Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868bb3c8-7825-4e79-8a14-42d9fac4e917.roa
File: 868bb3c8-7825-4e79-8a14-42d9fac4e917.roa (raw, json)
Hash identifier: i7Um6Aih7IaFv0WUPaH+kfnJZGcpZBpona41c1AMF78=
Subject key identifier: BA:E1:38:AD:E6:00:E7:0F:D1:34:DA:2D:93:C8:40:FB:F6:6F:44:E7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67841102A23D3AC7A3C0DF8584E71A253F353C88
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868bb3c8-7825-4e79-8a14-42d9fac4e917.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:84:11:02:a2:3d:3a:c7:a3:c0:df:85:84:e7:1a:25:3f:35:3c:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=a0d82982089e17f179ff0c420255f47f8a30c171a3c47d945920eb7d98ca1ed3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d2:b0:d4:ea:b6:69:f5:e7:ae:bf:8b:a8:56:
5f:29:c2:e6:9d:db:f6:e0:6a:9b:84:26:85:d0:1f:
e6:61:98:05:4a:f6:a4:ca:1d:1e:9e:18:d7:d2:5d:
4c:50:a5:68:72:8f:ba:be:1e:8d:ba:28:6f:0f:7e:
a0:9f:26:69:ff:f8:92:6b:84:01:b4:bd:22:69:4a:
cc:aa:02:f9:0a:01:79:f1:17:52:2f:b6:50:5f:7b:
6b:1e:de:78:c1:e6:4d:e2:03:75:5b:8f:88:7f:6b:
4c:09:11:9a:53:d9:39:83:fa:a7:e8:39:d3:71:6a:
d8:f3:ed:0c:76:0e:4c:ae:0f:1c:5d:d4:d1:ab:82:
dc:a3:bf:72:99:e0:fc:57:8e:9c:a4:a0:d3:0b:45:
6a:07:26:28:6c:c8:2a:ef:72:ed:94:b9:90:44:ad:
fc:4c:41:e1:30:20:a3:f9:fe:63:ec:c1:a0:04:3b:
38:79:f1:40:a5:d8:57:aa:f6:74:e2:39:30:36:9b:
ff:0b:00:99:bf:36:f1:46:a6:97:6b:98:5d:6d:e7:
b5:3d:c1:0c:80:26:83:71:ec:67:f0:cf:4c:cf:cc:
29:eb:51:d9:9f:41:96:99:4b:f8:8a:88:63:c8:70:
fc:db:23:d4:37:e4:c6:c2:64:a8:70:81:d7:3f:ab:
5e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:E1:38:AD:E6:00:E7:0F:D1:34:DA:2D:93:C8:40:FB:F6:6F:44:E7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868bb3c8-7825-4e79-8a14-42d9fac4e917.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.0.0/17
Signature Algorithm: sha256WithRSAEncryption
61:48:c8:83:d0:9c:f0:ef:7d:c7:50:ee:f8:3b:7b:94:ff:ba:
d2:8f:59:c7:4e:f2:f5:9a:77:bf:3c:69:de:58:61:20:da:52:
21:19:3d:98:ef:3e:0e:60:ab:74:12:ff:3a:81:c9:68:8f:89:
f0:f3:04:8d:26:fd:58:44:86:d8:0c:76:bb:57:60:c3:93:d2:
8e:3b:fc:f4:cb:30:2a:3a:b0:11:55:2f:e1:7c:eb:77:b9:37:
43:02:fe:57:d3:77:48:12:45:75:ac:6b:2a:cc:0b:b7:39:4d:
ef:da:ae:8c:fd:87:f2:e7:8c:9f:58:88:1b:7c:85:19:8e:e2:
bd:5d:d5:0a:68:20:39:d5:7b:64:c4:18:81:9e:d8:99:84:40:
04:40:76:3f:2f:19:f9:26:7d:74:8f:46:2b:63:df:b2:b6:92:
11:0f:9e:3c:ae:5f:00:df:ed:0e:d4:98:25:64:70:7a:ce:05:
05:64:1c:3d:a2:dc:59:b0:59:6b:c8:e8:4f:30:65:83:d3:b5:
68:36:0d:77:da:a3:8b:9e:97:36:1f:bc:e0:03:92:c4:3b:f1:
26:a9:3d:d1:51:cb:5a:ea:87:e6:43:cf:46:4d:7c:6c:3a:52:
82:4a:61:82:2e:92:18:ca:e5:24:70:32:30:8a:89:c7:06:32:
85:73:9c:b8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZ4QRAqI9OsejwN+FhOcaJT81PIgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwZDgyOTgyMDg5ZTE3ZjE3OWZmMGM0MjAyNTVmNDdmOGEzMGMxNzFhM2M0
N2Q5NDU5MjBlYjdkOThjYTFlZDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAInSsNTqtmn1566/i6hWXynC5p3b9uBqm4QmhdAf5mGYBUr2pModHp4Y19Jd
TFClaHKPur4ejboobw9+oJ8maf/4kmuEAbS9ImlKzKoC+QoBefEXUi+2UF97ax7e
eMHmTeIDdVuPiH9rTAkRmlPZOYP6p+g503Fq2PPtDHYOTK4PHF3U0auC3KO/cpng
/FeOnKSg0wtFagcmKGzIKu9y7ZS5kESt/ExB4TAgo/n+Y+zBoAQ7OHnxQKXYV6r2
dOI5MDab/wsAmb828Uaml2uYXW3ntT3BDIAmg3HsZ/DPTM/MKetR2Z9BlplL+IqI
Y8hw/Nsj1DfkxsJkqHCB1z+rXssCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS64Tit
5gDnD9E02i2TyED79m9E5zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODY4YmIzYzgtNzgyNS00ZTc5LThhMTQtNDJkOWZhYzRlOTE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB099ADAN
BgkqhkiG9w0BAQsFAAOCAQEAYUjIg9Cc8O99x1Du+Dt7lP+60o9Zx07y9Zp3vzxp
3lhhINpSIRk9mO8+DmCrdBL/OoHJaI+J8PMEjSb9WESG2Ax2u1dgw5PSjjv89Msw
KjqwEVUv4Xzrd7k3QwL+V9N3SBJFdaxrKswLtzlN79qujP2H8ueMn1iIG3yFGY7i
vV3VCmggOdV7ZMQYgZ7YmYRABEB2Py8Z+SZ9dI9GK2PfsraSEQ+ePK5fAN/tDtSY
JWRwes4FBWQcPaLcWbBZa8joTzBlg9O1aDYNd9qji56XNh+84AOSxDvxJqk90VHL
WuqH5kPPRk18bDpSgkphgi6SGMrlJHAyMIqJxwYyhXOcuA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:32 2024 by rpki-client on console-ams.rpki-client.org