Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/904a13d7-baa1-4bc7-b805-601d0b998680.roa
File: 904a13d7-baa1-4bc7-b805-601d0b998680.roa (raw, json)
Hash identifier: 1Po0JB/kkPJqte1IsBwyjZpJRp35aB5XZ4Y06+LST+g=
Subject key identifier: 77:6A:18:23:25:3C:9A:7E:52:3E:43:8D:D3:1D:81:8D:34:94:6B:7D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1FD4CCECF921F8195677537B7DC57DB431F2A4AE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/904a13d7-baa1-4bc7-b805-601d0b998680.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:d4:cc:ec:f9:21:f8:19:56:77:53:7b:7d:c5:7d:b4:31:f2:a4:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=249dce80b04158e07ac2a9aee688efc2a1a7e678fefc5e4ee08a2f5d2d19248d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:9d:0a:56:d7:89:88:f0:36:65:30:e1:d3:cd:
05:87:30:42:fa:29:d0:e4:ca:f7:b7:69:5c:54:7f:
a6:64:ad:14:d0:82:df:c2:90:86:34:3d:e5:d0:42:
f6:23:52:27:d2:5e:44:e4:f7:bf:5f:7b:e8:83:ff:
e2:84:24:af:11:56:a5:1c:aa:82:71:e7:50:ad:90:
dc:d2:5d:dd:1c:58:66:f7:b9:1e:60:9d:f7:da:b4:
5c:2d:64:58:b4:da:e2:9a:56:52:89:ec:29:cd:ab:
eb:e6:7f:0e:32:f2:d6:00:30:8e:90:87:22:83:d7:
19:1d:a9:78:3e:b6:07:9a:c3:55:62:f8:05:e3:28:
12:2f:15:97:24:ff:97:98:52:3b:59:c3:4f:7e:7c:
f2:21:66:b3:30:11:e4:3d:cc:be:df:4a:81:76:a3:
55:88:59:ac:82:cb:e7:fb:a2:75:ad:15:79:fb:81:
5d:2e:9a:ca:45:7d:11:0d:2f:0e:e2:0c:03:03:d2:
c0:6d:0b:2d:c3:58:1a:0e:ef:9f:93:ea:bd:ef:99:
6f:6f:25:f8:7f:f1:5a:d6:82:f1:36:86:3a:02:76:
cd:9f:b3:59:72:11:ce:86:f5:ed:e3:19:d4:95:10:
cf:4d:5f:22:45:db:b5:f9:ef:b9:4a:b8:de:bb:ff:
a8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:6A:18:23:25:3C:9A:7E:52:3E:43:8D:D3:1D:81:8D:34:94:6B:7D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/904a13d7-baa1-4bc7-b805-601d0b998680.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:8000::/40
Signature Algorithm: sha256WithRSAEncryption
11:95:25:1a:e1:24:00:e6:33:8b:3b:8d:23:ab:b4:9a:42:2d:
46:4a:8e:0f:2f:28:94:72:bd:f3:6f:4e:46:af:bd:5e:7d:30:
bf:9f:c9:ab:b0:3d:7d:83:fb:fc:83:2b:60:70:87:40:ee:25:
62:db:d7:b2:a7:be:4a:d7:a7:ea:0e:b3:64:5f:0f:f8:2f:bd:
04:35:6f:78:c4:5c:8b:ed:a5:48:25:7a:1c:0c:5a:fb:90:17:
69:54:e8:64:28:3d:ba:f9:f6:ad:de:1f:3c:62:99:6d:c4:cd:
eb:7f:b4:d8:77:02:6f:22:75:ba:67:91:43:f2:33:6c:28:ff:
14:35:97:b6:c1:33:c2:86:c0:9f:28:92:bb:75:26:4e:ea:03:
0f:49:49:12:70:6f:13:f3:0a:da:31:0e:2e:69:bc:b4:87:e8:
1f:78:45:e2:b9:37:95:20:80:17:35:7d:a6:fa:13:b9:aa:92:
a7:ad:41:28:9d:d0:51:ef:78:90:21:46:e5:e0:dc:d8:22:7b:
8f:80:a3:ae:92:c1:0b:69:62:2f:eb:30:77:a0:06:58:e3:e7:
e7:2e:42:01:4a:93:9a:39:a6:34:09:90:84:19:25:4a:4e:08:
f1:da:44:b4:8c:11:eb:22:6f:24:82:36:8d:18:d5:a9:40:b7:
fd:f5:dd:8a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUH9TM7Pkh+BlWd1N7fcV9tDHypK4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0OWRjZTgwYjA0MTU4ZTA3YWMyYTlhZWU2ODhlZmMyYTFhN2U2NzhmZWZj
NWU0ZWUwOGEyZjVkMmQxOTI0OGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN+dClbXiYjwNmUw4dPNBYcwQvop0OTK97dpXFR/pmStFNCC38KQhjQ95dBC
9iNSJ9JeROT3v1976IP/4oQkrxFWpRyqgnHnUK2Q3NJd3RxYZve5HmCd99q0XC1k
WLTa4ppWUonsKc2r6+Z/DjLy1gAwjpCHIoPXGR2peD62B5rDVWL4BeMoEi8VlyT/
l5hSO1nDT3588iFmszAR5D3Mvt9KgXajVYhZrILL5/uida0VefuBXS6aykV9EQ0v
DuIMAwPSwG0LLcNYGg7vn5Pqve+Zb28l+H/xWtaC8TaGOgJ2zZ+zWXIRzob17eMZ
1JUQz01fIkXbtfnvuUq43rv/qAkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR3ahgj
JTyaflI+Q43THYGNNJRrfTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTA0YTEzZDctYmFhMS00YmM3LWI4MDUtNjAxZDBiOTk4NjgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FCA
MA0GCSqGSIb3DQEBCwUAA4IBAQARlSUa4SQA5jOLO40jq7SaQi1GSo4PLyiUcr3z
b05Gr71efTC/n8mrsD19g/v8gytgcIdA7iVi29eyp75K16fqDrNkXw/4L70ENW94
xFyL7aVIJXocDFr7kBdpVOhkKD26+fat3h88YpltxM3rf7TYdwJvInW6Z5FD8jNs
KP8UNZe2wTPChsCfKJK7dSZO6gMPSUkScG8T8wraMQ4uaby0h+gfeEXiuTeVIIAX
NX2m+hO5qpKnrUEondBR73iQIUbl4NzYInuPgKOuksELaWIv6zB3oAZY4+fnLkIB
SpOaOaY0CZCEGSVKTgjx2kS0jBHrIm8kgjaNGNWpQLf99d2K
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:32 2024 by rpki-client on console-fra.rpki-client.org