Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c71368c-aded-4d97-8fc4-e55ca6a67df5.roa
File: 8c71368c-aded-4d97-8fc4-e55ca6a67df5.roa (raw, json)
Hash identifier: nKUFouaFO3Us2kTYd+b7jUBGZMkeVJw2lvKOXy+w97s=
Subject key identifier: B3:D0:0E:81:49:D7:14:EF:F9:22:8C:AF:D1:A4:B7:C9:BE:5D:3A:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 792BCEDFFC87CF0732DEC6C456160D0E331AE384
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c71368c-aded-4d97-8fc4-e55ca6a67df5.roa
Signing time: Mon 04 Nov 2024 00:00:00 +0000
ROA not before: Mon 04 Nov 2024 00:00:00 +0000
ROA not after: Mon 09 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:2b:ce:df:fc:87:cf:07:32:de:c6:c4:56:16:0d:0e:33:1a:e3:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 00:00:00 2024 GMT
Not After : Dec 9 23:59:59 2024 GMT
Subject: serialNumber=e9903b207840667fdd85309bd92c429dd79bb87a5407884eae3ad37ac69e0498, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:64:1f:c6:25:47:53:fd:24:27:2c:58:80:17:
45:d0:fd:f1:fa:74:d9:62:f3:2a:c1:18:7d:d2:98:
54:90:c1:ee:a7:31:f7:8e:e1:a7:67:62:c2:4e:6c:
98:bd:e6:b0:04:14:3b:de:39:54:28:70:4a:40:4c:
ee:03:39:e6:ef:00:26:31:d9:d2:99:d6:f7:dc:0b:
b6:ff:a9:11:e2:1e:ef:96:a6:01:e2:11:74:86:fc:
57:9f:6e:81:9c:11:29:dd:71:86:7e:ff:48:25:42:
87:8f:e3:30:35:92:4a:9f:96:4a:9e:c4:a4:1b:36:
f0:52:2b:1f:3c:07:9e:9c:65:f5:47:c7:aa:7c:21:
9b:f5:b5:bb:dd:96:bb:3f:f0:17:9f:49:30:cf:ae:
4d:5d:ca:02:e2:43:c2:3d:d6:8b:49:f5:fe:ed:ef:
3c:bd:c8:1b:8c:78:b2:f7:2b:65:a5:2d:30:c9:63:
aa:c4:3d:cc:75:be:5e:5a:88:ff:64:55:74:7e:26:
53:38:87:d3:50:3a:77:12:30:7a:52:d3:4c:86:05:
ab:9b:12:25:f7:0f:18:f2:4f:a4:92:c6:13:4a:39:
08:5e:01:51:2d:d7:f1:6d:05:a3:91:5e:00:a9:27:
28:73:32:a5:18:f2:d5:d7:59:f3:d2:cd:ff:f0:7e:
63:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:D0:0E:81:49:D7:14:EF:F9:22:8C:AF:D1:A4:B7:C9:BE:5D:3A:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c71368c-aded-4d97-8fc4-e55ca6a67df5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:c000::/40
Signature Algorithm: sha256WithRSAEncryption
4f:53:cf:44:b8:47:ad:e3:59:30:1e:10:87:3b:fd:9d:3d:cf:
9b:eb:c6:ea:ea:2b:f8:93:2f:ea:0a:61:af:fe:3c:9f:64:30:
37:2a:b2:cb:e1:8d:47:c5:a5:b9:aa:17:c0:83:6f:e2:0e:26:
99:04:48:a1:66:57:eb:57:4c:b2:f1:ec:ce:2f:45:de:b8:cf:
bb:7e:78:59:94:9c:6a:f1:de:9c:d9:a0:91:62:1f:36:cf:c1:
e2:dc:78:e5:22:fb:3a:de:30:0d:10:e8:ac:fe:e9:be:7f:47:
00:f4:b6:c1:66:4d:69:b1:65:55:df:df:f9:98:14:60:e0:7b:
9a:09:88:0d:06:3a:dd:83:bf:c1:5b:1d:df:19:0a:e0:41:b0:
6f:97:41:8a:35:22:3a:7d:b5:7e:38:00:47:15:bf:9a:a4:ea:
8a:6c:fd:d7:ea:e7:26:05:27:c7:f1:b1:4c:60:93:e4:f6:e2:
89:1b:98:6a:53:a9:aa:f2:7a:5c:c4:95:87:9a:56:a8:55:8a:
98:99:1f:91:08:97:1a:0d:a7:fc:a9:4d:03:fc:3d:db:7d:8d:
fc:50:4c:a5:94:c0:06:8b:77:5e:87:dd:4f:24:9a:3c:3b:72:
78:17:db:86:74:bc:12:c2:23:48:a5:b1:b7:0d:c7:a9:45:cc:
49:40:64:3a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeSvO3/yHzwcy3sbEVhYNDjMa44QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMDQwMDAwMDBaFw0yNDEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5OTAzYjIwNzg0MDY2N2ZkZDg1MzA5YmQ5MmM0MjlkZDc5YmI4N2E1NDA3
ODg0ZWFlM2FkMzdhYzY5ZTA0OTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALNkH8YlR1P9JCcsWIAXRdD98fp02WLzKsEYfdKYVJDB7qcx947hp2diwk5s
mL3msAQUO945VChwSkBM7gM55u8AJjHZ0pnW99wLtv+pEeIe75amAeIRdIb8V59u
gZwRKd1xhn7/SCVCh4/jMDWSSp+WSp7EpBs28FIrHzwHnpxl9UfHqnwhm/W1u92W
uz/wF59JMM+uTV3KAuJDwj3Wi0n1/u3vPL3IG4x4svcrZaUtMMljqsQ9zHW+XlqI
/2RVdH4mUziH01A6dxIwelLTTIYFq5sSJfcPGPJPpJLGE0o5CF4BUS3X8W0Fo5Fe
AKknKHMypRjy1ddZ89LN//B+Y4UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSz0A6B
SdcU7/kijK/RpLfJvl06HTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGM3MTM2OGMtYWRlZC00ZDk3LThmYzQtZTU1Y2E2YTY3ZGY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HbA
MA0GCSqGSIb3DQEBCwUAA4IBAQBPU89EuEet41kwHhCHO/2dPc+b68bq6iv4ky/q
CmGv/jyfZDA3KrLL4Y1HxaW5qhfAg2/iDiaZBEihZlfrV0yy8ezOL0XeuM+7fnhZ
lJxq8d6c2aCRYh82z8Hi3HjlIvs63jANEOis/um+f0cA9LbBZk1psWVV39/5mBRg
4HuaCYgNBjrdg7/BWx3fGQrgQbBvl0GKNSI6fbV+OABHFb+apOqKbP3X6ucmBSfH
8bFMYJPk9uKJG5hqU6mq8npcxJWHmlaoVYqYmR+RCJcaDaf8qU0D/D3bfY38UEyl
lMAGi3deh91PJJo8O3J4F9uGdLwSwiNIpbG3DcepRcxJQGQ6
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:45 2024 by rpki-client on console-ams.rpki-client.org