Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/829639b2-d3fc-422f-8540-044327dad29b.roa
File: 829639b2-d3fc-422f-8540-044327dad29b.roa (raw, json)
Hash identifier: 7of0f+eKbLFZN+Yn/GPUgx5ScC3OmUcAqrOPwIchoE8=
Subject key identifier: 6F:5B:6D:EB:E1:5A:56:29:E9:B2:E0:9D:0A:26:37:72:EC:77:A5:0F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5DD6B8492ADFEE7020977AD2C872FE0D4D4DDBE4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/829639b2-d3fc-422f-8540-044327dad29b.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:d6:b8:49:2a:df:ee:70:20:97:7a:d2:c8:72:fe:0d:4d:4d:db:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=185e154de8ce92b936e45b78e2ee7f162088d1bfcd5ed436087e0f53ba14f3cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f6:d4:32:fa:fe:ad:8c:84:bb:0f:8f:20:2c:
79:4b:8e:a0:ff:37:75:90:4a:a3:2f:5e:e3:05:01:
c2:fe:97:3d:a3:3c:c4:ae:2b:0b:94:60:56:d0:23:
d4:21:f1:d1:0b:14:91:b5:0c:15:95:71:32:2f:a5:
dc:85:51:1c:c4:54:7b:cd:e8:1d:44:b9:64:ea:8b:
16:d6:7d:05:90:67:dc:f4:85:9b:13:32:82:60:f0:
9f:4a:be:c8:78:7e:c4:be:24:48:f7:e6:e4:40:39:
59:ef:9c:74:3c:a3:ec:6d:76:6f:eb:d9:97:a6:60:
48:69:67:0f:e9:00:15:e6:46:19:d5:38:f9:8e:d5:
36:80:0d:4a:7a:db:48:40:12:20:1f:fa:44:20:39:
fa:6c:b5:c3:18:8e:bf:27:03:c1:92:ca:2b:50:84:
bf:b9:ad:1d:d2:04:de:c4:84:9c:6c:d6:c4:6d:3b:
34:4b:56:4c:96:e7:9b:d3:f9:83:bf:15:30:fa:80:
bd:6c:40:8e:b7:3a:00:49:07:d6:b4:a4:25:73:a4:
f7:e8:83:b7:be:f7:23:87:e7:75:b1:c8:39:7d:64:
fd:00:fc:f5:83:36:ae:ff:2d:e6:93:7f:39:17:cd:
e8:d9:35:8c:f3:61:e3:ba:44:0b:2c:c5:df:7e:a3:
42:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:5B:6D:EB:E1:5A:56:29:E9:B2:E0:9D:0A:26:37:72:EC:77:A5:0F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/829639b2-d3fc-422f-8540-044327dad29b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:a000::/40
Signature Algorithm: sha256WithRSAEncryption
73:b1:0e:a9:76:9e:23:83:4e:a3:81:9c:cd:9c:47:1d:3f:5b:
52:89:36:c4:cc:de:4e:13:f1:84:3d:f1:37:bc:08:37:25:92:
56:2f:80:e6:12:41:4c:7f:65:aa:6d:19:44:fb:9b:19:c4:1a:
76:93:0d:17:13:0a:c9:6d:dd:7e:80:88:9e:68:9f:60:7a:37:
d1:23:46:95:1d:17:63:23:d5:d4:fc:7a:a3:df:03:33:6f:ea:
27:32:67:c7:67:f7:2a:7f:30:16:17:9d:c5:3f:34:60:14:60:
64:d2:5d:47:f9:a4:b3:59:68:2d:48:2f:30:cf:eb:0b:33:d8:
d8:c1:f9:f5:73:1d:c7:0d:f6:6e:eb:d5:51:71:05:0c:24:7c:
1d:fd:57:22:12:ae:ef:43:33:5b:04:a5:3f:de:ef:e5:47:58:
b0:e2:a8:22:f4:ee:29:4c:7a:f8:14:ff:a8:30:21:e9:62:a8:
d9:e7:b1:f4:94:0f:3a:e2:e0:18:5e:72:ec:1a:93:35:7e:d2:
1e:3e:ee:1c:fc:6b:3c:5e:a2:dc:27:c7:c2:80:49:49:7a:96:
f3:13:e1:30:b6:8e:8d:2d:d0:fd:96:74:26:62:79:e6:8b:6e:
a1:f7:c9:12:be:b8:cc:9d:ae:1a:b4:10:a1:da:ba:f9:47:c2:
ff:6b:10:2c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXda4SSrf7nAgl3rSyHL+DU1N2+QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4NWUxNTRkZThjZTkyYjkzNmU0NWI3OGUyZWU3ZjE2MjA4OGQxYmZjZDVl
ZDQzNjA4N2UwZjUzYmExNGYzY2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN721DL6/q2MhLsPjyAseUuOoP83dZBKoy9e4wUBwv6XPaM8xK4rC5RgVtAj
1CHx0QsUkbUMFZVxMi+l3IVRHMRUe83oHUS5ZOqLFtZ9BZBn3PSFmxMygmDwn0q+
yHh+xL4kSPfm5EA5We+cdDyj7G12b+vZl6ZgSGlnD+kAFeZGGdU4+Y7VNoANSnrb
SEASIB/6RCA5+my1wxiOvycDwZLKK1CEv7mtHdIE3sSEnGzWxG07NEtWTJbnm9P5
g78VMPqAvWxAjrc6AEkH1rSkJXOk9+iDt773I4fndbHIOX1k/QD89YM2rv8t5pN/
ORfN6Nk1jPNh47pECyzF336jQj8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRvW23r
4VpWKemy4J0KJjdy7HelDzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODI5NjM5YjItZDNmYy00MjJmLTg1NDAtMDQ0MzI3ZGFkMjliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dqg
MA0GCSqGSIb3DQEBCwUAA4IBAQBzsQ6pdp4jg06jgZzNnEcdP1tSiTbEzN5OE/GE
PfE3vAg3JZJWL4DmEkFMf2WqbRlE+5sZxBp2kw0XEwrJbd1+gIieaJ9gejfRI0aV
HRdjI9XU/Hqj3wMzb+onMmfHZ/cqfzAWF53FPzRgFGBk0l1H+aSzWWgtSC8wz+sL
M9jYwfn1cx3HDfZu69VRcQUMJHwd/VciEq7vQzNbBKU/3u/lR1iw4qgi9O4pTHr4
FP+oMCHpYqjZ57H0lA864uAYXnLsGpM1ftIePu4c/Gs8XqLcJ8fCgElJepbzE+Ew
to6NLdD9lnQmYnnmi26h98kSvrjMna4atBCh2rr5R8L/axAs
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:32 2024 by rpki-client on console-ams.rpki-client.org