Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7b457542-f2de-44e5-aa2d-266e91992a29.roa
File: 7b457542-f2de-44e5-aa2d-266e91992a29.roa (raw, json)
Hash identifier: XwxSplznK+iW30a69UxM7CBNaT7ymizunPJ6MvBZ8BQ=
Subject key identifier: DC:63:28:DD:7B:B0:74:B3:BE:E6:14:47:C6:D4:86:E2:5D:E5:AA:A1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 782317D44F6252BC9C3793702147CAB84B22F380
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7b457542-f2de-44e5-aa2d-266e91992a29.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:23:17:d4:4f:62:52:bc:9c:37:93:70:21:47:ca:b8:4b:22:f3:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=3b08d23fe3aec9e06412388fdd3b81e73ba1c8b0d9644482a0f4290cc8bd09c8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:fd:d7:88:f8:31:ec:da:9c:09:4e:38:f2:cd:
5c:1c:02:2b:8b:c3:82:ff:f4:3f:df:4b:9f:f0:15:
fb:47:8c:19:7a:1d:a7:7b:c0:b0:91:7e:52:54:45:
7a:29:f3:9f:5d:06:67:43:eb:66:c5:49:f8:59:4d:
49:42:09:8e:b7:52:1c:00:89:44:b5:3c:bd:18:94:
6d:84:24:7f:e1:bc:aa:8d:72:01:ba:8a:93:3d:6d:
e8:ed:6a:92:07:17:aa:0b:d4:1a:88:2b:50:42:0c:
75:48:16:4d:dc:24:25:66:30:15:1f:b5:2f:af:56:
a3:6a:c1:d4:87:9c:db:75:58:03:4a:48:ed:9c:0b:
12:dd:ce:c6:f0:85:14:8d:a0:5e:33:52:53:6c:dd:
0e:7d:9d:cc:b5:e8:84:8a:a5:5a:db:c4:63:31:27:
b8:d6:49:fe:00:20:19:05:53:26:eb:11:32:4d:f4:
56:11:84:f5:9a:fd:bd:17:66:60:ec:09:f7:f7:43:
ea:e4:ac:4e:a3:69:94:aa:9f:c8:d8:03:fd:9b:9e:
8e:85:26:ed:15:c5:d6:2e:1c:32:81:7d:f0:f9:43:
96:01:3a:e7:0b:8c:e5:86:a4:77:52:1c:97:18:dc:
bf:1c:7f:d2:b3:f2:43:10:04:f5:ea:7d:d2:16:59:
af:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:63:28:DD:7B:B0:74:B3:BE:E6:14:47:C6:D4:86:E2:5D:E5:AA:A1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7b457542-f2de-44e5-aa2d-266e91992a29.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:9000::/40
Signature Algorithm: sha256WithRSAEncryption
32:72:f1:7d:08:42:69:82:ee:0e:79:1a:7d:ef:50:74:09:74:
e0:f2:eb:26:84:06:97:bc:f1:2f:ee:42:ac:34:67:ee:2b:5d:
c9:43:bc:b0:ce:aa:31:b5:83:bb:09:69:48:25:48:16:71:c8:
2c:4c:e7:ed:84:4a:22:1a:78:ae:75:df:e1:f3:74:aa:7f:db:
85:7f:9a:8e:1c:f2:5b:35:ef:29:22:69:0b:7f:34:af:52:83:
8e:39:79:86:51:22:2f:4a:c3:e6:bf:64:ca:34:ee:7c:1f:24:
c0:0e:44:2d:99:88:7a:a5:d8:85:2a:24:43:f5:c3:0f:bf:b2:
35:c4:fb:4d:47:f5:ef:a6:03:21:b8:c2:f5:37:71:62:53:89:
9a:dd:67:8d:79:ea:3f:c3:45:df:03:0d:ca:77:51:01:1b:cd:
d7:e6:57:14:df:bf:24:31:b4:bb:6c:95:08:c4:51:f0:36:b0:
d5:88:03:5f:97:37:c3:f3:b3:f8:ba:2d:67:8b:83:84:90:39:
2f:19:9f:ee:74:8f:2a:f8:24:c7:f3:7a:a3:1d:e8:f8:1d:8f:
8f:1f:1a:03:54:3f:58:a5:4a:95:13:23:cb:2d:21:34:ee:d0:
f1:26:6a:18:51:0a:b4:73:9e:fa:a0:c8:3b:d3:60:0a:4e:09:
d7:cf:2b:f6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeCMX1E9iUrycN5NwIUfKuEsi84AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiMDhkMjNmZTNhZWM5ZTA2NDEyMzg4ZmRkM2I4MWU3M2JhMWM4YjBkOTY0
NDQ4MmEwZjQyOTBjYzhiZDA5YzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMP914j4MezanAlOOPLNXBwCK4vDgv/0P99Ln/AV+0eMGXodp3vAsJF+UlRF
einzn10GZ0PrZsVJ+FlNSUIJjrdSHACJRLU8vRiUbYQkf+G8qo1yAbqKkz1t6O1q
kgcXqgvUGogrUEIMdUgWTdwkJWYwFR+1L69Wo2rB1Iec23VYA0pI7ZwLEt3OxvCF
FI2gXjNSU2zdDn2dzLXohIqlWtvEYzEnuNZJ/gAgGQVTJusRMk30VhGE9Zr9vRdm
YOwJ9/dD6uSsTqNplKqfyNgD/ZuejoUm7RXF1i4cMoF98PlDlgE65wuM5Yakd1Ic
lxjcvxx/0rPyQxAE9ep90hZZrysCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTcYyjd
e7B0s77mFEfG1IbiXeWqoTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2I0NTc1NDItZjJkZS00NGU1LWFhMmQtMjY2ZTkxOTkyYTI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAycvF9CEJpgu4OeRp971B0CXTg8usmhAaXvPEv
7kKsNGfuK13JQ7ywzqoxtYO7CWlIJUgWccgsTOfthEoiGniudd/h83Sqf9uFf5qO
HPJbNe8pImkLfzSvUoOOOXmGUSIvSsPmv2TKNO58HyTADkQtmYh6pdiFKiRD9cMP
v7I1xPtNR/XvpgMhuML1N3FiU4ma3WeNeeo/w0XfAw3Kd1EBG83X5lcU378kMbS7
bJUIxFHwNrDViANflzfD87P4ui1ni4OEkDkvGZ/udI8q+CTH83qjHej4HY+PHxoD
VD9YpUqVEyPLLSE07tDxJmoYUQq0c576oMg702AKTgnXzyv2
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:32 2024 by rpki-client on console-fra.rpki-client.org