Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa
File: 7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa (raw, json)
Hash identifier: OReEnoJNKGlD+zJizLYnkZqYkkLzgjzHr7MwlNKlINY=
Subject key identifier: 31:69:39:8D:F2:51:F5:9F:7B:BF:2F:7D:18:D5:CF:33:2F:EC:89:5B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47BBFFE402CF5492966A4E9E0A642400E00CE257
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 02:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:bb:ff:e4:02:cf:54:92:96:6a:4e:9e:0a:64:24:00:e0:0c:e2:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=dc4e52ea3903c09b8520f4bdb8c967822475ecbfcd7968f57f31fefa74d9367a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:a7:13:cb:33:ec:18:e4:14:be:54:1c:01:5d:
41:ed:e2:a9:e5:ee:ff:f8:8f:52:1b:59:44:46:32:
8b:62:1e:48:30:5b:eb:9b:c4:f1:0c:6e:f6:35:dc:
d3:79:f0:ee:3c:1a:d6:72:cf:f2:9b:82:52:66:f8:
3b:60:b0:93:40:51:c3:fd:b3:f8:7b:07:fc:30:14:
6f:e4:fe:18:e0:c5:31:ef:99:cc:d5:a4:5b:63:d0:
87:4b:76:bd:f3:3d:8a:85:cf:ce:51:63:bd:72:a1:
96:7b:c8:f4:e2:82:36:dd:30:a2:f7:b7:9e:17:c7:
06:04:b4:a8:8e:ba:48:29:0c:39:a2:38:9d:57:f3:
ae:48:5e:ff:82:f1:b8:cf:bd:24:55:30:69:5a:87:
84:70:81:05:b9:06:ca:17:61:65:2f:78:3f:f4:ae:
4f:31:c3:d6:c3:90:ac:08:32:31:2f:d7:ac:96:1c:
31:4a:24:66:49:6f:24:09:82:2e:41:5e:dd:15:3c:
32:a2:0c:e9:6f:df:4c:5b:79:19:0e:53:0a:19:d1:
34:71:54:0a:47:ec:d7:52:4e:cb:6a:ae:b0:9f:b4:
bf:90:20:4f:c4:53:f0:5a:47:6f:53:7c:2b:f5:08:
51:7c:8d:d4:6f:de:97:06:7e:22:91:88:cc:ff:81:
f1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:69:39:8D:F2:51:F5:9F:7B:BF:2F:7D:18:D5:CF:33:2F:EC:89:5B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:9000::/40
Signature Algorithm: sha256WithRSAEncryption
be:46:73:26:34:ac:be:a2:db:2f:c2:32:2f:d1:d7:5d:aa:a7:
36:5f:31:8a:e8:8c:c3:ef:00:0c:b5:ca:e3:c3:f1:8b:2a:3e:
90:8d:12:c7:5e:5a:ec:3e:11:96:21:4a:cb:22:30:31:ec:fc:
58:f1:36:9a:33:f0:43:68:22:61:ca:cd:08:0f:76:99:f3:af:
6c:1d:1a:c6:d6:64:03:ba:ee:ec:cf:11:cd:6f:a8:fa:e3:2f:
82:61:34:55:1c:99:92:ed:26:92:1f:5c:51:ef:19:63:e3:38:
c6:4a:17:17:e2:4b:a8:9e:d7:65:52:f8:06:9f:e7:30:ec:ee:
a9:1f:94:88:f6:95:98:67:b5:48:7e:4b:2c:ef:16:33:8f:25:
b7:53:ca:93:22:64:41:ae:9b:6b:a5:53:30:3e:be:ea:e0:72:
b1:07:cc:56:44:b7:6f:d2:10:ce:5f:34:5e:0b:3b:2f:61:e5:
b8:fa:8f:ba:b3:fc:79:31:59:6a:57:d3:c4:61:a3:69:4d:99:
0f:02:8a:94:92:ac:06:d7:30:2f:0f:9a:ef:15:03:95:ad:5a:
8f:ba:ff:64:2b:3f:b9:04:55:9b:52:30:4a:47:63:fd:3e:20:
ac:47:48:8a:cd:2d:e0:fa:66:ce:6d:0a:f7:dd:8c:ee:25:51:
d6:1d:3b:3d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUR7v/5ALPVJKWak6eCmQkAOAM4lcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjNGU1MmVhMzkwM2MwOWI4NTIwZjRiZGI4Yzk2NzgyMjQ3NWVjYmZjZDc5
NjhmNTdmMzFmZWZhNzRkOTM2N2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOunE8sz7BjkFL5UHAFdQe3iqeXu//iPUhtZREYyi2IeSDBb65vE8Qxu9jXc
03nw7jwa1nLP8puCUmb4O2Cwk0BRw/2z+HsH/DAUb+T+GODFMe+ZzNWkW2PQh0t2
vfM9ioXPzlFjvXKhlnvI9OKCNt0wove3nhfHBgS0qI66SCkMOaI4nVfzrkhe/4Lx
uM+9JFUwaVqHhHCBBbkGyhdhZS94P/SuTzHD1sOQrAgyMS/XrJYcMUokZklvJAmC
LkFe3RU8MqIM6W/fTFt5GQ5TChnRNHFUCkfs11JOy2qusJ+0v5AgT8RT8FpHb1N8
K/UIUXyN1G/elwZ+IpGIzP+B8UECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQxaTmN
8lH1n3u/L30Y1c8zL+yJWzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2Q5NmQzYWQtMGVlNy00NjMwLTlhNDktYTBkY2MyYjcxZGE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HWQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC+RnMmNKy+otsvwjIv0dddqqc2XzGK6IzD7wAM
tcrjw/GLKj6QjRLHXlrsPhGWIUrLIjAx7PxY8TaaM/BDaCJhys0ID3aZ869sHRrG
1mQDuu7szxHNb6j64y+CYTRVHJmS7SaSH1xR7xlj4zjGShcX4kuontdlUvgGn+cw
7O6pH5SI9pWYZ7VIfkss7xYzjyW3U8qTImRBrptrpVMwPr7q4HKxB8xWRLdv0hDO
XzReCzsvYeW4+o+6s/x5MVlqV9PEYaNpTZkPAoqUkqwG1zAvD5rvFQOVrVqPuv9k
Kz+5BFWbUjBKR2P9PiCsR0iKzS3g+mbObQr33YzuJVHWHTs9
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:17:11 2024 by rpki-client on console-ams.rpki-client.org