Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
File: 99ffa238-9133-4fa5-ad84-49e67d34854a.roa (raw, json)
Hash identifier: iYSLxkHPQ2Uiv8Z3hL6Xt0DGk1ZLBZTYm8JqK4kfMLA=
Subject key identifier: 9E:1A:E1:16:F0:43:9A:2F:EC:D1:F3:61:C1:02:29:44:63:27:76:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 382989235262103E83F9284B71906898F7E39399
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02a::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:29:89:23:52:62:10:3e:83:f9:28:4b:71:90:68:98:f7:e3:93:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=1f19769bf331af50bc1445a17eae709fb1e8d6a31425a3c43be0878a6f0af854, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:29:a2:d8:73:49:03:79:0d:ca:7c:00:4f:3a:
5c:a2:ea:f8:ff:95:09:49:63:ce:32:15:b7:1f:fe:
0e:21:74:50:bd:da:6e:ba:33:d3:96:ee:b0:37:eb:
50:22:2f:c6:d0:b8:58:32:af:1b:35:27:2b:fc:93:
b8:6d:eb:d6:b5:72:39:5e:89:7d:56:fb:59:4a:c4:
c3:be:e7:1c:c1:1d:5c:a0:20:7b:f6:c9:b7:cc:ae:
2c:11:a9:ef:be:4b:8d:bc:e5:3e:b2:60:a0:fd:14:
3e:ab:21:05:34:f4:97:82:dc:ba:70:bc:40:2e:1d:
05:ae:f3:44:4e:24:61:e5:5a:c1:3c:62:23:58:c2:
f6:30:67:6b:76:2f:e4:41:cc:1a:b1:70:7d:57:f7:
0f:b9:56:bb:97:18:ac:64:e3:7c:55:dd:3d:6e:7e:
d7:aa:21:dd:16:6a:4d:bd:d6:86:33:8e:d8:83:35:
87:72:d9:ab:06:ac:71:e6:d6:d6:d2:71:b9:7b:34:
6e:f4:1f:db:e5:79:f9:d3:10:3d:7d:5e:87:52:08:
e5:2c:9d:ec:cf:53:58:fa:43:67:5b:68:ea:0e:68:
b6:82:25:fb:5e:dd:d3:3a:65:4e:cd:d6:79:b9:bd:
b4:7a:25:cb:2e:a6:17:87:de:2d:d5:20:ea:0c:86:
13:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:1A:E1:16:F0:43:9A:2F:EC:D1:F3:61:C1:02:29:44:63:27:76:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02a::/36
Signature Algorithm: sha256WithRSAEncryption
97:b9:1a:e8:43:8f:9a:6c:30:77:47:bd:9e:5c:da:db:95:8d:
38:1c:b1:13:4e:9a:53:c1:c6:4d:d6:3a:2e:60:b7:fc:8c:86:
20:6e:94:75:5b:8c:85:a3:b2:92:39:d4:8e:58:f2:d5:1d:a4:
6b:1f:6d:bf:1a:73:29:fb:00:e4:df:fc:ee:47:82:fb:46:91:
eb:17:19:a2:a0:5e:36:42:37:31:a8:36:dd:50:4d:4d:35:95:
f3:73:24:1d:31:ba:c1:f2:72:4a:1d:9b:ca:59:21:e3:45:d6:
c9:45:e5:20:19:61:84:bb:4a:11:97:82:ff:90:6e:65:32:48:
e0:0b:d0:84:91:e2:c1:8f:4d:c8:9a:d3:de:5b:09:64:01:ff:
7a:f7:0d:57:66:25:a1:1c:22:a7:ee:f2:8b:33:3c:76:9b:d7:
9c:be:d4:c4:a3:5c:56:70:41:1f:f9:55:61:ef:ca:0d:d1:f5:
7e:05:bd:5a:33:22:5f:7f:2b:45:1e:db:41:2f:86:4f:6e:5a:
8d:0b:e4:75:12:de:60:d1:fd:05:ab:9d:8d:fc:55:d6:bd:7e:
bd:a2:bb:ff:81:da:25:2b:a3:8d:04:f7:7d:3b:7a:66:ca:fd:
d9:f8:d1:ab:52:5b:73:67:1c:d2:ea:92:dc:3a:96:3c:20:de:
5a:66:a8:91
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOCmJI1JiED6D+ShLcZBomPfjk5kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmMTk3NjliZjMzMWFmNTBiYzE0NDVhMTdlYWU3MDlmYjFlOGQ2YTMxNDI1
YTNjNDNiZTA4NzhhNmYwYWY4NTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcpothzSQN5Dcp8AE86XKLq+P+VCUljzjIVtx/+DiF0UL3abroz05busDfr
UCIvxtC4WDKvGzUnK/yTuG3r1rVyOV6JfVb7WUrEw77nHMEdXKAge/bJt8yuLBGp
775LjbzlPrJgoP0UPqshBTT0l4LcunC8QC4dBa7zRE4kYeVawTxiI1jC9jBna3Yv
5EHMGrFwfVf3D7lWu5cYrGTjfFXdPW5+16oh3RZqTb3WhjOO2IM1h3LZqwascebW
1tJxuXs0bvQf2+V5+dMQPX1eh1II5Syd7M9TWPpDZ1to6g5otoIl+17d0zplTs3W
ebm9tHolyy6mF4feLdUg6gyGExMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSeGuEW
8EOaL+zR82HBAilEYyd2ATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTlmZmEyMzgtOTEzMy00ZmE1LWFkODQtNDllNjdkMzQ4NTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CoA
MA0GCSqGSIb3DQEBCwUAA4IBAQCXuRroQ4+abDB3R72eXNrblY04HLETTppTwcZN
1jouYLf8jIYgbpR1W4yFo7KSOdSOWPLVHaRrH22/GnMp+wDk3/zuR4L7RpHrFxmi
oF42QjcxqDbdUE1NNZXzcyQdMbrB8nJKHZvKWSHjRdbJReUgGWGEu0oRl4L/kG5l
MkjgC9CEkeLBj03ImtPeWwlkAf969w1XZiWhHCKn7vKLMzx2m9ecvtTEo1xWcEEf
+VVh78oN0fV+Bb1aMyJffytFHttBL4ZPblqNC+R1Et5g0f0Fq52N/FXWvX69orv/
gdolK6ONBPd9O3pmyv3Z+NGrUltzZxzS6pLcOpY8IN5aZqiR
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:33 2024 by rpki-client on console-ams.rpki-client.org