Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cff39e2-e2f0-442f-b54d-fb69deeea22b.roa
File: 8cff39e2-e2f0-442f-b54d-fb69deeea22b.roa (raw, json)
Hash identifier: Flilx/HrQwugHOI4GHqCWQ9KgS+fbi+erAO3NsNufj4=
Subject key identifier: AC:FB:C3:C2:7E:42:9D:61:A7:00:54:13:24:CC:8B:85:97:70:A3:7D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A1451298D76DD4994C1B38CA304DC87CC56A533
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cff39e2-e2f0-442f-b54d-fb69deeea22b.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:14:51:29:8d:76:dd:49:94:c1:b3:8c:a3:04:dc:87:cc:56:a5:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=a15c443df4c2d8257cea7cda118fda4d7baa46b48848dd83da586babac9f91a9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:12:4d:46:a3:02:40:42:95:53:c4:a7:5d:81:
3a:3e:0c:35:9a:27:ca:82:53:01:3c:a0:ee:93:00:
67:29:4f:88:ef:f0:dc:e8:77:c4:3b:4e:be:6b:97:
74:a5:22:e3:4e:f2:18:7a:74:d3:91:7d:35:d8:58:
a5:01:9d:0d:f5:b7:72:43:93:8c:b5:6a:7e:87:67:
64:60:54:a4:79:c5:22:a8:c3:f0:1b:09:7e:ac:ad:
ea:3e:c4:4a:4c:c0:d6:98:97:2f:d4:77:7e:9c:2f:
28:fd:18:a7:a8:46:af:e8:5b:d7:b0:70:6a:27:78:
60:40:ba:5a:34:e2:a7:20:a7:ca:a6:09:f9:d8:0b:
6a:2c:6e:75:80:a6:5c:6d:d6:38:70:74:63:d6:33:
d5:6c:16:22:9a:6b:41:7f:85:d1:c7:a9:92:d1:52:
2b:eb:ce:23:79:74:2c:db:cc:99:35:25:95:33:d4:
e9:f8:23:97:1b:15:44:bb:9b:7b:bc:f3:7f:62:a9:
d5:44:7e:d3:4f:5f:5f:9d:97:ce:9e:31:48:d9:0c:
44:44:99:16:21:e3:61:42:c6:4a:09:c6:59:f6:f5:
46:4d:78:06:68:76:8a:04:6b:73:06:9a:77:86:42:
1e:1e:25:43:0d:06:80:99:e2:87:e0:84:df:0d:66:
26:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:FB:C3:C2:7E:42:9D:61:A7:00:54:13:24:CC:8B:85:97:70:A3:7D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cff39e2-e2f0-442f-b54d-fb69deeea22b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:2000::/40
Signature Algorithm: sha256WithRSAEncryption
a0:e6:24:15:97:5f:c8:b8:9b:52:aa:08:88:8e:cc:0e:1b:48:
a0:35:88:3d:56:74:ee:f3:0c:06:71:06:95:ce:fa:75:ee:d7:
92:17:77:bc:b2:be:9c:5c:64:49:dd:c8:9f:2e:ef:01:c1:a7:
f0:05:3d:af:40:08:09:8a:db:19:0c:07:be:bd:50:db:89:8f:
8e:49:be:b8:bc:7d:52:4c:f0:34:af:67:f6:b8:b0:e4:53:81:
c5:3c:5b:3b:81:95:00:9f:79:9a:f7:ab:62:f6:4b:df:aa:ca:
8c:70:a3:fb:0f:da:b6:70:96:92:a4:48:d4:bf:e8:72:24:04:
52:09:0f:fe:b6:c8:85:db:f4:9c:ef:d0:b0:55:dc:21:4e:11:
cf:af:cd:33:9d:fb:84:16:33:ad:d2:a8:26:4d:96:5e:e9:86:
12:58:f0:8e:7c:28:23:16:39:6e:e9:bb:11:d2:fa:af:39:bf:
63:56:e7:6e:b4:84:7d:92:8f:b6:7e:0b:68:77:f4:7e:e6:65:
a2:30:1a:57:2d:e2:4c:39:5d:6a:71:54:0b:2f:ec:08:b6:29:
57:c0:77:1b:d0:4c:5e:55:4c:c0:45:5b:08:ef:42:c5:74:0d:
93:08:12:ae:85:df:d3:f2:98:c2:37:35:a4:37:b8:ea:a0:d6:
6c:2c:de:fb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUChRRKY123UmUwbOMowTch8xWpTMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGExNWM0NDNkZjRjMmQ4MjU3Y2VhN2NkYTExOGZkYTRkN2JhYTQ2YjQ4ODQ4
ZGQ4M2RhNTg2YmFiYWM5ZjkxYTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMoSTUajAkBClVPEp12BOj4MNZonyoJTATyg7pMAZylPiO/w3Oh3xDtOvmuX
dKUi407yGHp005F9NdhYpQGdDfW3ckOTjLVqfodnZGBUpHnFIqjD8BsJfqyt6j7E
SkzA1piXL9R3fpwvKP0Yp6hGr+hb17Bwaid4YEC6WjTipyCnyqYJ+dgLaixudYCm
XG3WOHB0Y9Yz1WwWIpprQX+F0cepktFSK+vOI3l0LNvMmTUllTPU6fgjlxsVRLub
e7zzf2Kp1UR+009fX52Xzp4xSNkMRESZFiHjYULGSgnGWfb1Rk14Bmh2igRrcwaa
d4ZCHh4lQw0GgJnih+CE3w1mJqUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSs+8PC
fkKdYacAVBMkzIuFl3CjfTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGNmZjM5ZTItZTJmMC00NDJmLWI1NGQtZmI2OWRlZWVhMjJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hkg
MA0GCSqGSIb3DQEBCwUAA4IBAQCg5iQVl1/IuJtSqgiIjswOG0igNYg9VnTu8wwG
cQaVzvp17teSF3e8sr6cXGRJ3cifLu8BwafwBT2vQAgJitsZDAe+vVDbiY+OSb64
vH1STPA0r2f2uLDkU4HFPFs7gZUAn3ma96ti9kvfqsqMcKP7D9q2cJaSpEjUv+hy
JARSCQ/+tsiF2/Sc79CwVdwhThHPr80znfuEFjOt0qgmTZZe6YYSWPCOfCgjFjlu
6bsR0vqvOb9jVudutIR9ko+2fgtod/R+5mWiMBpXLeJMOV1qcVQLL+wItilXwHcb
0ExeVUzARVsI70LFdA2TCBKuhd/T8pjCNzWkN7jqoNZsLN77
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:32 2024 by rpki-client on console-fra.rpki-client.org