Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
File: 99ffa238-9133-4fa5-ad84-49e67d34854a.roa (raw, json)
Hash identifier: zAyk1FKqSYTayYWVNkHhPV/dBeDLPcAKAshquC8zCyA=
Subject key identifier: DF:CD:FE:DD:0A:33:D7:BC:F5:D7:56:18:FB:E2:89:B3:2D:35:BE:A9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24B5FD42923246F37C3E6586B31020C6DED32E00
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02a::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:b5:fd:42:92:32:46:f3:7c:3e:65:86:b3:10:20:c6:de:d3:2e:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=b80335dcc569ec9f1dc2fc28a33a372c88c5412e6a603ff83fe918b9fabb182b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e1:1d:88:7e:c1:33:d7:ce:6b:8b:69:78:8a:
fa:26:70:ff:1c:bd:25:83:1b:76:0e:30:48:5e:98:
e8:a3:ae:80:f1:6c:34:cc:ae:22:44:82:68:ee:87:
cb:f3:f0:43:11:74:a2:de:aa:97:32:dd:ae:e2:56:
a2:f9:36:e0:d6:cc:28:57:6f:7c:eb:b9:60:a7:b8:
23:0e:5f:ed:a5:8c:76:5e:7d:5e:eb:f8:01:4a:09:
93:61:1f:cd:90:49:7a:a6:59:58:07:fb:52:a2:43:
70:14:af:4c:80:f6:81:09:7e:44:20:d0:91:11:71:
20:4f:e6:2d:83:8d:b2:5c:6f:66:c9:57:83:59:2b:
fc:8c:96:e4:5f:12:49:a8:0f:b2:5a:d4:8e:f1:d3:
7b:5f:d8:37:a3:0d:fb:ea:a7:cf:8b:f5:fb:d5:b7:
bb:e2:d4:f8:a2:f4:65:05:6c:cf:e0:b6:07:bd:57:
b8:5e:ce:47:c3:a4:ea:d9:9b:71:d8:0d:7e:e1:ef:
5f:ef:62:99:90:42:7b:eb:9d:51:ef:63:00:9c:10:
02:84:62:10:76:59:71:a5:7d:dc:ea:8a:d6:ed:29:
1f:4d:d3:b2:61:a7:c7:ef:ae:62:af:17:fc:81:ac:
14:2b:0d:e2:a9:fe:6a:57:ce:78:db:e9:c1:b0:08:
71:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:CD:FE:DD:0A:33:D7:BC:F5:D7:56:18:FB:E2:89:B3:2D:35:BE:A9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02a::/36
Signature Algorithm: sha256WithRSAEncryption
5a:5c:47:53:ed:c3:de:3d:50:d2:a8:37:20:5b:48:ca:4e:d1:
c5:85:b9:6b:10:78:85:76:7c:c1:cf:ac:b0:c6:fe:72:a4:f3:
9c:1e:91:1c:fd:16:3c:df:11:68:b1:7c:87:8b:17:ea:8f:05:
ab:d4:b9:3e:72:69:7c:8a:e5:4d:cf:b0:02:9b:8d:77:e9:b6:
26:24:e2:68:cf:3d:c6:d9:34:06:b9:06:62:bd:4d:f6:b3:1d:
f2:2f:f1:c4:29:0d:a1:cb:06:63:f3:b8:1c:e3:73:ee:8d:4a:
a9:f3:0e:33:07:0e:ff:f6:0f:41:02:d6:f8:d9:ad:92:b6:6d:
a7:35:1d:c6:75:5d:55:c3:c7:0f:1a:3f:96:1e:df:d4:80:33:
e5:55:ba:83:3f:67:f6:3f:28:b7:a7:0b:ee:5a:df:33:90:38:
a8:7f:53:e9:40:56:0c:a5:e4:28:a6:1c:9a:ba:cf:eb:f7:45:
ee:c4:c6:fc:c0:43:d7:64:7f:28:dd:83:52:ff:d8:41:bd:4d:
dd:5f:f9:a1:0a:13:93:dd:6f:2f:07:8c:1c:fa:9e:14:30:86:
73:9e:ee:cf:44:4f:82:e7:f9:bc:d0:43:41:24:3d:45:4d:f9:
2b:e8:cf:75:0b:09:0a:cb:8f:cc:22:64:d4:f1:63:01:13:8e:
5c:80:ae:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJLX9QpIyRvN8PmWGsxAgxt7TLgAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4MDMzNWRjYzU2OWVjOWYxZGMyZmMyOGEzM2EzNzJjODhjNTQxMmU2YTYw
M2ZmODNmZTkxOGI5ZmFiYjE4MmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/hHYh+wTPXzmuLaXiK+iZw/xy9JYMbdg4wSF6Y6KOugPFsNMyuIkSCaO6H
y/PwQxF0ot6qlzLdruJWovk24NbMKFdvfOu5YKe4Iw5f7aWMdl59Xuv4AUoJk2Ef
zZBJeqZZWAf7UqJDcBSvTID2gQl+RCDQkRFxIE/mLYONslxvZslXg1kr/IyW5F8S
SagPslrUjvHTe1/YN6MN++qnz4v1+9W3u+LU+KL0ZQVsz+C2B71XuF7OR8Ok6tmb
cdgNfuHvX+9imZBCe+udUe9jAJwQAoRiEHZZcaV93OqK1u0pH03TsmGnx++uYq8X
/IGsFCsN4qn+alfOeNvpwbAIcYsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTfzf7d
CjPXvPXXVhj74omzLTW+qTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTlmZmEyMzgtOTEzMy00ZmE1LWFkODQtNDllNjdkMzQ4NTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CoA
MA0GCSqGSIb3DQEBCwUAA4IBAQBaXEdT7cPePVDSqDcgW0jKTtHFhblrEHiFdnzB
z6ywxv5ypPOcHpEc/RY83xFosXyHixfqjwWr1Lk+cml8iuVNz7ACm4136bYmJOJo
zz3G2TQGuQZivU32sx3yL/HEKQ2hywZj87gc43PujUqp8w4zBw7/9g9BAtb42a2S
tm2nNR3GdV1Vw8cPGj+WHt/UgDPlVbqDP2f2Pyi3pwvuWt8zkDiof1PpQFYMpeQo
phyaus/r90XuxMb8wEPXZH8o3YNS/9hBvU3dX/mhChOT3W8vB4wc+p4UMIZznu7P
RE+C5/m80ENBJD1FTfkr6M91CwkKy4/MImTU8WMBE45cgK6c
-----END CERTIFICATE-----
Generated at Fri Apr 19 01:16:39 2024 by rpki-client on console-fra.rpki-client.org