Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
File: 7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa (raw, json)
Hash identifier: xgIW6Jx9FG6OdDsjJKeGXYWbPg+6s3Fr8QNGtroqOXM=
Subject key identifier: 83:8A:22:EB:F6:6F:9F:30:CB:00:BC:BB:49:EB:7A:02:8A:83:7A:58
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A2659723C7C4AD87E09179743993C96912A3961
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
Signing time: Fri 22 Nov 2024 00:00:00 +0000
ROA not before: Fri 22 Nov 2024 00:00:00 +0000
ROA not after: Fri 27 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:26:59:72:3c:7c:4a:d8:7e:09:17:97:43:99:3c:96:91:2a:39:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 22 00:00:00 2024 GMT
Not After : Dec 27 23:59:59 2024 GMT
Subject: serialNumber=c0e7fc67969e80e589605adbc8610b045b26f0ab81dbde88edb3e859f13ec2c4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a8:83:4c:e3:cd:bc:56:be:03:5c:c2:4c:30:
32:e5:c6:6d:37:f7:33:e2:f9:66:5c:9d:14:e1:70:
d3:5f:3d:32:14:7f:b7:3c:52:31:45:6c:89:22:4b:
8c:30:70:32:0b:ef:5f:ec:d8:f1:46:01:18:0b:ce:
44:db:28:38:73:a0:e9:e5:53:9b:14:c7:b9:b6:81:
87:d6:73:94:7e:4c:6b:dd:6e:de:a7:6e:1d:b2:f7:
c6:c2:29:79:6e:e4:a4:36:0c:af:85:e4:29:fa:93:
45:c3:fe:eb:5a:7e:ec:84:3e:81:28:6c:5c:47:1f:
d4:ed:d7:27:ab:c5:53:73:f1:85:a0:01:eb:b8:7e:
74:19:bd:7c:e0:8d:e1:8f:33:dc:d9:5b:55:e6:4c:
c1:30:1d:a1:0f:58:d9:27:51:b2:f3:be:a7:ff:e8:
6e:15:04:98:7b:99:41:60:6f:dd:be:3c:98:ad:bd:
84:80:27:82:f9:47:35:7f:68:bb:30:07:de:8f:31:
42:9b:69:41:e6:93:8e:09:ca:de:ae:54:7f:18:ca:
cf:41:96:df:b4:44:e3:07:3d:d6:29:ec:98:81:96:
1a:a7:62:85:17:55:76:27:cc:b5:f2:08:ff:38:a9:
67:ed:62:01:04:be:6d:f7:c7:bc:f5:6c:45:f5:60:
b3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:8A:22:EB:F6:6F:9F:30:CB:00:BC:BB:49:EB:7A:02:8A:83:7A:58
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:e000::/40
Signature Algorithm: sha256WithRSAEncryption
c9:9b:5a:1b:cb:15:b6:37:9d:05:62:b8:b8:4e:1a:87:c2:54:
61:e6:06:13:19:c7:ec:a2:43:c4:0d:6f:0e:12:30:ef:64:52:
ff:60:0e:69:81:28:72:6e:be:d4:9c:6f:14:37:24:74:3f:07:
00:b2:f1:17:32:09:06:88:32:72:70:70:f3:63:76:09:8e:73:
f3:38:11:68:b2:6b:91:02:4c:e3:c4:c0:8d:0a:94:2c:f7:05:
5d:cb:2a:60:b3:e6:c4:9e:69:fd:14:eb:80:e6:fc:bc:b2:b7:
0c:5c:79:ee:01:66:12:79:80:01:83:ee:16:04:aa:da:94:72:
31:f8:77:3b:82:de:ed:fa:00:4f:2e:36:91:4f:38:6c:72:4a:
1b:f0:2c:d8:fb:27:19:44:aa:4d:a5:e1:48:0c:1c:ff:4d:5f:
31:9d:8b:d7:71:64:0a:cc:c8:c8:d1:02:e0:69:62:69:5f:b7:
b5:a6:5e:30:49:94:6e:49:a5:48:17:26:59:f5:8d:1c:7d:23:
f8:61:01:fa:28:37:71:7a:84:2d:3d:84:e1:85:be:ec:af:58:
57:87:42:9e:99:e1:45:2e:49:7e:ec:f5:1e:44:41:2b:37:8b:
4a:96:9c:87:ef:37:6b:7c:e5:40:86:d9:4d:0f:e0:81:f9:08:
4d:cc:7d:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeiZZcjx8Sth+CReXQ5k8lpEqOWEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMjIwMDAwMDBaFw0yNDEyMjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwZTdmYzY3OTY5ZTgwZTU4OTYwNWFkYmM4NjEwYjA0NWIyNmYwYWI4MWRi
ZGU4OGVkYjNlODU5ZjEzZWMyYzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKCog0zjzbxWvgNcwkwwMuXGbTf3M+L5ZlydFOFw0189MhR/tzxSMUVsiSJL
jDBwMgvvX+zY8UYBGAvORNsoOHOg6eVTmxTHubaBh9ZzlH5Ma91u3qduHbL3xsIp
eW7kpDYMr4XkKfqTRcP+61p+7IQ+gShsXEcf1O3XJ6vFU3PxhaAB67h+dBm9fOCN
4Y8z3NlbVeZMwTAdoQ9Y2SdRsvO+p//obhUEmHuZQWBv3b48mK29hIAngvlHNX9o
uzAH3o8xQptpQeaTjgnK3q5UfxjKz0GW37RE4wc91insmIGWGqdihRdVdifMtfII
/zipZ+1iAQS+bffHvPVsRfVgs5UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSDiiLr
9m+fMMsAvLtJ63oCioN6WDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2EyMjE1ZTctNWVlMi00MjBiLThmOTgtNWUwZmFlZjRjYmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Djg
MA0GCSqGSIb3DQEBCwUAA4IBAQDJm1obyxW2N50FYri4ThqHwlRh5gYTGcfsokPE
DW8OEjDvZFL/YA5pgShybr7UnG8UNyR0PwcAsvEXMgkGiDJycHDzY3YJjnPzOBFo
smuRAkzjxMCNCpQs9wVdyypgs+bEnmn9FOuA5vy8srcMXHnuAWYSeYABg+4WBKra
lHIx+Hc7gt7t+gBPLjaRTzhsckob8CzY+ycZRKpNpeFIDBz/TV8xnYvXcWQKzMjI
0QLgaWJpX7e1pl4wSZRuSaVIFyZZ9Y0cfSP4YQH6KDdxeoQtPYThhb7sr1hXh0Ke
meFFLkl+7PUeREErN4tKlpyH7zdrfOVAhtlND+CB+QhNzH2c
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:45 2024 by rpki-client on console-ams.rpki-client.org