Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa
File: 8aeef071-ad76-436d-a059-ad727b09eb3b.roa (raw, json)
Hash identifier: zmtpdVAMc0NmtsVeEg4vgAKUKzVeiTI0/A7UqnV0QPs=
Subject key identifier: F6:5E:23:37:9A:8D:1E:A6:66:DE:6E:86:36:E5:AD:9D:D2:A1:10:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 648CC0CCE05CFE28DE6D8AF697424044D4CE870F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa
Signing time: Mon 28 Oct 2024 00:00:00 +0000
ROA not before: Mon 28 Oct 2024 00:00:00 +0000
ROA not after: Mon 02 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:8c:c0:cc:e0:5c:fe:28:de:6d:8a:f6:97:42:40:44:d4:ce:87:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 28 00:00:00 2024 GMT
Not After : Dec 2 23:59:59 2024 GMT
Subject: serialNumber=8f63d076ed594cc3a86143f4719019865a0dab9f9f7322b5e4f9a8a5b01b00dd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a8:46:5b:55:bf:36:c9:48:d8:68:0c:1d:15:
72:ea:7a:b7:dc:52:4b:6a:d8:57:44:47:6e:ab:7c:
cb:ba:6e:b5:db:fe:ed:fb:d8:6b:86:1b:31:c2:0e:
e9:bc:19:23:c6:4f:21:ec:d7:9b:4e:da:85:04:38:
3f:ce:89:c6:72:0d:0c:5f:28:0e:65:3d:ce:fd:08:
a2:86:e6:c2:ad:a4:d6:ff:5a:96:d4:5a:97:b5:38:
da:4d:06:4a:21:fa:66:9c:f4:8d:a4:d4:b7:fe:85:
75:e5:7f:7e:2d:32:8f:81:ea:90:19:55:85:68:75:
db:75:69:59:7c:89:53:0e:ef:6b:4f:35:6a:e7:90:
43:fd:48:93:51:de:bd:70:eb:18:8a:05:e2:9d:d6:
a0:50:e1:69:22:aa:69:f9:76:eb:05:8e:06:ae:16:
0a:12:4b:f8:0b:29:1a:6e:41:12:a5:2c:d6:78:58:
f5:b7:c2:da:08:01:a3:60:cd:00:a3:df:90:eb:73:
39:4b:5f:16:cd:a5:fa:2f:25:26:97:32:68:36:f4:
60:d9:b8:71:6f:87:9a:ac:80:88:04:9f:06:b0:ff:
87:64:9f:58:bc:43:e8:01:34:02:f7:eb:e1:41:78:
ea:4d:02:7c:47:c0:98:1e:53:c6:c0:e0:f1:b8:25:
3d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:5E:23:37:9A:8D:1E:A6:66:DE:6E:86:36:E5:AD:9D:D2:A1:10:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:2000::/40
Signature Algorithm: sha256WithRSAEncryption
9e:8f:ec:e9:4e:c7:e4:36:31:f1:6b:cd:51:eb:f4:13:11:10:
d2:f0:f7:9a:56:59:13:20:13:20:a3:5e:9e:f4:21:5c:25:60:
3b:a2:fa:3e:c7:1c:5d:f8:90:a8:58:79:07:d2:a7:a6:e9:3d:
db:f2:6d:7e:03:d3:09:7e:2b:60:55:f2:3d:a4:fb:ae:50:02:
71:1f:ae:0f:c7:9a:ea:d2:ae:19:d5:23:21:9f:ee:4e:f4:bf:
cb:3d:5a:60:d4:2e:82:fa:c6:93:69:6e:a4:18:06:05:39:4e:
fd:2d:99:f5:4e:b8:16:21:7f:aa:86:c9:9f:c7:aa:e5:1a:61:
e0:24:02:d2:22:67:cc:46:aa:a5:fd:3d:2a:09:14:af:eb:30:
75:8d:f3:b2:76:92:10:92:c4:40:ab:eb:f9:23:b2:8e:c0:df:
f3:bc:2d:61:6c:50:30:7d:48:f0:f3:7e:d3:6c:e4:b9:3e:bd:
62:7a:17:b3:bd:81:77:4c:02:23:d3:51:fb:b5:f7:92:6d:a0:
15:73:1b:06:2c:29:71:c0:a6:d5:e5:e1:7c:ab:63:52:d1:a8:
96:47:01:3e:dd:ac:68:5e:96:0d:00:8a:38:2f:09:67:78:8c:
69:db:3d:64:e6:2f:e4:71:e0:14:f9:9a:05:45:0a:b1:c6:de:
39:46:10:0f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZIzAzOBc/ijebYr2l0JARNTOhw8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEwMjgwMDAwMDBaFw0yNDEyMDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmNjNkMDc2ZWQ1OTRjYzNhODYxNDNmNDcxOTAxOTg2NWEwZGFiOWY5Zjcz
MjJiNWU0ZjlhOGE1YjAxYjAwZGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKqoRltVvzbJSNhoDB0Vcup6t9xSS2rYV0RHbqt8y7putdv+7fvYa4YbMcIO
6bwZI8ZPIezXm07ahQQ4P86JxnINDF8oDmU9zv0Ioobmwq2k1v9altRal7U42k0G
SiH6Zpz0jaTUt/6FdeV/fi0yj4HqkBlVhWh123VpWXyJUw7va081aueQQ/1Ik1He
vXDrGIoF4p3WoFDhaSKqafl26wWOBq4WChJL+AspGm5BEqUs1nhY9bfC2ggBo2DN
AKPfkOtzOUtfFs2l+i8lJpcyaDb0YNm4cW+HmqyAiASfBrD/h2SfWLxD6AE0Avfr
4UF46k0CfEfAmB5TxsDg8bglPVMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT2XiM3
mo0epmbeboY25a2d0qEQVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGFlZWYwNzEtYWQ3Ni00MzZkLWEwNTktYWQ3MjdiMDllYjNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dgg
MA0GCSqGSIb3DQEBCwUAA4IBAQCej+zpTsfkNjHxa81R6/QTERDS8PeaVlkTIBMg
o16e9CFcJWA7ovo+xxxd+JCoWHkH0qem6T3b8m1+A9MJfitgVfI9pPuuUAJxH64P
x5rq0q4Z1SMhn+5O9L/LPVpg1C6C+saTaW6kGAYFOU79LZn1TrgWIX+qhsmfx6rl
GmHgJALSImfMRqql/T0qCRSv6zB1jfOydpIQksRAq+v5I7KOwN/zvC1hbFAwfUjw
837TbOS5Pr1iehezvYF3TAIj01H7tfeSbaAVcxsGLClxwKbV5eF8q2NS0aiWRwE+
3axoXpYNAIo4LwlneIxp2z1k5i/kceAU+ZoFRQqxxt45RhAP
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:32 2024 by rpki-client on console-fra.rpki-client.org