Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bbd25c8-3460-4cc0-b71f-27d04e964e37.roa
File: 7bbd25c8-3460-4cc0-b71f-27d04e964e37.roa (raw, json)
Hash identifier: ysgPuYe4dKYofePpsl7IjNttuhfQJhIptJq4H6nFJgw=
Subject key identifier: 46:DB:83:C7:3D:EB:01:4A:A3:86:C0:14:51:E0:CF:F1:D5:FE:74:E9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D9FE13DA011832E166C7BA3775F1D784D8F8414
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bbd25c8-3460-4cc0-b71f-27d04e964e37.roa
Signing time: Fri 06 Sep 2024 00:00:00 +0000
ROA not before: Fri 06 Sep 2024 00:00:00 +0000
ROA not after: Fri 11 Oct 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Sep 2024 20:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:9f:e1:3d:a0:11:83:2e:16:6c:7b:a3:77:5f:1d:78:4d:8f:84:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 6 00:00:00 2024 GMT
Not After : Oct 11 23:59:59 2024 GMT
Subject: serialNumber=60ad097615016c2e15682c1daae5cff0d3bced6f0e1a967d7341c18c34a6c172, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:79:f3:b7:00:6d:cb:d9:99:b7:4e:62:53:ac:
d4:22:c1:c7:ec:69:dd:4d:7a:58:de:c5:d3:df:97:
b1:aa:88:13:53:29:59:e7:dc:6b:c4:bf:b7:1c:bc:
89:9a:bc:b4:1b:c8:50:1c:3d:06:84:46:6c:13:1d:
3c:1e:eb:3d:d7:b6:3c:38:df:3b:cb:37:e2:13:ee:
bd:fc:5c:e1:3a:90:54:09:42:b3:1c:ca:2f:d0:2f:
c4:bf:21:22:ef:1a:75:85:d3:4f:54:97:10:b8:3d:
6c:44:12:f6:84:f0:0f:a6:db:fe:d2:db:b2:4f:c5:
48:eb:d5:c5:14:89:15:71:79:89:70:e3:f2:a0:9b:
b2:41:a9:c5:ea:be:ca:34:9a:65:d7:71:ac:95:45:
a9:fa:8b:ac:cb:11:f9:48:9f:ef:df:98:ce:34:4c:
ba:33:81:9a:98:c7:e3:94:25:7c:14:76:ca:27:d4:
44:36:32:b8:6f:a5:2c:c7:de:e8:14:a6:e5:ea:6b:
b6:ee:8a:0a:3e:83:ec:4d:67:05:4c:c6:10:ed:11:
a7:87:39:d2:91:86:16:eb:20:4a:e4:46:85:7c:3b:
2d:95:5e:16:00:63:8e:a9:1c:43:5f:d0:90:62:09:
65:0d:58:c7:9d:1b:8b:c2:06:63:f7:be:15:5d:8b:
28:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:DB:83:C7:3D:EB:01:4A:A3:86:C0:14:51:E0:CF:F1:D5:FE:74:E9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bbd25c8-3460-4cc0-b71f-27d04e964e37.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:e000::/40
Signature Algorithm: sha256WithRSAEncryption
3f:ba:85:6d:1e:24:fe:24:3a:3a:78:ca:80:e9:26:fc:b3:8b:
94:54:5e:65:17:ee:c6:aa:08:23:85:b9:55:ff:b1:3f:4e:98:
7f:9d:c8:e5:cc:7e:8c:3d:bb:45:f9:59:33:c2:73:b8:e0:41:
af:97:a9:44:83:44:21:6f:61:5a:4f:ac:e5:3f:65:50:9b:70:
6d:dd:61:6b:c0:1f:54:c1:fb:af:98:71:af:46:0b:7f:ed:50:
41:f8:c2:9a:0a:71:53:19:c1:ce:2d:3c:93:41:a4:e2:db:a1:
2b:70:34:6e:49:1d:0c:fd:31:31:6c:ce:40:6f:b0:e9:e2:0c:
89:01:b0:8e:bb:2f:0b:8b:d1:89:c8:98:89:d7:c8:c6:c5:73:
75:ee:c8:17:94:a3:95:a9:a6:4a:f4:72:2b:4d:b8:26:0a:c4:
e8:81:1a:91:2c:ec:38:cd:36:ba:dc:cd:a6:97:f1:a8:d3:73:
72:b4:81:47:0e:3d:05:92:7d:20:d2:f5:9d:1a:40:4e:5c:6b:
53:08:58:da:8a:d3:9e:a6:13:5e:0c:78:74:77:45:65:0d:59:
26:68:db:b1:7d:33:72:ba:02:f0:4c:2d:f2:f9:8a:e1:f3:1b:
0c:c5:b6:4c:3c:c0:3e:1f:f0:13:d3:f2:94:de:21:e5:c7:e9:
31:cb:55:59
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPZ/hPaARgy4WbHujd18deE2PhBQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA5MDYwMDAwMDBaFw0yNDEwMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwYWQwOTc2MTUwMTZjMmUxNTY4MmMxZGFhZTVjZmYwZDNiY2VkNmYwZTFh
OTY3ZDczNDFjMThjMzRhNmMxNzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANF587cAbcvZmbdOYlOs1CLBx+xp3U16WN7F09+XsaqIE1MpWefca8S/txy8
iZq8tBvIUBw9BoRGbBMdPB7rPde2PDjfO8s34hPuvfxc4TqQVAlCsxzKL9AvxL8h
Iu8adYXTT1SXELg9bEQS9oTwD6bb/tLbsk/FSOvVxRSJFXF5iXDj8qCbskGpxeq+
yjSaZddxrJVFqfqLrMsR+Uif79+YzjRMujOBmpjH45QlfBR2yifURDYyuG+lLMfe
6BSm5eprtu6KCj6D7E1nBUzGEO0Rp4c50pGGFusgSuRGhXw7LZVeFgBjjqkcQ1/Q
kGIJZQ1Yx50bi8IGY/e+FV2LKNsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRG24PH
PesBSqOGwBRR4M/x1f506TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2JiZDI1YzgtMzQ2MC00Y2MwLWI3MWYtMjdkMDRlOTY0ZTM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fng
MA0GCSqGSIb3DQEBCwUAA4IBAQA/uoVtHiT+JDo6eMqA6Sb8s4uUVF5lF+7Gqggj
hblV/7E/Tph/ncjlzH6MPbtF+VkzwnO44EGvl6lEg0Qhb2FaT6zlP2VQm3Bt3WFr
wB9UwfuvmHGvRgt/7VBB+MKaCnFTGcHOLTyTQaTi26ErcDRuSR0M/TExbM5Ab7Dp
4gyJAbCOuy8Li9GJyJiJ18jGxXN17sgXlKOVqaZK9HIrTbgmCsTogRqRLOw4zTa6
3M2ml/Go03NytIFHDj0Fkn0g0vWdGkBOXGtTCFjaitOephNeDHh0d0VlDVkmaNux
fTNyugLwTC3y+Yrh8xsMxbZMPMA+H/AT0/KU3iHlx+kxy1VZ
-----END CERTIFICATE-----
Generated at Sat Sep 7 01:39:49 2024 by rpki-client on console-ams.rpki-client.org