Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/788d9d23-ba3f-42c4-b1a3-80f2414efb46.roa
File: 788d9d23-ba3f-42c4-b1a3-80f2414efb46.roa (raw, json)
Hash identifier: GmqEVDNC9cKhNt9iFyRRNZhkXekpoNCRO1E0ws2WVF4=
Subject key identifier: 77:44:D1:A9:82:EB:35:15:B0:58:6F:F3:72:5E:37:38:14:C4:8B:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 746EB836014397FBB65A216BE148B04DA6B8AD76
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/788d9d23-ba3f-42c4-b1a3-80f2414efb46.roa
Signing time: Fri 22 Nov 2024 00:00:00 +0000
ROA not before: Fri 22 Nov 2024 00:00:00 +0000
ROA not after: Fri 27 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:6e:b8:36:01:43:97:fb:b6:5a:21:6b:e1:48:b0:4d:a6:b8:ad:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 22 00:00:00 2024 GMT
Not After : Dec 27 23:59:59 2024 GMT
Subject: serialNumber=505319b4d3e8e2edb457cb06372301acd38f9524f54eb594c2a4d0e66108834f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:26:e5:d8:4f:03:06:45:59:ed:b6:11:e5:8b:
bc:24:83:8b:22:d6:82:10:a9:64:59:b9:21:a8:4e:
4e:18:c4:a7:34:fd:1c:5a:e4:80:70:87:cb:28:17:
de:16:1c:0e:fb:ba:e7:07:9c:62:5d:4a:f1:37:fe:
25:4f:4c:44:d7:08:09:0d:6b:0f:4b:76:e9:99:52:
f4:63:41:ed:88:0b:a4:40:7e:b6:06:3f:9f:ba:89:
5e:eb:32:fb:cc:05:80:da:6e:ad:23:59:e7:8b:7d:
ad:17:ab:7e:fe:56:a5:ca:1d:a2:b0:d1:f6:c9:35:
12:56:27:54:5c:8e:79:ef:fa:32:84:00:b6:c0:c4:
17:cb:a6:cc:96:90:c0:b5:9c:eb:a2:2d:a1:5c:d4:
92:ea:b5:71:ba:2e:bf:2f:27:64:14:72:ed:5d:0d:
b1:89:ca:7a:bf:b7:65:e6:4d:24:e5:b2:0e:89:e1:
e6:d8:93:1e:da:42:57:fa:b1:de:40:32:f1:a3:ad:
2e:ea:c1:af:42:11:72:62:4d:39:ef:a1:63:8e:34:
0a:ed:59:cf:78:94:d6:70:b1:cf:0a:70:e7:a7:14:
2b:61:65:70:1c:10:00:f6:82:49:80:ce:d1:6e:a5:
25:67:e0:09:ba:9b:81:55:0d:c0:85:4f:86:18:43:
17:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:44:D1:A9:82:EB:35:15:B0:58:6F:F3:72:5E:37:38:14:C4:8B:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/788d9d23-ba3f-42c4-b1a3-80f2414efb46.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:9000::/40
Signature Algorithm: sha256WithRSAEncryption
92:d1:fa:3a:ae:c2:91:5d:5a:eb:d2:ba:7d:01:a9:e6:a9:e7:
46:78:15:37:41:d0:57:a0:4e:01:1b:4b:24:de:72:ea:88:f9:
10:e5:82:8e:33:5c:82:db:83:23:b8:f7:bd:62:bc:44:51:ea:
88:36:0c:a0:af:72:ee:f1:70:c2:e7:83:20:4b:f5:9b:6a:1b:
2f:64:c7:2d:61:5d:34:42:7f:9c:16:c1:87:08:12:c3:6f:fc:
31:94:e3:77:04:bf:63:38:8e:cc:ac:86:a9:b1:ba:c6:5b:c5:
7c:92:78:f9:0a:ae:98:e7:83:d7:75:0f:14:4c:ee:17:05:cf:
14:b5:7f:e1:76:a4:e4:4c:41:99:8c:3d:90:8c:e7:3a:d6:69:
28:83:ec:b6:81:cc:65:d0:3c:70:70:6a:22:60:9f:54:5e:54:
4f:8a:ae:d2:53:7c:17:39:67:33:a9:dd:8b:1e:d8:30:b7:f9:
86:9b:4c:8e:ac:59:fe:c7:cc:b7:38:6e:14:2a:a4:c9:ac:b1:
2a:2b:6e:5f:46:8d:12:1f:86:01:6b:ce:22:fe:43:2f:66:82:
6d:0e:06:38:47:33:bb:a2:51:82:17:08:21:3d:68:e9:85:e1:
05:8e:d9:af:96:14:6d:e1:11:06:a5:f7:dc:8c:63:44:4d:1b:
ad:10:3d:67
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdG64NgFDl/u2WiFr4UiwTaa4rXYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMjIwMDAwMDBaFw0yNDEyMjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwNTMxOWI0ZDNlOGUyZWRiNDU3Y2IwNjM3MjMwMWFjZDM4Zjk1MjRmNTRl
YjU5NGMyYTRkMGU2NjEwODgzNGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0m5dhPAwZFWe22EeWLvCSDiyLWghCpZFm5IahOThjEpzT9HFrkgHCHyygX
3hYcDvu65wecYl1K8Tf+JU9MRNcICQ1rD0t26ZlS9GNB7YgLpEB+tgY/n7qJXusy
+8wFgNpurSNZ54t9rRerfv5WpcodorDR9sk1ElYnVFyOee/6MoQAtsDEF8umzJaQ
wLWc66ItoVzUkuq1cbouvy8nZBRy7V0NsYnKer+3ZeZNJOWyDonh5tiTHtpCV/qx
3kAy8aOtLurBr0IRcmJNOe+hY440Cu1Zz3iU1nCxzwpw56cUK2FlcBwQAPaCSYDO
0W6lJWfgCbqbgVUNwIVPhhhDF1kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR3RNGp
gus1FbBYb/NyXjc4FMSLrjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Nzg4ZDlkMjMtYmEzZi00MmM0LWIxYTMtODBmMjQxNGVmYjQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DiQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCS0fo6rsKRXVrr0rp9AanmqedGeBU3QdBXoE4B
G0sk3nLqiPkQ5YKOM1yC24MjuPe9YrxEUeqINgygr3Lu8XDC54MgS/WbahsvZMct
YV00Qn+cFsGHCBLDb/wxlON3BL9jOI7MrIapsbrGW8V8knj5Cq6Y54PXdQ8UTO4X
Bc8UtX/hdqTkTEGZjD2QjOc61mkog+y2gcxl0DxwcGoiYJ9UXlRPiq7SU3wXOWcz
qd2LHtgwt/mGm0yOrFn+x8y3OG4UKqTJrLEqK25fRo0SH4YBa84i/kMvZoJtDgY4
RzO7olGCFwghPWjpheEFjtmvlhRt4REGpffcjGNETRutED1n
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:45 2024 by rpki-client on console-ams.rpki-client.org