Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87ec9982-c725-40e5-b829-ff0f06d939c8.roa
File: 87ec9982-c725-40e5-b829-ff0f06d939c8.roa (raw, json)
Hash identifier: RVWz/YYiIxbnwjQFlpv+Nm8kUrneftnmmAprJqKxyB8=
Subject key identifier: 2B:C0:90:BE:6F:F5:16:14:5C:1E:D0:BF:D2:46:B9:CD:8C:83:2E:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C4EAE3F20835626E0E00AA3A0EE1FC82166ED90
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87ec9982-c725-40e5-b829-ff0f06d939c8.roa
Signing time: Tue 23 Apr 2024 00:00:00 +0000
ROA not before: Tue 23 Apr 2024 00:00:00 +0000
ROA not after: Tue 28 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:4e:ae:3f:20:83:56:26:e0:e0:0a:a3:a0:ee:1f:c8:21:66:ed:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 23 00:00:00 2024 GMT
Not After : May 28 23:59:59 2024 GMT
Subject: serialNumber=fc820502accfc18012b01034513aa2059fc52f17869708afa2bce03ef2b5d38c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4d:fe:da:3a:ac:58:57:67:70:45:4f:a4:f7:
c4:c6:ed:f8:f2:60:e5:a7:d0:88:97:85:4e:39:7e:
d3:8a:7c:b8:9e:9d:a8:5f:fe:30:fd:07:48:ba:c5:
3d:5f:73:be:47:07:43:b6:81:fb:71:88:e0:17:5b:
bd:4e:76:73:a7:5f:78:6b:cf:a5:7a:c8:8a:54:e3:
5b:72:25:89:d1:55:67:d4:37:f5:54:2b:e5:4c:14:
cc:c9:de:31:82:15:16:6b:37:0d:56:f8:fd:d8:01:
86:75:35:fa:08:b2:e8:71:c5:d8:35:67:c5:07:1a:
ce:71:99:49:fd:95:db:f0:c6:b3:c2:11:78:86:ad:
12:97:66:aa:22:0a:ff:16:1a:bd:eb:cf:37:23:fe:
c4:c5:41:9a:3f:07:1e:66:91:24:06:3f:43:69:32:
ab:eb:49:cc:f2:41:50:31:98:c1:fb:f3:4d:37:cd:
bd:7c:d9:35:f7:17:66:c7:74:be:00:2e:80:59:63:
52:40:94:ae:f6:89:63:4a:d3:9c:79:1a:8f:53:6d:
39:a4:c5:1d:19:2f:ba:b6:d7:b4:32:41:14:62:8c:
c8:c2:72:61:de:5c:b5:37:40:b6:74:34:ba:4f:20:
80:07:07:7a:cf:a1:88:18:81:19:2e:62:71:dc:2c:
d8:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:C0:90:BE:6F:F5:16:14:5C:1E:D0:BF:D2:46:B9:CD:8C:83:2E:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87ec9982-c725-40e5-b829-ff0f06d939c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:9000::/40
Signature Algorithm: sha256WithRSAEncryption
68:d2:cc:67:a4:a0:1a:8e:a7:f4:2e:44:95:b8:f0:79:9c:49:
24:fb:b2:56:20:dc:65:a4:94:68:9f:0e:bd:3d:42:37:f4:2d:
c9:e1:4c:ab:68:4f:1c:db:37:39:9c:27:40:9f:a3:cd:84:12:
16:cb:00:63:dd:ca:40:89:cf:ef:7b:e6:4d:c6:97:d1:41:a5:
f6:b1:b5:82:d3:f1:64:6f:7f:81:b8:26:b6:1d:64:31:7e:ac:
96:4e:76:b9:5a:ec:0a:cd:8b:58:3b:d2:75:1d:c7:6e:81:74:
a1:65:13:88:a0:0d:fb:eb:8d:de:a9:c1:81:4c:03:5a:1c:29:
f2:c4:43:f3:c0:b5:43:bc:cc:76:2f:72:af:40:d8:01:1e:f7:
1e:73:44:61:bb:06:91:b0:62:59:3e:d5:b1:0b:01:f0:d7:e0:
47:39:77:23:59:92:3e:75:c6:42:e1:64:fe:5d:5a:ef:c8:98:
05:86:34:52:24:48:a9:af:06:23:3f:00:c9:a2:00:ee:ee:cf:
3d:55:3c:d8:24:60:ce:13:18:f9:b9:41:5b:54:94:23:1d:4e:
34:63:de:b3:19:4c:c2:69:8f:3a:e0:e8:41:e0:5c:cf:46:f9:
a3:95:33:c8:9a:b9:a8:95:f9:e3:04:79:5f:0b:5b:19:2e:8e:
55:80:ba:e8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULE6uPyCDVibg4AqjoO4fyCFm7ZAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjMwMDAwMDBaFw0yNDA1MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjODIwNTAyYWNjZmMxODAxMmIwMTAzNDUxM2FhMjA1OWZjNTJmMTc4Njk3
MDhhZmEyYmNlMDNlZjJiNWQzOGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1N/to6rFhXZ3BFT6T3xMbt+PJg5afQiJeFTjl+04p8uJ6dqF/+MP0HSLrF
PV9zvkcHQ7aB+3GI4BdbvU52c6dfeGvPpXrIilTjW3IlidFVZ9Q39VQr5UwUzMne
MYIVFms3DVb4/dgBhnU1+giy6HHF2DVnxQcaznGZSf2V2/DGs8IReIatEpdmqiIK
/xYavevPNyP+xMVBmj8HHmaRJAY/Q2kyq+tJzPJBUDGYwfvzTTfNvXzZNfcXZsd0
vgAugFljUkCUrvaJY0rTnHkaj1NtOaTFHRkvurbXtDJBFGKMyMJyYd5ctTdAtnQ0
uk8ggAcHes+hiBiBGS5icdws2HMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQrwJC+
b/UWFFwe0L/SRrnNjIMuezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODdlYzk5ODItYzcyNS00MGU1LWI4MjktZmYwZjA2ZDkzOWM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FiQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBo0sxnpKAajqf0LkSVuPB5nEkk+7JWINxlpJRo
nw69PUI39C3J4UyraE8c2zc5nCdAn6PNhBIWywBj3cpAic/ve+ZNxpfRQaX2sbWC
0/Fkb3+BuCa2HWQxfqyWTna5WuwKzYtYO9J1HcdugXShZROIoA37643eqcGBTANa
HCnyxEPzwLVDvMx2L3KvQNgBHvcec0RhuwaRsGJZPtWxCwHw1+BHOXcjWZI+dcZC
4WT+XVrvyJgFhjRSJEiprwYjPwDJogDu7s89VTzYJGDOExj5uUFbVJQjHU40Y96z
GUzCaY864OhB4FzPRvmjlTPImrmolfnjBHlfC1sZLo5VgLro
-----END CERTIFICATE-----
Generated at Sat Apr 27 17:54:24 2024 by rpki-client on console-ams.rpki-client.org