Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/923dbc95-0449-446c-ae51-58e8fbf6f2ca.roa
File: 923dbc95-0449-446c-ae51-58e8fbf6f2ca.roa (raw, json)
Hash identifier: AmVzh/84TMePbarakK0ZN92HZoe2fMqD+lYD/62as68=
Subject key identifier: D1:31:2C:05:68:1C:56:C9:94:26:BD:58:E3:41:7D:22:A8:D9:54:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59234F1453A3A0E0E5EC9018BC17C7AF0E22E63C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/923dbc95-0449-446c-ae51-58e8fbf6f2ca.roa
Signing time: Tue 23 Apr 2024 00:00:00 +0000
ROA not before: Tue 23 Apr 2024 00:00:00 +0000
ROA not after: Tue 28 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:23:4f:14:53:a3:a0:e0:e5:ec:90:18:bc:17:c7:af:0e:22:e6:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 23 00:00:00 2024 GMT
Not After : May 28 23:59:59 2024 GMT
Subject: serialNumber=9e63169cda27895df3f3a8b17b3bafad4e4e6c79bd45cbb6cb38a8d8500c00a2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:84:b0:1f:d7:c6:ec:71:09:bd:77:ea:10:56:
ff:11:b7:f9:8b:1d:ee:8a:28:0a:c1:6c:bc:9b:3f:
81:5a:17:7e:96:ad:91:00:a7:c3:47:80:76:f7:fa:
4f:a7:34:71:46:48:f6:b4:9d:9c:b3:53:f6:65:00:
12:7c:39:74:21:71:7b:09:34:73:62:9f:f6:7e:66:
5c:ca:80:c0:b2:f4:e7:e9:f3:d7:95:26:97:cf:a5:
bf:83:9c:98:06:d7:e7:44:0d:1c:15:e3:18:89:68:
77:5e:8a:9e:93:df:33:2a:b5:4b:f6:48:18:70:8a:
1d:d1:ab:4f:1f:67:7e:28:07:97:35:28:3c:71:88:
ba:13:d1:58:f0:50:94:f9:18:1d:96:7d:9e:5b:b0:
04:24:1c:78:c0:af:48:b1:d7:46:dd:06:10:80:fe:
62:21:c5:ad:d0:90:81:f4:62:6d:1a:32:62:49:b8:
6d:10:ba:f3:30:83:aa:28:c8:be:8a:e3:f7:f4:c9:
44:2e:d0:ad:e1:1b:2d:68:90:a3:c5:cc:e9:19:48:
86:ea:0c:52:97:8d:40:eb:21:1c:3d:b4:ef:dc:03:
bf:c8:cf:ce:15:ba:b1:e3:57:bc:ab:5d:f5:79:2d:
49:1f:f9:05:96:d0:26:e6:b2:08:bb:24:5a:86:c9:
0e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:31:2C:05:68:1C:56:C9:94:26:BD:58:E3:41:7D:22:A8:D9:54:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/923dbc95-0449-446c-ae51-58e8fbf6f2ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:6000::/40
Signature Algorithm: sha256WithRSAEncryption
01:b8:72:80:de:8c:d3:2d:4e:f3:b9:8c:0e:03:ba:df:4e:bc:
b8:53:f9:a4:d5:fd:47:41:e1:15:1f:5f:80:1b:58:45:0a:4c:
b6:14:9c:05:b4:6b:02:70:ac:b7:85:45:f8:b6:76:b5:f6:51:
25:91:ec:aa:1a:5d:c2:5a:a0:67:a0:c5:2d:03:41:50:0e:64:
b2:8d:82:45:05:9d:47:03:60:e5:b8:6a:64:19:65:f0:b4:37:
34:f9:2b:7c:99:ee:5d:d6:ef:b0:fa:2e:b9:8f:22:60:35:f1:
1a:77:08:03:8d:1c:de:8b:4b:a6:6d:8f:23:e8:fb:05:fa:b4:
85:67:4f:18:94:1b:8e:a3:96:cf:55:7e:06:71:b3:89:b6:a7:
b5:48:8c:c7:f8:d9:6d:2c:9c:ac:b7:73:00:c5:8e:08:c5:2f:
5e:b6:a9:be:cd:61:e0:bf:d5:de:9a:0a:d6:4e:26:69:d1:02:
fd:95:a6:f8:3b:08:be:fa:b7:32:8f:6e:d8:7c:dd:f5:43:33:
72:8b:65:41:5a:5b:d6:1c:b0:64:00:5f:9c:29:cf:50:e0:57:
3e:f8:99:38:78:2b:a8:dd:42:d7:a6:5f:b8:c1:19:b1:05:24:
29:5f:bd:b1:3d:b6:91:5f:2e:08:ac:33:bb:b2:4c:2e:04:d3:
56:cd:56:5d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWSNPFFOjoODl7JAYvBfHrw4i5jwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjMwMDAwMDBaFw0yNDA1MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDllNjMxNjljZGEyNzg5NWRmM2YzYThiMTdiM2JhZmFkNGU0ZTZjNzliZDQ1
Y2JiNmNiMzhhOGQ4NTAwYzAwYTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGEsB/XxuxxCb136hBW/xG3+Ysd7oooCsFsvJs/gVoXfpatkQCnw0eAdvf6
T6c0cUZI9rSdnLNT9mUAEnw5dCFxewk0c2Kf9n5mXMqAwLL05+nz15Uml8+lv4Oc
mAbX50QNHBXjGIlod16KnpPfMyq1S/ZIGHCKHdGrTx9nfigHlzUoPHGIuhPRWPBQ
lPkYHZZ9nluwBCQceMCvSLHXRt0GEID+YiHFrdCQgfRibRoyYkm4bRC68zCDqijI
vorj9/TJRC7QreEbLWiQo8XM6RlIhuoMUpeNQOshHD2079wDv8jPzhW6seNXvKtd
9XktSR/5BZbQJuayCLskWobJDvcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTRMSwF
aBxWyZQmvVjjQX0iqNlUITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTIzZGJjOTUtMDQ0OS00NDZjLWFlNTEtNThlOGZiZjZmMmNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hlg
MA0GCSqGSIb3DQEBCwUAA4IBAQABuHKA3ozTLU7zuYwOA7rfTry4U/mk1f1HQeEV
H1+AG1hFCky2FJwFtGsCcKy3hUX4tna19lElkeyqGl3CWqBnoMUtA0FQDmSyjYJF
BZ1HA2DluGpkGWXwtDc0+St8me5d1u+w+i65jyJgNfEadwgDjRzei0umbY8j6PsF
+rSFZ08YlBuOo5bPVX4GcbOJtqe1SIzH+NltLJyst3MAxY4IxS9etqm+zWHgv9Xe
mgrWTiZp0QL9lab4Owi++rcyj27YfN31QzNyi2VBWlvWHLBkAF+cKc9Q4Fc++Jk4
eCuo3ULXpl+4wRmxBSQpX72xPbaRXy4IrDO7skwuBNNWzVZd
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:11 2024 by rpki-client on console-fra.rpki-client.org