Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/807af5d9-1ea1-407f-a2a9-39ad687146ec.roa
File: 807af5d9-1ea1-407f-a2a9-39ad687146ec.roa (raw, json)
Hash identifier: Te5Qv6dQBrCrmqc3DFkqkafYIjLRFyXZTD2s2xv9wiY=
Subject key identifier: 1C:AE:C9:DB:6C:0D:17:B3:72:AF:0B:7D:6F:37:C3:98:5D:1C:D3:45
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 13AF234C0A3D5F7EC54BAA89935E65EA97A9C69F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/807af5d9-1ea1-407f-a2a9-39ad687146ec.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:af:23:4c:0a:3d:5f:7e:c5:4b:aa:89:93:5e:65:ea:97:a9:c6:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=17eec4bd3781017caf91b3c541aa9a0e7c5f4b4a50f23407013d5bed3a543039, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:7c:f6:59:e2:fd:ef:29:6c:3a:14:9b:97:91:
0f:c0:19:5d:34:fc:c6:8f:77:55:0d:7d:cc:dd:99:
49:67:d8:1f:5d:9d:30:94:cf:e0:d3:75:0c:01:6b:
76:b1:80:53:f7:88:e0:4a:b2:c8:49:bb:ae:3d:d8:
b5:76:b5:73:4a:2a:9d:ab:e2:47:63:85:e8:60:08:
8b:de:6d:1c:34:8e:7c:21:5a:16:55:59:c2:6a:c3:
c3:63:4f:19:df:c5:1a:37:33:ab:cf:38:d6:ac:20:
c7:ae:3b:b5:b2:e4:16:8f:51:9b:88:40:0b:97:63:
16:a2:00:cb:62:81:b4:df:9f:c1:67:45:bf:14:58:
e4:0a:86:63:da:db:d4:fa:a2:1f:cf:3e:ac:9d:bb:
5d:ec:25:12:de:b8:b7:ca:5b:17:f5:ec:93:c8:ca:
b7:6b:42:c2:fa:7f:29:d9:cf:9c:13:47:00:ce:e5:
5f:ff:1d:c8:a6:a9:b9:0f:0f:92:07:b7:80:50:ae:
b8:f2:92:3b:0b:e0:c7:bb:ba:02:22:57:1f:8e:a8:
9e:89:e6:fe:af:29:51:c1:27:09:b9:23:07:aa:4a:
0a:f5:40:c9:80:37:b1:34:88:6a:10:34:f1:0a:24:
e2:ed:8f:44:67:4a:e6:e5:6a:53:a0:7b:3d:37:03:
23:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:AE:C9:DB:6C:0D:17:B3:72:AF:0B:7D:6F:37:C3:98:5D:1C:D3:45
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/807af5d9-1ea1-407f-a2a9-39ad687146ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:8000::/40
Signature Algorithm: sha256WithRSAEncryption
8d:b6:0f:70:48:06:8f:ca:29:91:17:00:42:a4:f7:5b:4b:e6:
78:a7:38:59:cf:54:53:62:4a:98:33:13:1d:7c:f7:d0:dc:a2:
db:63:da:8f:d3:1a:d6:4f:1b:9e:52:da:b3:f6:94:62:fe:d8:
9b:28:e3:28:58:f9:19:1b:8b:17:cc:5a:e2:9c:15:98:28:c7:
b7:b5:ee:25:87:71:c0:7b:0d:3e:f6:2a:bf:88:64:e1:fc:14:
05:83:b2:6b:77:48:45:b4:75:4c:41:00:03:32:a8:57:66:bd:
20:8d:fd:61:ec:22:5e:de:e5:39:e2:a6:69:cd:79:cf:66:1d:
02:09:03:0c:ee:9c:38:9a:e1:15:8c:95:e7:13:d2:83:ea:35:
03:54:7a:49:4f:25:39:30:3e:23:54:c8:9e:f7:05:e7:10:bf:
ca:13:85:56:be:4f:53:45:ef:c8:0f:b5:69:31:d1:ac:7e:b3:
42:a3:5e:37:3b:12:8c:50:23:7b:b6:52:e7:7a:dc:3a:1e:af:
1f:81:d6:2b:15:c0:cf:80:b8:23:66:7f:d0:3d:90:61:c3:b0:
0c:99:7a:5d:32:a4:61:fb:8b:47:db:04:68:4e:fa:72:28:9d:
46:2d:61:e5:24:b7:d4:f1:65:bc:d2:03:9d:87:07:d3:d7:4c:
fe:fd:c8:06
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE68jTAo9X37FS6qJk15l6pepxp8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3ZWVjNGJkMzc4MTAxN2NhZjkxYjNjNTQxYWE5YTBlN2M1ZjRiNGE1MGYy
MzQwNzAxM2Q1YmVkM2E1NDMwMzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN189lni/e8pbDoUm5eRD8AZXTT8xo93VQ19zN2ZSWfYH12dMJTP4NN1DAFr
drGAU/eI4EqyyEm7rj3YtXa1c0oqnaviR2OF6GAIi95tHDSOfCFaFlVZwmrDw2NP
Gd/FGjczq8841qwgx647tbLkFo9Rm4hAC5djFqIAy2KBtN+fwWdFvxRY5AqGY9rb
1PqiH88+rJ27XewlEt64t8pbF/Xsk8jKt2tCwvp/KdnPnBNHAM7lX/8dyKapuQ8P
kge3gFCuuPKSOwvgx7u6AiJXH46ononm/q8pUcEnCbkjB6pKCvVAyYA3sTSIahA0
8Qok4u2PRGdK5uVqU6B7PTcDI0ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQcrsnb
bA0Xs3KvC31vN8OYXRzTRTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODA3YWY1ZDktMWVhMS00MDdmLWEyYTktMzlhZDY4NzE0NmVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWA
MA0GCSqGSIb3DQEBCwUAA4IBAQCNtg9wSAaPyimRFwBCpPdbS+Z4pzhZz1RTYkqY
MxMdfPfQ3KLbY9qP0xrWTxueUtqz9pRi/tibKOMoWPkZG4sXzFrinBWYKMe3te4l
h3HAew0+9iq/iGTh/BQFg7Jrd0hFtHVMQQADMqhXZr0gjf1h7CJe3uU54qZpzXnP
Zh0CCQMM7pw4muEVjJXnE9KD6jUDVHpJTyU5MD4jVMie9wXnEL/KE4VWvk9TRe/I
D7VpMdGsfrNCo143OxKMUCN7tlLnetw6Hq8fgdYrFcDPgLgjZn/QPZBhw7AMmXpd
MqRh+4tH2wRoTvpyKJ1GLWHlJLfU8WW80gOdhwfT10z+/cgG
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:32 2024 by rpki-client on console-fra.rpki-client.org