Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87659113-4050-43f4-ade6-cfd7a3483d5c.roa
File: 87659113-4050-43f4-ade6-cfd7a3483d5c.roa (raw, json)
Hash identifier: r8I2QzfVTxJ28QQ7JvN7TNSPMQ7fatubkiTpPbf6uFM=
Subject key identifier: A5:2F:66:08:D7:44:21:F8:B7:33:1A:B0:3D:D6:9E:78:90:E1:45:31
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A19EF4C4BB78491E64546A79883447C2605977B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87659113-4050-43f4-ade6-cfd7a3483d5c.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:19:ef:4c:4b:b7:84:91:e6:45:46:a7:98:83:44:7c:26:05:97:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=5ab19289e89ae08635a780e204b26c1bd67a73354b89fb0252d2ed5150351379, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a5:61:85:4c:55:97:82:b1:cd:c2:88:ee:cd:
fc:e3:7c:e6:5f:73:dd:df:e4:85:de:f4:97:b1:af:
3b:59:88:09:bf:32:4e:3d:fa:35:1a:1e:bf:67:c7:
7a:51:bd:57:1d:22:ea:3a:5f:01:4f:ee:f3:d0:04:
06:40:e3:ae:f9:25:f7:aa:47:16:48:ee:7e:78:7d:
91:3d:23:6f:52:15:73:aa:10:a2:b6:c7:0f:05:be:
52:d2:5f:90:d4:f3:55:4d:6d:52:22:8e:c3:b6:8f:
2f:b4:2b:94:af:c7:0e:02:53:1c:61:5c:c2:99:76:
ea:59:f0:d2:08:91:0b:8c:3c:5d:d4:2e:b8:18:47:
70:83:28:bd:bc:07:01:b8:d3:a1:63:d2:30:d7:ca:
fd:ca:08:7a:23:88:8f:d5:4d:86:d1:ff:fb:ed:db:
a1:7b:7c:32:70:e7:8b:34:c0:29:29:af:19:25:0d:
62:93:29:56:3b:70:fe:79:79:1e:57:39:4c:b0:c2:
74:7b:a6:c7:03:9b:ce:45:ec:d7:e8:39:cf:bc:69:
9f:36:40:35:bb:fa:22:2f:7f:98:cd:ec:db:7c:94:
f3:8a:28:17:ab:c8:70:09:1c:68:5a:d5:45:ad:5c:
ec:23:10:a8:2d:06:9e:8b:e5:1e:0b:fc:81:77:ec:
dc:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:2F:66:08:D7:44:21:F8:B7:33:1A:B0:3D:D6:9E:78:90:E1:45:31
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87659113-4050-43f4-ade6-cfd7a3483d5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:8000::/40
Signature Algorithm: sha256WithRSAEncryption
7f:09:00:dd:f0:14:52:d8:4a:b5:77:46:73:13:74:13:cc:b1:
0b:ee:3a:c1:58:ae:46:c8:b1:81:40:c0:9a:04:5e:75:22:b4:
50:95:6b:ac:85:db:ec:77:80:45:92:21:b1:62:b9:d6:58:5d:
32:97:da:da:1e:3c:43:2d:9f:36:ea:b7:a8:27:7e:b9:20:dd:
36:d3:6f:36:97:44:aa:7e:44:98:e7:c5:74:fd:0d:7d:bf:95:
a0:b1:0d:79:5e:d9:7e:3f:07:99:4a:7a:a6:ef:2e:4d:7d:a2:
04:76:ed:e8:e9:4d:cd:6f:21:8b:22:f7:4a:c7:16:b1:22:0e:
bb:f6:b3:38:16:ce:36:cd:19:61:4f:40:39:14:f0:cf:c9:0a:
a6:21:23:64:01:d7:7b:74:c0:8c:e6:b1:bd:79:e2:a7:07:51:
ec:56:43:7d:62:d4:ba:1a:e7:9a:f9:7d:89:c0:21:23:19:76:
f7:ba:3e:31:84:a3:fa:3b:30:41:e9:f1:ed:b5:a7:f0:40:68:
7a:08:bf:57:97:23:9a:41:9b:6a:58:36:f8:6a:1e:4a:6a:33:
ec:ec:c0:cd:7c:69:d5:22:56:d9:ce:ee:3d:42:69:0a:36:72:
83:ec:76:01:32:34:81:53:9c:f0:7b:07:95:9e:ab:e7:6c:05:
88:df:82:5b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKhnvTEu3hJHmRUanmINEfCYFl3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhYjE5Mjg5ZTg5YWUwODYzNWE3ODBlMjA0YjI2YzFiZDY3YTczMzU0Yjg5
ZmIwMjUyZDJlZDUxNTAzNTEzNzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANWlYYVMVZeCsc3CiO7N/ON85l9z3d/khd70l7GvO1mICb8yTj36NRoev2fH
elG9Vx0i6jpfAU/u89AEBkDjrvkl96pHFkjufnh9kT0jb1IVc6oQorbHDwW+UtJf
kNTzVU1tUiKOw7aPL7QrlK/HDgJTHGFcwpl26lnw0giRC4w8XdQuuBhHcIMovbwH
AbjToWPSMNfK/coIeiOIj9VNhtH/++3boXt8MnDnizTAKSmvGSUNYpMpVjtw/nl5
Hlc5TLDCdHumxwObzkXs1+g5z7xpnzZANbv6Ii9/mM3s23yU84ooF6vIcAkcaFrV
Ra1c7CMQqC0GnovlHgv8gXfs3KkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSlL2YI
10Qh+LczGrA91p54kOFFMTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODc2NTkxMTMtNDA1MC00M2Y0LWFkZTYtY2ZkN2EzNDgzZDVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HiA
MA0GCSqGSIb3DQEBCwUAA4IBAQB/CQDd8BRS2Eq1d0ZzE3QTzLEL7jrBWK5GyLGB
QMCaBF51IrRQlWushdvsd4BFkiGxYrnWWF0yl9raHjxDLZ826reoJ365IN020282
l0SqfkSY58V0/Q19v5WgsQ15Xtl+PweZSnqm7y5NfaIEdu3o6U3NbyGLIvdKxxax
Ig679rM4Fs42zRlhT0A5FPDPyQqmISNkAdd7dMCM5rG9eeKnB1HsVkN9YtS6Guea
+X2JwCEjGXb3uj4xhKP6OzBB6fHttafwQGh6CL9XlyOaQZtqWDb4ah5KajPs7MDN
fGnVIlbZzu49QmkKNnKD7HYBMjSBU5zweweVnqvnbAWI34Jb
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:45 2024 by rpki-client on console-ams.rpki-client.org