Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa
File: 8aeef071-ad76-436d-a059-ad727b09eb3b.roa (raw, json)
Hash identifier: uUbkutXsiA2jY6SjJeL03vQrgOY759yDkzK369k8G14=
Subject key identifier: 04:AC:34:7B:56:12:3E:09:12:99:BD:F3:9C:15:9B:5C:CA:F6:3F:36
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B0CB8659182EF04A8D744A137360D89030A0288
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa
Signing time: Fri 06 Sep 2024 00:00:00 +0000
ROA not before: Fri 06 Sep 2024 00:00:00 +0000
ROA not after: Fri 11 Oct 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Sep 2024 20:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:0c:b8:65:91:82:ef:04:a8:d7:44:a1:37:36:0d:89:03:0a:02:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 6 00:00:00 2024 GMT
Not After : Oct 11 23:59:59 2024 GMT
Subject: serialNumber=c1854fe03a0c09710b5b225e8407073119fa9ce5f4ebc9c833c6d37cf5e05e03, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:cf:15:29:6e:87:b3:77:bc:a7:c1:dd:d4:8d:
52:be:59:be:21:98:a8:75:e2:2a:52:7d:8c:f7:b9:
ab:60:be:06:d4:d1:f2:a5:76:f7:1b:29:3c:03:c0:
09:17:ab:4b:2d:a5:b5:5e:e4:f0:4b:19:98:d9:1e:
29:33:77:24:a2:65:b2:f5:ef:7f:ab:b1:90:8b:30:
aa:e0:d9:5b:96:ee:58:56:13:63:dc:71:ef:f5:04:
de:f5:7b:cb:b2:2e:4c:26:87:c2:33:f3:92:d9:3b:
04:49:db:c5:19:69:b5:17:62:70:bd:ec:12:8b:f5:
91:0a:2f:5c:31:94:43:96:a1:f2:30:11:e4:96:90:
c5:b8:2f:d3:eb:87:05:51:65:fd:9f:2e:97:7b:e6:
ba:04:15:e8:a6:77:41:da:31:a7:ba:e1:78:b0:2c:
a9:b5:b2:a0:20:19:88:98:3d:25:3b:ef:e1:bd:ae:
a2:cf:9c:a7:99:5d:38:c5:c5:31:a6:f7:0e:19:65:
19:b7:d4:1f:63:0f:a3:f8:74:fd:cd:46:1d:f6:82:
b8:5f:11:e8:a8:67:e9:6d:be:7a:76:8b:77:d6:23:
be:67:f9:64:94:f7:47:b6:56:67:75:ae:2b:7f:24:
78:5b:36:0b:64:36:37:a3:7d:f7:f3:ad:f3:8e:92:
6b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:AC:34:7B:56:12:3E:09:12:99:BD:F3:9C:15:9B:5C:CA:F6:3F:36
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:2000::/40
Signature Algorithm: sha256WithRSAEncryption
b6:3b:26:f0:d5:9a:18:54:5b:bd:ad:98:fd:6d:ab:0c:8a:d2:
ef:27:1e:40:04:a6:f8:b5:39:99:13:6a:77:6d:b0:5c:55:77:
00:f4:b2:45:28:db:d7:fc:95:d5:47:ab:9e:f1:69:83:4b:84:
1b:07:ea:bf:63:f4:ad:2d:a6:42:cf:cf:74:83:e9:15:16:bb:
c1:58:e9:b2:1e:a3:fb:4f:c9:3a:4c:04:59:73:42:ec:e8:37:
f4:bf:6b:5c:94:49:b1:d4:7b:0b:24:36:73:23:8e:bd:ff:a7:
5b:4f:61:12:8d:bd:78:1c:91:58:a3:06:7f:4d:ef:b5:7d:b4:
ae:9c:1a:e7:0b:bd:df:72:db:ac:2c:4c:ee:ee:15:11:99:39:
76:3b:8e:23:4f:15:4b:01:c9:57:23:ce:3a:64:ab:e3:99:05:
c6:bd:63:b5:91:58:aa:98:cb:a8:bc:e8:46:e1:be:2e:b7:d6:
fd:bc:7c:db:73:4d:1a:84:8d:67:33:ea:61:a9:c4:ac:22:0d:
fd:71:32:2d:21:bf:d8:74:f1:71:c1:3f:12:fe:ae:b3:a9:74:
bf:a3:37:44:2f:68:fa:46:f3:a0:17:1c:bb:13:1a:20:04:2f:
f6:06:7f:7c:e4:d2:c1:b2:b3:df:2c:9a:8d:3a:a7:e5:4e:0b:
11:34:34:b2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUewy4ZZGC7wSo10ShNzYNiQMKAogwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA5MDYwMDAwMDBaFw0yNDEwMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxODU0ZmUwM2EwYzA5NzEwYjViMjI1ZTg0MDcwNzMxMTlmYTljZTVmNGVi
YzljODMzYzZkMzdjZjVlMDVlMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANHPFSluh7N3vKfB3dSNUr5ZviGYqHXiKlJ9jPe5q2C+BtTR8qV29xspPAPA
CRerSy2ltV7k8EsZmNkeKTN3JKJlsvXvf6uxkIswquDZW5buWFYTY9xx7/UE3vV7
y7IuTCaHwjPzktk7BEnbxRlptRdicL3sEov1kQovXDGUQ5ah8jAR5JaQxbgv0+uH
BVFl/Z8ul3vmugQV6KZ3Qdoxp7rheLAsqbWyoCAZiJg9JTvv4b2uos+cp5ldOMXF
Mab3DhllGbfUH2MPo/h0/c1GHfaCuF8R6Khn6W2+enaLd9Yjvmf5ZJT3R7ZWZ3Wu
K38keFs2C2Q2N6N99/Ot846Sa98CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQErDR7
VhI+CRKZvfOcFZtcyvY/NjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGFlZWYwNzEtYWQ3Ni00MzZkLWEwNTktYWQ3MjdiMDllYjNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dgg
MA0GCSqGSIb3DQEBCwUAA4IBAQC2Oybw1ZoYVFu9rZj9basMitLvJx5ABKb4tTmZ
E2p3bbBcVXcA9LJFKNvX/JXVR6ue8WmDS4QbB+q/Y/StLaZCz890g+kVFrvBWOmy
HqP7T8k6TARZc0Ls6Df0v2tclEmx1HsLJDZzI469/6dbT2ESjb14HJFYowZ/Te+1
fbSunBrnC73fctusLEzu7hURmTl2O44jTxVLAclXI846ZKvjmQXGvWO1kViqmMuo
vOhG4b4ut9b9vHzbc00ahI1nM+phqcSsIg39cTItIb/YdPFxwT8S/q6zqXS/ozdE
L2j6RvOgFxy7ExogBC/2Bn985NLBsrPfLJqNOqflTgsRNDSy
-----END CERTIFICATE-----
Generated at Sat Sep 7 01:39:49 2024 by rpki-client on console-ams.rpki-client.org