Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
File: 8eb63ceb-3350-490c-9a1a-85b2563a8947.roa (raw, json)
Hash identifier: riYmEah1LQQDYwCeqFqYRlE/7z3m6N21M2S6/sFzMZk=
Subject key identifier: 92:B9:06:23:51:EE:0B:06:4D:4C:76:BD:B2:1C:E1:D3:DE:CA:D8:E4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 529F84BA901B4D725A5325FC4D60FC0FD7BDFCF6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:9f:84:ba:90:1b:4d:72:5a:53:25:fc:4d:60:fc:0f:d7:bd:fc:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=faf55e4ce0df9e9017240175bc5d2737d1e6c5f76b39feaaa5ef7ba114ec8763, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c9:30:d8:52:b3:36:9d:d4:9d:d1:7d:0e:50:
c2:61:ed:39:69:a0:c8:b3:18:96:ac:97:49:2b:18:
7b:07:87:98:23:e4:1f:3b:ee:bb:5d:6c:85:7b:7d:
7e:b8:6c:b3:1e:81:56:9b:f6:36:82:6f:43:23:0a:
4a:bc:8a:43:82:f4:c4:f8:c7:f9:73:b4:83:13:a1:
e1:75:7d:69:e8:26:dd:82:32:13:29:8f:56:3b:c6:
0d:49:97:09:b5:a4:5b:da:df:35:c2:2e:4c:29:74:
7f:af:54:e2:99:fd:f6:7f:b5:19:b7:ec:2c:3a:dd:
ac:93:07:84:07:1c:3d:a4:36:15:13:ee:75:4a:fb:
43:4b:64:c6:74:8e:78:b4:0d:d3:34:6e:e8:bb:34:
b6:ae:4a:de:04:c6:e7:28:b7:2b:b5:7a:76:a0:e6:
4d:0b:d8:52:c4:4c:e4:cc:41:b2:2e:f5:7d:db:8e:
6d:bf:55:8e:ce:f5:0a:2f:12:b9:a4:4c:23:b7:76:
e7:79:b2:be:84:07:e6:d6:9b:d0:7a:34:3d:54:1c:
90:04:89:2c:69:88:49:c4:2a:76:18:1d:b7:98:5d:
02:8f:6e:6f:ae:21:a4:8f:6f:e2:2e:c2:9a:c0:69:
38:ee:07:c7:d0:42:b8:6b:f8:5a:2a:07:76:5d:39:
12:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:B9:06:23:51:EE:0B:06:4D:4C:76:BD:B2:1C:E1:D3:DE:CA:D8:E4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:4000::/40
Signature Algorithm: sha256WithRSAEncryption
7e:63:d5:c7:07:df:92:31:ec:ed:7e:1f:fa:aa:a1:f2:c0:b2:
a1:ff:78:52:c5:f9:25:91:2c:26:ef:e6:81:dc:e8:92:78:4c:
ed:74:cf:4d:13:59:26:cc:b9:4d:dc:78:53:5d:f1:62:8d:58:
bb:e7:b2:36:e7:14:28:4b:0b:c7:63:3b:95:ff:e7:1c:73:7a:
96:ab:fe:5f:db:44:95:e2:c0:f7:21:d4:e7:eb:d3:e8:83:bd:
43:81:34:3e:60:62:58:f0:0f:02:e9:eb:df:c5:45:18:3e:8b:
1f:cf:03:66:6a:8e:42:9d:28:70:5d:69:34:12:b3:78:a3:f4:
3c:6a:e4:27:64:3d:b4:33:38:50:99:8e:01:46:a2:f7:11:7f:
b2:4c:66:3f:a4:de:a5:ce:3f:2f:e2:9d:cf:fc:52:0e:56:b7:
6f:11:be:f8:c8:37:c9:ea:7b:93:35:6e:81:1b:5b:06:e7:97:
ed:f4:3e:3c:50:82:b6:a3:84:e4:65:00:4e:56:44:0c:08:94:
c1:e3:89:94:eb:09:fa:ce:01:a7:0b:17:fc:4e:5f:46:36:ba:
16:59:09:d4:3e:fd:51:bf:9f:1c:85:3f:4d:9f:1d:0e:c2:0c:
e2:20:e2:40:7b:7a:31:fb:b7:de:c7:a9:de:1e:5e:8f:b4:63:
0c:ce:9c:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUp+EupAbTXJaUyX8TWD8D9e9/PYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhZjU1ZTRjZTBkZjllOTAxNzI0MDE3NWJjNWQyNzM3ZDFlNmM1Zjc2YjM5
ZmVhYWE1ZWY3YmExMTRlYzg3NjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDJMNhSszad1J3RfQ5QwmHtOWmgyLMYlqyXSSsYeweHmCPkHzvuu11shXt9
frhssx6BVpv2NoJvQyMKSryKQ4L0xPjH+XO0gxOh4XV9aegm3YIyEymPVjvGDUmX
CbWkW9rfNcIuTCl0f69U4pn99n+1GbfsLDrdrJMHhAccPaQ2FRPudUr7Q0tkxnSO
eLQN0zRu6Ls0tq5K3gTG5yi3K7V6dqDmTQvYUsRM5MxBsi71fduObb9Vjs71Ci8S
uaRMI7d253myvoQH5tab0Ho0PVQckASJLGmIScQqdhgdt5hdAo9ub64hpI9v4i7C
msBpOO4Hx9BCuGv4WioHdl05EkkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSSuQYj
Ue4LBk1Mdr2yHOHT3srY5DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGViNjNjZWItMzM1MC00OTBjLTlhMWEtODViMjU2M2E4OTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFA
MA0GCSqGSIb3DQEBCwUAA4IBAQB+Y9XHB9+SMeztfh/6qqHywLKh/3hSxfklkSwm
7+aB3OiSeEztdM9NE1kmzLlN3HhTXfFijVi757I25xQoSwvHYzuV/+ccc3qWq/5f
20SV4sD3IdTn69Pog71DgTQ+YGJY8A8C6evfxUUYPosfzwNmao5CnShwXWk0ErN4
o/Q8auQnZD20MzhQmY4BRqL3EX+yTGY/pN6lzj8v4p3P/FIOVrdvEb74yDfJ6nuT
NW6BG1sG55ft9D48UIK2o4TkZQBOVkQMCJTB44mU6wn6zgGnCxf8Tl9GNroWWQnU
Pv1Rv58chT9Nnx0OwgziIOJAe3ox+7fex6neHl6PtGMMzpy2
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:45 2024 by rpki-client on console-ams.rpki-client.org