Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
File: 8eb63ceb-3350-490c-9a1a-85b2563a8947.roa (raw, json)
Hash identifier: tnNOOQiigEeBJKfemvVu8a7Og88i0jh1yf+b56nSyuU=
Subject key identifier: 70:F7:75:12:0A:35:38:C5:3C:0F:E2:D4:AA:72:E0:1A:49:F9:67:26
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 34C249F522688F663E9ED580BF165E6EA55D066F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:c2:49:f5:22:68:8f:66:3e:9e:d5:80:bf:16:5e:6e:a5:5d:06:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=9773cc775b6711d10e70fac47692126e79602544d36175beea5f4637b1d0c4cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f3:b5:96:1b:40:dd:d9:36:a9:d7:e8:04:8c:
a9:61:3f:8a:06:b0:8e:27:63:3b:cf:76:20:36:41:
59:c0:48:a1:e8:b0:c3:b8:e8:61:3f:c8:85:ac:bb:
bd:32:dc:1b:dc:2c:21:2c:cc:c1:04:c6:b3:f8:06:
65:4e:52:0d:1a:0a:cd:4c:5f:47:90:01:58:a2:83:
e1:4c:35:37:24:e3:84:1d:c7:11:99:5f:74:35:5f:
85:dd:b6:70:9b:d7:81:25:77:db:23:e9:26:1b:60:
4e:02:22:4a:41:1e:63:e0:71:16:24:92:28:92:31:
a0:0e:47:ca:2c:51:9e:5d:dc:3b:f7:44:80:e8:4c:
6a:ba:5a:97:07:56:b6:5a:24:b1:cf:41:4f:04:4f:
12:2b:0e:0f:5a:5f:8f:e0:d3:dc:67:87:6b:39:7b:
03:29:5d:9c:86:d4:79:56:fc:74:c1:93:74:c5:91:
ef:e7:77:ae:6d:dc:1c:fb:44:c6:a9:f8:fe:ed:67:
b8:b9:a2:1f:92:1c:b5:2d:1a:6d:94:73:d3:ef:a8:
ac:2a:8c:5e:ee:74:98:0b:60:8f:a2:3c:e5:73:62:
06:8a:3a:39:20:df:64:97:7c:7b:a1:1a:a9:dd:81:
13:79:cc:33:6b:f1:9a:b3:f5:5c:ce:f6:b6:96:8a:
f4:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:F7:75:12:0A:35:38:C5:3C:0F:E2:D4:AA:72:E0:1A:49:F9:67:26
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:4000::/40
Signature Algorithm: sha256WithRSAEncryption
26:fe:21:ee:9c:96:15:99:01:c3:13:53:71:d5:6c:a4:0d:7d:
e0:a0:9a:96:a0:3f:aa:c2:35:6e:5a:00:93:4c:f4:32:f2:a0:
61:ae:93:56:f4:7b:97:72:21:3e:19:81:6a:42:7f:cf:f1:72:
ed:d6:1c:1f:56:e0:ed:5e:9c:9e:64:ba:b4:dd:20:08:6c:e7:
60:a0:97:7f:22:ab:5e:fd:73:ac:5c:f8:0c:f6:7e:18:5a:0a:
29:57:3b:81:1e:19:8b:c7:01:d0:da:a5:44:f2:f5:af:11:83:
b1:4b:3c:fd:d3:de:46:de:18:f0:1c:cc:9e:78:52:49:a3:c4:
32:ea:4f:46:2f:57:46:07:db:a1:54:9d:d9:4a:77:b9:bb:a6:
99:a7:54:24:77:c4:14:60:4d:bc:3f:d0:53:b0:b0:d9:ba:ce:
ef:cb:c1:c6:52:a8:5f:0d:de:cd:81:1f:4c:60:fc:f6:6e:3e:
8f:05:f2:3a:d4:dc:ef:7f:b8:93:33:14:3e:63:4f:b5:ec:90:
9f:9a:a5:27:e0:20:83:7e:40:a4:82:d4:5a:8d:85:d0:6e:4f:
06:1e:ac:59:3a:32:9a:e8:6b:f4:69:b1:87:51:bb:e7:96:76:
cf:33:cd:8c:f3:74:06:22:25:ce:39:73:66:07:e1:d3:f2:8d:
e8:3e:59:ed
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNMJJ9SJoj2Y+ntWAvxZebqVdBm8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3NzNjYzc3NWI2NzExZDEwZTcwZmFjNDc2OTIxMjZlNzk2MDI1NDRkMzYx
NzViZWVhNWY0NjM3YjFkMGM0Y2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXztZYbQN3ZNqnX6ASMqWE/igawjidjO892IDZBWcBIoeiww7joYT/Ihay7
vTLcG9wsISzMwQTGs/gGZU5SDRoKzUxfR5ABWKKD4Uw1NyTjhB3HEZlfdDVfhd22
cJvXgSV32yPpJhtgTgIiSkEeY+BxFiSSKJIxoA5HyixRnl3cO/dEgOhMarpalwdW
tloksc9BTwRPEisOD1pfj+DT3GeHazl7AyldnIbUeVb8dMGTdMWR7+d3rm3cHPtE
xqn4/u1nuLmiH5IctS0abZRz0++orCqMXu50mAtgj6I85XNiBoo6OSDfZJd8e6Ea
qd2BE3nMM2vxmrP1XM72tpaK9M0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRw93US
CjU4xTwP4tSqcuAaSflnJjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGViNjNjZWItMzM1MC00OTBjLTlhMWEtODViMjU2M2E4OTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFA
MA0GCSqGSIb3DQEBCwUAA4IBAQAm/iHunJYVmQHDE1Nx1WykDX3goJqWoD+qwjVu
WgCTTPQy8qBhrpNW9HuXciE+GYFqQn/P8XLt1hwfVuDtXpyeZLq03SAIbOdgoJd/
Iqte/XOsXPgM9n4YWgopVzuBHhmLxwHQ2qVE8vWvEYOxSzz9095G3hjwHMyeeFJJ
o8Qy6k9GL1dGB9uhVJ3ZSne5u6aZp1Qkd8QUYE28P9BTsLDZus7vy8HGUqhfDd7N
gR9MYPz2bj6PBfI61Nzvf7iTMxQ+Y0+17JCfmqUn4CCDfkCkgtRajYXQbk8GHqxZ
OjKa6Gv0abGHUbvnlnbPM82M83QGIiXOOXNmB+HT8o3oPlnt
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:02:32 2024 by rpki-client on console-fra.rpki-client.org