Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b4179d9-6f47-4699-ac59-d57ba5ebbe0b.roa
File: 9b4179d9-6f47-4699-ac59-d57ba5ebbe0b.roa (raw, json)
Hash identifier: vQtMJnVHr6VKYEw4vfKHdI+IHxiqaF3vbqWrxys7jO0=
Subject key identifier: 9B:B9:32:C1:44:AC:77:8B:6C:D2:DE:B4:78:20:B8:1C:60:1C:EC:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D45C58E1F6043AC5E860330DC2B403A058CF2C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b4179d9-6f47-4699-ac59-d57ba5ebbe0b.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 08:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:45:c5:8e:1f:60:43:ac:5e:86:03:30:dc:2b:40:3a:05:8c:f2:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=f69bbd00b6166f3a228323a4cc98f85833d018adf44879041b440eafae49e105, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7c:32:f2:11:ff:19:fb:f3:63:99:aa:2b:cf:
d5:9d:5b:aa:cd:22:4c:19:32:c3:ee:8d:61:c9:e5:
32:64:44:e7:be:a0:69:b8:ce:68:ec:b0:9e:8c:1d:
9c:42:92:67:ea:f5:39:3b:0c:30:d7:d3:b8:02:15:
af:a7:2a:3c:8f:d2:de:3e:61:e6:82:ec:c8:67:27:
10:5f:14:15:ac:35:86:10:e2:1d:23:d9:c6:5a:0c:
29:51:9d:5e:c0:20:0b:d2:d8:56:2a:3e:f4:9a:c5:
7a:6b:10:1d:a5:bc:71:3b:3e:a7:17:43:6b:bb:57:
99:f0:5d:a7:89:ac:6d:8a:d1:36:9d:f8:00:01:43:
95:2f:03:93:35:52:d5:72:b0:ce:4a:07:1b:55:2c:
9c:24:87:b8:13:ea:4b:e8:64:b9:0d:8a:c6:fc:a5:
fc:cc:06:62:69:7c:f4:5e:ca:a2:61:f4:7e:c2:25:
9e:8b:0b:d4:d7:46:c1:01:fb:cf:dd:de:ea:14:89:
d8:3a:0f:af:c8:45:ac:11:7c:91:63:ce:0a:6b:2e:
2c:ec:b5:e6:b8:f0:c3:3e:bf:a9:32:50:cc:d8:9c:
15:0f:95:25:ec:44:8a:76:54:c7:c8:d2:7f:b4:19:
ec:1a:75:d6:86:48:87:bb:5a:5d:d6:c1:c4:e9:0c:
5f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:B9:32:C1:44:AC:77:8B:6C:D2:DE:B4:78:20:B8:1C:60:1C:EC:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b4179d9-6f47-4699-ac59-d57ba5ebbe0b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:2000::/40
Signature Algorithm: sha256WithRSAEncryption
93:b4:1c:37:8e:47:22:ac:d1:44:cc:66:60:73:e1:56:69:18:
12:90:80:aa:0c:2e:c5:0f:1e:3b:6b:31:52:a6:a4:1b:e5:e2:
ea:b8:6e:6c:24:ca:05:55:d2:a7:8b:db:c6:e8:73:ab:40:97:
c7:aa:1f:0d:e7:2d:7d:00:e3:bb:53:5a:5c:65:23:e6:4d:3a:
41:20:07:bb:fa:62:30:f8:cd:12:41:7e:da:cd:df:05:a4:e0:
0f:f1:c8:0b:60:69:9f:84:50:71:e4:fa:4d:48:05:56:cc:b1:
7f:b0:ee:ee:f1:6c:10:ed:ac:42:97:10:eb:b8:39:93:89:7b:
61:dd:71:3c:be:f7:23:0f:bf:d5:bf:5b:be:54:ed:62:32:ad:
55:99:ac:fc:90:e8:3c:4a:6d:b4:64:47:5e:90:73:56:7c:80:
cd:2d:4d:77:da:90:d0:2e:e5:89:f8:00:0e:06:c8:b5:c7:a4:
14:49:69:00:0f:9b:3c:bb:2d:5d:4e:ad:63:3f:40:a2:c3:d9:
10:5b:b3:9f:ec:66:9f:3c:e2:d7:0c:26:0e:78:15:4b:bf:a9:
65:8c:8a:f1:79:5d:83:40:72:07:aa:ea:ff:a3:14:6c:01:22:
e7:2d:8f:19:c7:1d:70:df:10:48:97:c7:20:77:d2:1e:89:9a:
54:e8:aa:13
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHUXFjh9gQ6xehgMw3CtAOgWM8skwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2OWJiZDAwYjYxNjZmM2EyMjgzMjNhNGNjOThmODU4MzNkMDE4YWRmNDQ4
NzkwNDFiNDQwZWFmYWU0OWUxMDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKp8MvIR/xn782OZqivP1Z1bqs0iTBkyw+6NYcnlMmRE576gabjOaOywnowd
nEKSZ+r1OTsMMNfTuAIVr6cqPI/S3j5h5oLsyGcnEF8UFaw1hhDiHSPZxloMKVGd
XsAgC9LYVio+9JrFemsQHaW8cTs+pxdDa7tXmfBdp4msbYrRNp34AAFDlS8DkzVS
1XKwzkoHG1UsnCSHuBPqS+hkuQ2Kxvyl/MwGYml89F7KomH0fsIlnosL1NdGwQH7
z93e6hSJ2DoPr8hFrBF8kWPOCmsuLOy15rjwwz6/qTJQzNicFQ+VJexEinZUx8jS
f7QZ7Bp11oZIh7taXdbBxOkMXy8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSbuTLB
RKx3i2zS3rR4ILgcYBzsBzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWI0MTc5ZDktNmY0Ny00Njk5LWFjNTktZDU3YmE1ZWJiZTBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DEg
MA0GCSqGSIb3DQEBCwUAA4IBAQCTtBw3jkcirNFEzGZgc+FWaRgSkICqDC7FDx47
azFSpqQb5eLquG5sJMoFVdKni9vG6HOrQJfHqh8N5y19AOO7U1pcZSPmTTpBIAe7
+mIw+M0SQX7azd8FpOAP8cgLYGmfhFBx5PpNSAVWzLF/sO7u8WwQ7axClxDruDmT
iXth3XE8vvcjD7/Vv1u+VO1iMq1Vmaz8kOg8Sm20ZEdekHNWfIDNLU132pDQLuWJ
+AAOBsi1x6QUSWkAD5s8uy1dTq1jP0Ciw9kQW7Of7GafPOLXDCYOeBVLv6lljIrx
eV2DQHIHqur/oxRsASLnLY8Zxx1w3xBIl8cgd9IeiZpU6KoT
-----END CERTIFICATE-----
Generated at Fri Apr 26 13:36:05 2024 by rpki-client on console-ams.rpki-client.org