Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8898007d-2aed-42e4-9438-5ce1854de163.roa
File: 8898007d-2aed-42e4-9438-5ce1854de163.roa (raw, json)
Hash identifier: 66Ktw42gXpqDrNzYtmM2wt/Vx4qIcdE39FqXnuiAoEk=
Subject key identifier: B9:DE:28:D9:A9:30:2F:96:1A:99:90:23:62:5B:92:90:86:BA:64:2E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D4740E1821D1D7919280C7AC395C40BF8D3D63F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8898007d-2aed-42e4-9438-5ce1854de163.roa
Signing time: Mon 28 Oct 2024 00:00:00 +0000
ROA not before: Mon 28 Oct 2024 00:00:00 +0000
ROA not after: Mon 02 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:47:40:e1:82:1d:1d:79:19:28:0c:7a:c3:95:c4:0b:f8:d3:d6:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 28 00:00:00 2024 GMT
Not After : Dec 2 23:59:59 2024 GMT
Subject: serialNumber=d5391dfc4f72e77c37f05cfbf67fd8f2445efa331f5f9effa68ee4983e605ce6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:19:80:6b:64:29:93:d7:aa:94:72:65:b3:65:
51:d4:55:e6:35:c9:ba:c2:82:9d:27:cd:c6:3d:2a:
03:c1:07:4d:18:4c:ac:eb:9a:b0:de:d2:36:2b:b5:
b3:fe:de:fe:69:7d:ac:6e:73:52:1e:07:57:8c:52:
b0:f8:ad:75:02:f5:d8:00:79:da:d9:da:a6:48:a5:
aa:88:f4:20:a5:1d:cb:5c:c0:3c:95:f3:40:e9:8c:
66:6e:d6:a2:6c:bf:9a:a3:bb:26:6b:72:3d:3e:b0:
31:3a:ec:28:57:54:06:6d:39:ab:df:d0:db:e0:0a:
eb:f1:fe:31:0b:a1:89:b4:6e:6d:49:08:ad:ce:3a:
97:72:49:37:5b:88:24:20:25:c6:0f:64:b6:82:e5:
14:cb:3f:d3:7d:5d:44:34:f2:23:da:3e:ad:53:87:
ab:ad:f3:67:42:dc:23:4f:bb:d0:f9:2f:37:b3:dd:
2c:b3:38:54:a7:cd:13:92:e5:49:c9:17:81:36:e1:
37:14:87:18:f2:6f:95:74:a8:87:d9:d4:d4:29:44:
21:61:8b:52:d2:bd:9c:fa:42:53:33:a3:48:0e:66:
34:b7:55:49:53:b8:17:93:64:31:fa:25:33:77:0a:
84:0d:2a:d7:32:be:16:a9:0c:9d:a7:fe:8d:2f:b0:
cb:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:DE:28:D9:A9:30:2F:96:1A:99:90:23:62:5B:92:90:86:BA:64:2E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8898007d-2aed-42e4-9438-5ce1854de163.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:1000::/40
Signature Algorithm: sha256WithRSAEncryption
0a:36:7c:07:a1:ed:cc:89:64:19:18:d6:97:d7:3a:58:aa:21:
83:27:e9:9f:17:d2:90:3d:04:7c:cf:59:0e:35:f5:f0:91:ad:
1c:14:52:5e:2b:e2:42:e7:bf:62:a7:d3:31:3f:16:f0:76:7a:
b5:6e:c9:3a:b0:d1:a0:af:de:96:17:84:08:06:26:01:e1:30:
ec:41:88:6e:c6:d3:89:91:9b:6f:72:c3:ff:64:a2:9f:be:91:
4e:a7:11:4e:01:d1:7a:cd:ef:fc:d7:df:13:af:7a:22:5f:bc:
48:d2:e8:36:bb:6e:1e:51:36:ad:f3:88:e9:2d:15:d7:77:bd:
7e:bc:37:6d:91:50:dd:49:91:0f:68:e1:7f:dc:bf:e7:aa:0f:
ea:db:f9:67:7f:33:54:9a:16:12:9c:97:9b:e7:60:63:d4:59:
09:ed:0f:51:6c:dc:90:fb:28:16:a9:2b:47:d5:54:5b:bd:db:
17:f9:2b:e1:d5:c5:03:5a:ca:f5:52:e8:e0:a4:43:65:5c:f3:
e7:52:22:41:e4:a8:8d:24:5d:9e:ce:8d:40:65:d3:1e:68:9e:
ae:b2:d4:39:04:dc:be:3b:ba:ee:a3:61:ca:6a:64:98:a4:15:
e4:99:60:fe:61:10:a2:53:59:3a:f4:67:dc:9a:d7:11:97:7c:
7b:c1:54:df
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbUdA4YIdHXkZKAx6w5XEC/jT1j8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEwMjgwMDAwMDBaFw0yNDEyMDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1MzkxZGZjNGY3MmU3N2MzN2YwNWNmYmY2N2ZkOGYyNDQ1ZWZhMzMxZjVm
OWVmZmE2OGVlNDk4M2U2MDVjZTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMwZgGtkKZPXqpRyZbNlUdRV5jXJusKCnSfNxj0qA8EHTRhMrOuasN7SNiu1
s/7e/ml9rG5zUh4HV4xSsPitdQL12AB52tnapkilqoj0IKUdy1zAPJXzQOmMZm7W
omy/mqO7JmtyPT6wMTrsKFdUBm05q9/Q2+AK6/H+MQuhibRubUkIrc46l3JJN1uI
JCAlxg9ktoLlFMs/031dRDTyI9o+rVOHq63zZ0LcI0+70PkvN7PdLLM4VKfNE5Ll
SckXgTbhNxSHGPJvlXSoh9nU1ClEIWGLUtK9nPpCUzOjSA5mNLdVSVO4F5NkMfol
M3cKhA0q1zK+FqkMnaf+jS+wyy0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS53ijZ
qTAvlhqZkCNiW5KQhrpkLjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODg5ODAwN2QtMmFlZC00MmU0LTk0MzgtNWNlMTg1NGRlMTYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HYQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAKNnwHoe3MiWQZGNaX1zpYqiGDJ+mfF9KQPQR8
z1kONfXwka0cFFJeK+JC579ip9MxPxbwdnq1bsk6sNGgr96WF4QIBiYB4TDsQYhu
xtOJkZtvcsP/ZKKfvpFOpxFOAdF6ze/8198Tr3oiX7xI0ug2u24eUTat84jpLRXX
d71+vDdtkVDdSZEPaOF/3L/nqg/q2/lnfzNUmhYSnJeb52Bj1FkJ7Q9RbNyQ+ygW
qStH1VRbvdsX+Svh1cUDWsr1UujgpENlXPPnUiJB5KiNJF2ezo1AZdMeaJ6ustQ5
BNy+O7ruo2HKamSYpBXkmWD+YRCiU1k69GfcmtcRl3x7wVTf
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:32 2024 by rpki-client on console-fra.rpki-client.org