Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
File: 8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa (raw, json)
Hash identifier: JFb40i4oeT8++2OjGldfAt36fus4XnDoa/y6unpKxAE=
Subject key identifier: 2E:F6:AA:DA:03:12:67:1B:39:2F:F9:99:59:7C:CB:43:F1:CA:7B:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0710229D75EABB75951468A9B8CB971484613247
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
Signing time: Mon 30 Sep 2024 00:00:00 +0000
ROA not before: Mon 30 Sep 2024 00:00:00 +0000
ROA not after: Mon 04 Nov 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d028::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Oct 2024 11:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:10:22:9d:75:ea:bb:75:95:14:68:a9:b8:cb:97:14:84:61:32:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 30 00:00:00 2024 GMT
Not After : Nov 4 23:59:59 2024 GMT
Subject: serialNumber=0fdc35627719e4ae9114a2cf5efb0c43c8712d5cd4d23a5b79744e623f33c1da, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:80:f1:cc:71:58:dc:66:6a:17:5e:33:79:71:
f3:35:6b:f3:62:c7:4a:f0:97:5a:ae:64:8f:60:91:
20:43:6f:ce:ac:a6:9e:4a:32:81:83:e8:d2:16:ec:
ff:4b:da:d2:8f:bc:28:bb:94:8b:bb:1e:a1:c1:00:
53:57:89:41:91:dc:2b:89:9d:70:85:32:89:ee:01:
e1:b7:25:10:5b:2d:d5:dd:5e:15:10:11:cc:b5:e1:
2e:ed:66:0e:16:74:66:3d:7b:98:d4:d8:bd:f0:b5:
72:b3:f2:fb:bf:c5:78:08:b9:46:e9:9e:be:98:1a:
24:1f:d3:b0:01:48:21:02:d8:eb:f5:d5:a0:b4:e5:
1e:64:c0:de:b4:05:4c:91:f0:a4:77:3c:9c:41:8f:
40:f6:81:1d:f6:d0:b8:88:37:06:96:4d:03:10:48:
d8:a4:54:b2:51:34:04:2e:62:b2:02:75:02:c7:86:
52:c6:76:b4:36:b5:8f:56:ce:18:6f:e4:f3:fb:6e:
8d:8b:27:fb:b8:55:91:e3:d8:f6:89:4b:77:7e:eb:
1f:02:4e:23:79:32:ab:f7:54:a4:54:7b:2e:ae:81:
83:7f:df:6b:8a:2e:e6:c7:c5:d7:4b:39:e6:d2:70:
8e:1b:28:03:67:82:da:f3:99:05:d4:d5:a4:b9:df:
98:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:F6:AA:DA:03:12:67:1B:39:2F:F9:99:59:7C:CB:43:F1:CA:7B:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d028::/36
Signature Algorithm: sha256WithRSAEncryption
be:95:49:7a:f8:66:42:1d:82:51:f9:3a:e3:2e:41:1c:15:08:
b5:93:7d:64:ee:b3:d9:88:de:e4:1a:72:27:3b:1a:11:2d:30:
2f:89:53:2d:5b:52:db:f5:7b:c9:3a:51:52:66:0b:6a:6a:d3:
2d:ce:eb:ac:f6:55:4e:fd:c4:70:e9:00:b4:25:d2:da:e9:d3:
5e:a5:59:44:82:69:21:b3:41:7c:8c:0d:8b:cc:cb:86:e1:2d:
16:cb:94:04:71:8c:f4:38:75:17:c9:0e:d2:7f:d0:b1:54:57:
63:ad:af:2f:6d:89:a7:cc:11:e6:d7:25:25:c1:91:22:05:a1:
ad:f0:a2:e5:d3:50:f3:ed:5b:6d:08:58:7b:20:80:56:09:cf:
96:9c:35:9f:57:4f:2f:ec:5a:ec:c6:a4:5e:e2:fd:18:8f:04:
33:96:d7:04:e9:20:6b:6c:9b:9c:fb:55:76:d8:67:ec:d6:df:
57:da:9d:98:f9:cb:19:35:df:54:37:c5:b3:d5:e5:50:d9:72:
35:a3:12:d2:05:c6:76:07:a3:03:56:d7:11:1e:fe:f3:7c:b2:
00:da:16:93:e8:5f:de:a5:5a:ef:bc:09:b3:20:74:68:90:dd:
37:ce:cb:34:31:5c:27:9c:af:89:e1:00:ef:8c:ec:f7:93:e9:
b2:a3:1e:8e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBxAinXXqu3WVFGipuMuXFIRhMkcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA5MzAwMDAwMDBaFw0yNDExMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmZGMzNTYyNzcxOWU0YWU5MTE0YTJjZjVlZmIwYzQzYzg3MTJkNWNkNGQy
M2E1Yjc5NzQ0ZTYyM2YzM2MxZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCA8cxxWNxmahdeM3lx8zVr82LHSvCXWq5kj2CRIENvzqymnkoygYPo0hbs
/0va0o+8KLuUi7seocEAU1eJQZHcK4mdcIUyie4B4bclEFst1d1eFRARzLXhLu1m
DhZ0Zj17mNTYvfC1crPy+7/FeAi5RumevpgaJB/TsAFIIQLY6/XVoLTlHmTA3rQF
TJHwpHc8nEGPQPaBHfbQuIg3BpZNAxBI2KRUslE0BC5isgJ1AseGUsZ2tDa1j1bO
GG/k8/tujYsn+7hVkePY9olLd37rHwJOI3kyq/dUpFR7Lq6Bg3/fa4ou5sfF10s5
5tJwjhsoA2eC2vOZBdTVpLnfmJsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQu9qra
AxJnGzkv+ZlZfMtD8cp7WTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODAxNWZkYzQtZTc5ZC00NDAwLWE3ODYtYzcwYWIzZjEwZDJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CgA
MA0GCSqGSIb3DQEBCwUAA4IBAQC+lUl6+GZCHYJR+TrjLkEcFQi1k31k7rPZiN7k
GnInOxoRLTAviVMtW1Lb9XvJOlFSZgtqatMtzuus9lVO/cRw6QC0JdLa6dNepVlE
gmkhs0F8jA2LzMuG4S0Wy5QEcYz0OHUXyQ7Sf9CxVFdjra8vbYmnzBHm1yUlwZEi
BaGt8KLl01Dz7VttCFh7IIBWCc+WnDWfV08v7FrsxqRe4v0YjwQzltcE6SBrbJuc
+1V22Gfs1t9X2p2Y+csZNd9UN8Wz1eVQ2XI1oxLSBcZ2B6MDVtcRHv7zfLIA2haT
6F/epVrvvAmzIHRokN03zss0MVwnnK+J4QDvjOz3k+myox6O
-----END CERTIFICATE-----
Generated at Fri Oct 25 17:03:17 2024 by rpki-client on console-fra.rpki-client.org