Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/923dbc95-0449-446c-ae51-58e8fbf6f2ca.roa
File: 923dbc95-0449-446c-ae51-58e8fbf6f2ca.roa (raw, json)
Hash identifier: 4P6rbsjEaQ8HIQIlVgueRdfUCKRgAZVEPXYF4wjmqtA=
Subject key identifier: 78:44:1C:8E:D6:32:5C:2D:22:77:46:74:1C:4A:1C:AB:8F:E6:34:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5CF141A23D7982DD86582EDA60A7D431566550F9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/923dbc95-0449-446c-ae51-58e8fbf6f2ca.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:f1:41:a2:3d:79:82:dd:86:58:2e:da:60:a7:d4:31:56:65:50:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=209a0e9c0dc40be592cc514f59f77997fcca41a6ed87f168097535859fee1123, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:70:73:04:5a:31:da:58:2b:0f:35:09:43:4b:
49:59:89:3f:cc:25:0a:ab:ca:18:b8:c9:3e:f8:1f:
5a:55:ab:93:56:ad:70:af:e4:cb:a0:73:e2:8f:3a:
c5:59:b2:6a:f9:df:0a:5b:e2:ef:06:48:f1:19:53:
24:1a:37:a4:c4:be:fe:02:40:1b:02:b9:cd:3b:c9:
a3:2a:6c:f0:37:bc:33:5f:10:e7:67:1f:e0:1f:1c:
01:11:43:d6:a8:82:f9:30:df:78:e1:a6:c4:31:a4:
54:e9:5a:38:a6:2d:35:5f:71:1b:98:58:35:a8:eb:
21:80:da:f7:c3:1d:25:8d:a9:16:f9:c5:67:2e:dd:
0d:e5:f9:53:cb:50:b6:98:25:57:31:58:29:4b:93:
5b:1b:0d:f6:6f:d9:65:5e:cc:54:c3:84:bd:e4:1c:
6e:15:de:cf:81:80:f2:6e:25:85:36:74:a7:c9:4b:
68:93:86:a2:ae:c7:d5:69:d5:36:80:48:cd:21:c2:
51:29:88:25:70:41:a8:3e:db:8c:29:d1:9b:6e:37:
50:84:10:7c:03:29:85:6b:57:a9:07:6c:f8:13:63:
6d:c2:86:5e:d6:f1:b6:f6:de:9d:8a:dc:6f:02:f2:
97:d5:04:90:0a:bb:d3:78:b4:d7:5e:c7:cd:85:11:
7c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:44:1C:8E:D6:32:5C:2D:22:77:46:74:1C:4A:1C:AB:8F:E6:34:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/923dbc95-0449-446c-ae51-58e8fbf6f2ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:6000::/40
Signature Algorithm: sha256WithRSAEncryption
26:70:2e:97:83:7c:83:cf:cc:ac:77:5e:2a:21:9d:b3:de:2b:
8c:e2:98:de:08:c2:75:ce:56:4a:07:ea:64:bb:d3:da:d6:4e:
c6:1c:3d:89:7e:47:4e:af:a8:17:cc:8a:ee:dd:04:59:28:1a:
18:01:03:fa:13:00:19:d8:f7:87:46:83:99:c2:55:f1:d1:e7:
0b:37:ea:11:8e:49:6b:8e:42:21:ab:07:d1:64:68:64:43:26:
27:a2:a8:5d:a1:71:6a:fa:a6:3c:be:c1:c8:18:c4:93:37:f3:
65:3f:ce:30:c3:c5:f4:5a:04:4e:54:a4:8f:fa:af:5f:03:eb:
52:1b:1b:fb:a3:e2:ec:1f:86:0f:d7:cf:8f:22:d1:51:52:36:
b0:6c:da:42:91:eb:06:5e:9e:f9:c1:c9:7f:76:41:0d:6e:4c:
5f:2f:11:99:6e:9c:69:c6:2b:a2:aa:0c:04:ec:87:f7:d1:9b:
82:fc:be:5a:09:6b:37:26:e4:fc:76:94:80:18:e8:4c:3a:ad:
dd:b9:82:f9:45:8a:b3:3d:6e:1a:16:d4:13:43:16:4c:f1:05:
75:44:5f:4b:d8:16:a6:0d:bc:36:31:53:5b:31:30:33:fe:f2:
5f:fc:da:c1:94:85:da:0b:65:c3:5a:2b:28:b1:42:c2:7c:da:
ec:71:ce:a7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXPFBoj15gt2GWC7aYKfUMVZlUPkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwOWEwZTljMGRjNDBiZTU5MmNjNTE0ZjU5Zjc3OTk3ZmNjYTQxYTZlZDg3
ZjE2ODA5NzUzNTg1OWZlZTExMjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMBwcwRaMdpYKw81CUNLSVmJP8wlCqvKGLjJPvgfWlWrk1atcK/ky6Bz4o86
xVmyavnfClvi7wZI8RlTJBo3pMS+/gJAGwK5zTvJoyps8De8M18Q52cf4B8cARFD
1qiC+TDfeOGmxDGkVOlaOKYtNV9xG5hYNajrIYDa98MdJY2pFvnFZy7dDeX5U8tQ
tpglVzFYKUuTWxsN9m/ZZV7MVMOEveQcbhXez4GA8m4lhTZ0p8lLaJOGoq7H1WnV
NoBIzSHCUSmIJXBBqD7bjCnRm243UIQQfAMphWtXqQds+BNjbcKGXtbxtvbenYrc
bwLyl9UEkAq703i0117HzYURfLkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR4RByO
1jJcLSJ3RnQcShyrj+Y0fzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTIzZGJjOTUtMDQ0OS00NDZjLWFlNTEtNThlOGZiZjZmMmNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hlg
MA0GCSqGSIb3DQEBCwUAA4IBAQAmcC6Xg3yDz8ysd14qIZ2z3iuM4pjeCMJ1zlZK
B+pku9Pa1k7GHD2JfkdOr6gXzIru3QRZKBoYAQP6EwAZ2PeHRoOZwlXx0ecLN+oR
jklrjkIhqwfRZGhkQyYnoqhdoXFq+qY8vsHIGMSTN/NlP84ww8X0WgROVKSP+q9f
A+tSGxv7o+LsH4YP18+PItFRUjawbNpCkesGXp75wcl/dkENbkxfLxGZbpxpxiui
qgwE7If30ZuC/L5aCWs3JuT8dpSAGOhMOq3duYL5RYqzPW4aFtQTQxZM8QV1RF9L
2BamDbw2MVNbMTAz/vJf/NrBlIXaC2XDWisosULCfNrscc6n
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:33 2024 by rpki-client on console-ams.rpki-client.org