwxzcvZQBrCGHf
4GkSMmsyAkztonHUqMh0/cdOVuS6gbQv3DBqrSmgbuUTqvv88Uaa3ukKZwgrfj1l
MVosPmw9Nz2JibNP++cthni9bNLfGDhYvmFEe4khEChMof/klJuRYYCA4IS6L5CI
jU8paNUT3jKrg/bDiRqDNLgszfjAPwSrllpl/cDhyXW6nTua3N5jWgIKr4PjwMR8
S04f4ZCG8rSMRAhUQSMAvcZsGUkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQmEweX
3ceP4PRHy+iaQYkxb1ceHzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzgwMjE3OWEtYzgwZi00MmYxLWE1MGItYTBhZjFkZjA3OGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FlA
MA0GCSqGSIb3DQEBCwUAA4IBAQBqNnRrc/v+tYRbO1qHASN3CnqNTIreKEncXSMs
AXP/Z9YvvKIT1VSakOQOMadFQD3+P/XFsltg0BJVB4YAUuStvCUVL++7L72BeT55
744/sIVw9dWzYVceSsWxILzMdI3ff7ITYYAeZ9Dbyg5wOL5jXta/cBwNf/jQ6cyg
CppS1DTiBEOIs8ArtQaFhBCOi6uYxJpx7oGKQQTxTQKlYROhKK6c5gMoJjXCgYep
CoYXCJymRaNwJQ7CwVtqKjHh8hzzfcCjQvmxJtpjzceS/eyuzc34g1CzZerzHv9t
qkowrHgdHPBH6AaNyuaMU+RK8p6povv1rM2RJeXmcS6sV/hJ
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:58:39 2024 by rpki-client on console-fra.rpki-client.org