Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c71368c-aded-4d97-8fc4-e55ca6a67df5.roa
File: 8c71368c-aded-4d97-8fc4-e55ca6a67df5.roa (raw, json)
Hash identifier: w3yCRglw+BmuDk61xiuzldTwft5GPra+5oc2h207iKI=
Subject key identifier: D0:F5:8F:A3:16:36:44:C0:C2:78:C1:1E:AD:1D:30:BA:64:BF:3B:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 637C50407514C5D7D7378E7859849BBDC6FD29CC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c71368c-aded-4d97-8fc4-e55ca6a67df5.roa
Signing time: Sat 13 Apr 2024 00:00:00 +0000
ROA not before: Sat 13 Apr 2024 00:00:00 +0000
ROA not after: Sat 18 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:7c:50:40:75:14:c5:d7:d7:37:8e:78:59:84:9b:bd:c6:fd:29:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 13 00:00:00 2024 GMT
Not After : May 18 23:59:59 2024 GMT
Subject: serialNumber=f1169850a702486982a6de54411e80d21518dab8c2263604e6380d52892282b5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:23:29:cf:64:d4:4b:34:0c:c4:ee:92:d6:50:
9a:40:6c:8a:f6:e4:53:89:5b:13:c3:ce:48:06:d4:
6f:e4:96:57:85:52:db:8e:aa:b7:fe:e8:46:1b:3b:
59:bf:d5:99:68:0c:ff:5b:b3:42:45:d6:e0:90:3a:
09:0b:c3:8c:a8:63:11:ee:0b:b0:25:a0:f4:04:f0:
ac:72:d5:74:24:c7:ee:74:a8:86:54:7f:b2:86:c5:
b6:98:05:16:0b:cf:4d:40:4d:42:c9:c8:59:1b:46:
0f:28:50:de:6d:4b:f5:1c:43:47:a4:cb:18:e1:7a:
94:3b:75:84:2e:99:89:d7:f4:af:d1:26:73:82:27:
e4:0f:21:12:02:b6:60:19:6c:d3:a9:86:1a:5f:b7:
b4:68:99:cb:a6:ef:f9:34:d8:fc:f8:1b:c0:be:ea:
4e:95:2e:a5:71:e7:18:18:5e:73:14:92:73:11:00:
ab:a9:92:88:94:d6:80:fa:ae:34:df:8c:21:37:e6:
a2:00:1a:e5:82:42:20:b6:a2:f9:a6:23:c6:c3:f5:
41:fb:90:47:79:9b:6d:85:83:f3:d2:d7:85:41:9d:
21:e8:7b:69:8b:fd:49:5b:02:46:80:d8:8f:ed:44:
51:95:15:84:19:d9:0d:a6:44:cd:10:4d:e1:95:4b:
75:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:F5:8F:A3:16:36:44:C0:C2:78:C1:1E:AD:1D:30:BA:64:BF:3B:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c71368c-aded-4d97-8fc4-e55ca6a67df5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:c000::/40
Signature Algorithm: sha256WithRSAEncryption
aa:0a:24:97:31:07:e0:6a:31:80:4c:00:9c:cc:fc:0a:df:b1:
a2:33:0c:b6:54:10:2b:a6:1e:eb:b3:02:c3:06:14:8f:7d:aa:
1d:31:5e:f4:02:a3:f9:58:f4:4c:30:5a:3f:ae:52:fd:3f:67:
00:28:f4:de:e1:c8:a1:b8:c2:30:36:21:c5:5c:91:e9:b9:d1:
cb:7b:2f:c0:2e:f9:89:4a:9d:b7:11:47:2d:2d:1a:2b:c5:40:
7d:e4:81:48:96:a1:23:a4:1f:52:7d:d3:10:91:0c:84:c0:6b:
f0:87:e7:7b:9e:2c:5a:20:72:ae:3c:f8:fb:eb:a8:e3:82:7e:
b5:da:58:18:56:fc:13:30:4e:33:46:34:59:8c:c3:77:5b:c4:
15:c0:c5:9f:00:06:d6:64:7c:f3:28:59:f7:a9:3d:94:46:1f:
9b:d5:21:a5:52:b4:6b:b1:ec:1c:e2:8b:83:5f:e6:d5:c1:96:
17:e9:22:72:75:0a:66:3d:50:25:a7:df:c2:83:34:3e:57:a9:
45:8f:cf:4d:1c:57:f5:34:f6:ec:87:da:67:17:98:b1:3b:f9:
a4:06:38:69:4d:ac:92:55:bc:da:26:2b:16:6b:93:82:52:42:
53:d6:98:9c:03:f9:52:d6:2f:bb:22:cc:cc:c6:c5:e0:d6:f1:
59:f7:33:07
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY3xQQHUUxdfXN454WYSbvcb9KcwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MTMwMDAwMDBaFw0yNDA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxMTY5ODUwYTcwMjQ4Njk4MmE2ZGU1NDQxMWU4MGQyMTUxOGRhYjhjMjI2
MzYwNGU2MzgwZDUyODkyMjgyYjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJIjKc9k1Es0DMTuktZQmkBsivbkU4lbE8POSAbUb+SWV4VS246qt/7oRhs7
Wb/VmWgM/1uzQkXW4JA6CQvDjKhjEe4LsCWg9ATwrHLVdCTH7nSohlR/sobFtpgF
FgvPTUBNQsnIWRtGDyhQ3m1L9RxDR6TLGOF6lDt1hC6Zidf0r9Emc4In5A8hEgK2
YBls06mGGl+3tGiZy6bv+TTY/PgbwL7qTpUupXHnGBhecxSScxEAq6mSiJTWgPqu
NN+MITfmogAa5YJCILai+aYjxsP1QfuQR3mbbYWD89LXhUGdIeh7aYv9SVsCRoDY
j+1EUZUVhBnZDaZEzRBN4ZVLdVcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTQ9Y+j
FjZEwMJ4wR6tHTC6ZL87PDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGM3MTM2OGMtYWRlZC00ZDk3LThmYzQtZTU1Y2E2YTY3ZGY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HbA
MA0GCSqGSIb3DQEBCwUAA4IBAQCqCiSXMQfgajGATACczPwK37GiMwy2VBArph7r
swLDBhSPfaodMV70AqP5WPRMMFo/rlL9P2cAKPTe4cihuMIwNiHFXJHpudHLey/A
LvmJSp23EUctLRorxUB95IFIlqEjpB9SfdMQkQyEwGvwh+d7nixaIHKuPPj766jj
gn612lgYVvwTME4zRjRZjMN3W8QVwMWfAAbWZHzzKFn3qT2URh+b1SGlUrRrsewc
4ouDX+bVwZYX6SJydQpmPVAlp9/CgzQ+V6lFj89NHFf1NPbsh9pnF5ixO/mkBjhp
TaySVbzaJisWa5OCUkJT1picA/lS1i+7IszMxsXg1vFZ9zMH
-----END CERTIFICATE-----
Generated at Sat Apr 27 17:54:24 2024 by rpki-client on console-ams.rpki-client.org