Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
File: 99ffa238-9133-4fa5-ad84-49e67d34854a.roa (raw, json)
Hash identifier: 4EoA7mDbrWFU1oyMnjtbJFQyW6UcrRAL68JuXBW6jmo=
Subject key identifier: 87:4D:D3:B0:8D:B7:C6:97:2A:17:96:4B:DE:98:2D:F6:F5:BA:EC:B3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 203F0DF89C19A99F38300BFC9DA54493DD29CCE4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
Signing time: Tue 22 Oct 2024 00:00:00 +0000
ROA not before: Tue 22 Oct 2024 00:00:00 +0000
ROA not after: Tue 26 Nov 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02a::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Oct 2024 11:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:3f:0d:f8:9c:19:a9:9f:38:30:0b:fc:9d:a5:44:93:dd:29:cc:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 22 00:00:00 2024 GMT
Not After : Nov 26 23:59:59 2024 GMT
Subject: serialNumber=af63c0c1d6953842a25fd25155b452d40e5e0a86c9da7a370f5b2dec4cbafa5c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c9:a0:29:b6:66:e7:e6:e9:14:b2:75:5b:a8:
7c:0f:b4:37:ef:9f:6a:a8:c9:3f:e9:e7:97:fd:30:
d8:df:42:f4:a4:cc:3b:2e:db:b0:a8:f6:e9:c7:a1:
d9:74:4b:01:07:54:e9:93:34:e6:48:94:b5:6b:e9:
db:a5:a7:08:e0:a6:08:73:52:dc:b8:0a:99:94:e9:
07:46:1d:2a:73:2e:b3:c1:d4:8e:73:1a:43:56:4d:
96:90:66:9b:0b:c9:21:37:69:ed:fd:4b:7d:4c:ab:
20:d9:91:84:77:50:ed:5c:82:ce:c0:36:8d:25:63:
ac:4d:66:ad:73:8f:9a:7f:f4:68:18:8c:33:0b:3d:
cd:15:18:20:f0:0d:4a:39:e5:62:29:d6:e5:f9:29:
4f:98:3a:cd:7b:12:5f:fb:cb:88:af:09:dc:42:d6:
8c:21:47:a5:f4:e0:b7:87:fc:9d:85:0b:7e:16:18:
76:eb:ed:ef:80:ec:4f:50:df:a5:74:d8:d4:c3:78:
26:51:c7:9d:cb:b1:ed:f1:32:61:05:15:23:e4:2c:
70:4f:8c:1e:e1:f6:6b:9e:7d:a5:44:e6:bf:96:3b:
18:25:64:64:a0:ac:4f:ca:7b:8a:4c:e6:d0:45:af:
05:64:e6:04:57:71:32:6f:f8:9b:16:c7:e1:68:04:
4a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:4D:D3:B0:8D:B7:C6:97:2A:17:96:4B:DE:98:2D:F6:F5:BA:EC:B3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02a::/36
Signature Algorithm: sha256WithRSAEncryption
8b:8f:b5:9c:4f:e5:4f:61:db:a4:f5:18:b2:a0:9a:53:1c:ef:
d7:c9:13:35:ad:9d:49:0e:ed:37:7f:99:c7:23:68:4a:3a:55:
86:62:f2:93:76:53:ee:1f:7e:0e:89:0c:4a:63:b3:a3:f5:15:
a4:3e:4e:c7:aa:ad:0a:e5:02:b4:ef:de:41:7e:67:d9:03:0b:
57:28:e3:95:06:98:5f:7e:0f:27:ad:b7:02:a9:eb:7e:d5:60:
e7:e4:8c:0e:45:cd:7b:97:7f:be:59:bb:93:fa:92:92:8d:35:
ae:47:60:33:0c:20:d3:9e:8b:44:d1:98:1d:82:05:2d:66:0d:
75:02:77:42:a1:4e:5c:74:dd:2d:16:38:8c:c1:1e:64:ef:d5:
3d:ca:4a:f2:67:97:3b:03:e4:fe:56:b1:86:de:e7:48:99:00:
31:99:46:83:a7:ca:5a:85:c0:87:84:4f:df:ad:f3:85:f0:1c:
3e:1f:bc:04:e3:f4:cf:4e:01:a8:3e:62:08:18:34:ff:80:8f:
ce:ba:b0:1c:d2:9a:57:fb:c9:b9:77:8f:93:aa:e2:70:ef:04:
4f:f2:72:4d:4b:b5:e8:fe:d9:51:93:9d:07:a2:34:9b:3e:c8:
18:97:ed:0c:24:ea:af:e0:5d:ae:02:b4:13:79:b6:c4:36:c9:
73:c7:6a:6c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUID8N+JwZqZ84MAv8naVEk90pzOQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEwMjIwMDAwMDBaFw0yNDExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmNjNjMGMxZDY5NTM4NDJhMjVmZDI1MTU1YjQ1MmQ0MGU1ZTBhODZjOWRh
N2EzNzBmNWIyZGVjNGNiYWZhNWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/JoCm2Zufm6RSydVuofA+0N++faqjJP+nnl/0w2N9C9KTMOy7bsKj26ceh
2XRLAQdU6ZM05kiUtWvp26WnCOCmCHNS3LgKmZTpB0YdKnMus8HUjnMaQ1ZNlpBm
mwvJITdp7f1LfUyrINmRhHdQ7VyCzsA2jSVjrE1mrXOPmn/0aBiMMws9zRUYIPAN
SjnlYinW5fkpT5g6zXsSX/vLiK8J3ELWjCFHpfTgt4f8nYULfhYYduvt74DsT1Df
pXTY1MN4JlHHncux7fEyYQUVI+QscE+MHuH2a559pUTmv5Y7GCVkZKCsT8p7ikzm
0EWvBWTmBFdxMm/4mxbH4WgESl8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSHTdOw
jbfGlyoXlkvemC329brsszAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTlmZmEyMzgtOTEzMy00ZmE1LWFkODQtNDllNjdkMzQ4NTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CoA
MA0GCSqGSIb3DQEBCwUAA4IBAQCLj7WcT+VPYduk9RiyoJpTHO/XyRM1rZ1JDu03
f5nHI2hKOlWGYvKTdlPuH34OiQxKY7Oj9RWkPk7Hqq0K5QK0795BfmfZAwtXKOOV
Bphffg8nrbcCqet+1WDn5IwORc17l3++WbuT+pKSjTWuR2AzDCDTnotE0ZgdggUt
Zg11AndCoU5cdN0tFjiMwR5k79U9ykryZ5c7A+T+VrGG3udImQAxmUaDp8pahcCH
hE/frfOF8Bw+H7wE4/TPTgGoPmIIGDT/gI/OurAc0ppX+8m5d4+TquJw7wRP8nJN
S7Xo/tlRk50HojSbPsgYl+0MJOqv4F2uArQTebbENslzx2ps
-----END CERTIFICATE-----
Generated at Fri Oct 25 16:45:34 2024 by rpki-client on console-ams.rpki-client.org