Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8898007d-2aed-42e4-9438-5ce1854de163.roa
File: 8898007d-2aed-42e4-9438-5ce1854de163.roa (raw, json)
Hash identifier: TlHcVh9HybwQS8sZM1M9p01NB6I67z06iDSoXxL4LUU=
Subject key identifier: 1D:7B:F0:4E:80:5E:37:23:4F:93:75:A6:1F:8D:C0:C2:39:12:A2:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A1AB05EB2835AEF0BA04B7F0983137DFB617927
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8898007d-2aed-42e4-9438-5ce1854de163.roa
Signing time: Tue 09 Apr 2024 00:00:00 +0000
ROA not before: Tue 09 Apr 2024 00:00:00 +0000
ROA not after: Tue 14 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 02:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:1a:b0:5e:b2:83:5a:ef:0b:a0:4b:7f:09:83:13:7d:fb:61:79:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 9 00:00:00 2024 GMT
Not After : May 14 23:59:59 2024 GMT
Subject: serialNumber=3084c8d8b3ebe677826ffd68262cc0feb4ab47914a141092eeaa5ee7f918449b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:cb:c1:29:99:53:c6:1d:39:c5:b2:c2:d2:75:
e6:98:e9:5b:92:10:36:21:d4:c6:f2:9a:76:37:87:
5b:79:80:1d:60:ab:d4:bd:4b:30:05:9c:08:81:6a:
b3:07:e4:e8:7f:38:83:6d:31:b7:97:ca:c2:c8:de:
93:cf:52:e7:9d:a4:cd:4f:41:2e:82:f7:b6:99:79:
db:e8:aa:3b:20:40:25:5b:1d:f6:21:16:d5:dc:13:
e5:9b:ac:66:72:c1:8b:8a:1e:61:5b:15:c2:0b:47:
08:cf:f0:0c:b9:37:d3:4b:4a:07:27:d7:7e:df:f1:
2b:53:ce:56:60:5f:ad:ad:83:ca:42:93:27:3f:04:
3b:e5:5e:2f:26:a7:cc:1b:94:4b:80:a3:b6:3b:59:
9a:e6:a0:a7:43:eb:37:92:00:49:25:06:5c:e3:c3:
49:ae:f6:ef:f5:54:d8:4e:b6:95:63:0f:03:ac:8d:
4d:80:f6:b8:ac:47:ba:a6:4c:58:38:3d:41:27:5c:
2c:67:82:ee:20:57:9b:ed:6f:be:97:ba:f9:16:64:
56:b5:aa:2b:4d:50:13:e7:07:70:c1:77:17:85:f3:
5f:9a:d8:01:97:0b:69:09:7a:aa:83:c8:cf:f8:d8:
ba:53:ec:36:d8:cf:e2:5a:7f:9b:6d:6b:e2:42:09:
62:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:7B:F0:4E:80:5E:37:23:4F:93:75:A6:1F:8D:C0:C2:39:12:A2:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8898007d-2aed-42e4-9438-5ce1854de163.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:1000::/40
Signature Algorithm: sha256WithRSAEncryption
41:56:04:02:63:46:ca:33:91:12:c8:d9:c9:94:40:9e:41:df:
ec:bb:84:78:83:d6:e9:79:b9:42:58:3c:ec:82:87:8c:ea:11:
73:12:cb:1c:2b:ca:02:15:bf:f2:96:67:6c:8b:f4:0b:46:3b:
ce:41:dc:0c:da:b5:29:46:5b:86:b3:58:8d:46:f6:d2:5a:4f:
77:36:70:c0:79:ce:5a:be:bb:d8:b9:c3:33:c4:93:78:a2:61:
20:17:18:6a:52:bc:d7:1c:2f:57:b5:73:4d:61:c3:91:86:6b:
7d:41:ae:92:52:52:25:10:27:1b:f2:c5:0a:cc:67:bb:b9:6d:
5e:53:8c:07:c2:f5:cb:79:93:1a:35:f5:2f:ab:f3:7d:4b:d6:
e0:e2:74:9f:79:c2:e4:64:ac:d8:92:93:fd:22:0a:ba:d2:c1:
18:89:f4:c3:fa:3b:6d:65:76:14:d9:a3:e1:a7:f8:fb:6d:9a:
0d:ea:fe:5a:38:5b:1a:2f:05:f2:7d:a5:a6:17:9b:9b:89:3d:
ce:3c:5d:de:c0:88:95:df:7d:f5:e5:0c:e3:ff:87:a5:d1:01:
05:ad:83:41:88:a2:da:af:4a:14:6e:db:30:ee:4a:79:76:39:
8f:2b:60:85:83:2d:17:c0:7c:c1:19:4d:58:97:8d:26:3c:2f:
02:32:ab:31
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWhqwXrKDWu8LoEt/CYMTfftheScwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDkwMDAwMDBaFw0yNDA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwODRjOGQ4YjNlYmU2Nzc4MjZmZmQ2ODI2MmNjMGZlYjRhYjQ3OTE0YTE0
MTA5MmVlYWE1ZWU3ZjkxODQ0OWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTLwSmZU8YdOcWywtJ15pjpW5IQNiHUxvKadjeHW3mAHWCr1L1LMAWcCIFq
swfk6H84g20xt5fKwsjek89S552kzU9BLoL3tpl52+iqOyBAJVsd9iEW1dwT5Zus
ZnLBi4oeYVsVwgtHCM/wDLk300tKByfXft/xK1POVmBfra2DykKTJz8EO+VeLyan
zBuUS4CjtjtZmuagp0PrN5IASSUGXOPDSa727/VU2E62lWMPA6yNTYD2uKxHuqZM
WDg9QSdcLGeC7iBXm+1vvpe6+RZkVrWqK01QE+cHcMF3F4XzX5rYAZcLaQl6qoPI
z/jYulPsNtjP4lp/m21r4kIJYtUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQde/BO
gF43I0+TdaYfjcDCORKiKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODg5ODAwN2QtMmFlZC00MmU0LTk0MzgtNWNlMTg1NGRlMTYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HYQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBBVgQCY0bKM5ESyNnJlECeQd/su4R4g9bpeblC
WDzsgoeM6hFzEsscK8oCFb/ylmdsi/QLRjvOQdwM2rUpRluGs1iNRvbSWk93NnDA
ec5avrvYucMzxJN4omEgFxhqUrzXHC9XtXNNYcORhmt9Qa6SUlIlECcb8sUKzGe7
uW1eU4wHwvXLeZMaNfUvq/N9S9bg4nSfecLkZKzYkpP9Igq60sEYifTD+jttZXYU
2aPhp/j7bZoN6v5aOFsaLwXyfaWmF5ubiT3OPF3ewIiV33315Qzj/4el0QEFrYNB
iKLar0oUbtsw7kp5djmPK2CFgy0XwHzBGU1Yl40mPC8CMqsx
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:17:11 2024 by rpki-client on console-ams.rpki-client.org