Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
File: a37b3e49-cec5-4def-b3ef-5356277d82ab.roa (raw, json)
Hash identifier: KF3f3rpntNGP2c2Z3EvaGnoJl+JNIJWPm7S785ETktg=
Subject key identifier: 29:8E:F1:40:6E:4A:3A:67:41:55:72:CA:E9:96:E9:F0:EC:2A:4C:68
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0FD96489A649906FED1850A5DC38FFBF06CA811D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
Signing time: Fri 22 Nov 2024 00:00:00 +0000
ROA not before: Fri 22 Nov 2024 00:00:00 +0000
ROA not after: Fri 27 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:d9:64:89:a6:49:90:6f:ed:18:50:a5:dc:38:ff:bf:06:ca:81:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 22 00:00:00 2024 GMT
Not After : Dec 27 23:59:59 2024 GMT
Subject: serialNumber=9559907a88f94db390dd3920cfb5c44c5d2dc528629faf8eadfe1dfc63a9c51d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:99:d8:21:b7:aa:89:02:a5:7e:49:03:59:88:
50:05:71:a4:19:87:73:2a:dc:5d:2b:f1:db:84:2f:
7d:23:46:2e:16:d3:c3:d6:fb:03:ab:2c:82:c8:a0:
8c:6a:bf:8d:6d:e7:5f:e0:81:97:8d:25:5b:1c:eb:
ff:a5:2a:0a:7b:23:f1:8b:4b:ff:dd:7b:e0:ef:15:
df:ac:2d:3f:c1:26:79:d4:af:22:63:c0:f4:87:22:
0d:ab:9c:23:0d:b9:67:dc:aa:45:c5:4c:a3:24:46:
47:31:6e:1c:5b:53:f6:fc:28:51:3d:4f:02:44:32:
07:d6:d4:92:fc:46:7f:d7:b6:0a:21:e8:3b:60:ea:
68:b0:41:6d:6c:2a:f3:42:76:ff:60:22:67:fe:06:
99:ea:df:ec:0c:a2:6f:9a:48:cb:bf:b4:75:5f:a2:
39:49:11:6d:e9:97:0c:1e:82:b0:29:c1:eb:6a:86:
2d:7d:ce:fe:ef:cc:42:12:25:86:d3:6e:a8:d4:c9:
1b:c7:64:2b:34:af:45:82:a2:30:7b:7c:64:35:09:
65:2f:e5:9f:e6:bb:d8:13:3c:29:d2:48:1f:46:8b:
b9:34:db:84:d2:da:34:2c:1a:0a:c8:ae:1d:2d:ca:
7e:4a:1e:6b:63:d3:96:6e:74:0f:72:fd:bc:33:bd:
43:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:8E:F1:40:6E:4A:3A:67:41:55:72:CA:E9:96:E9:F0:EC:2A:4C:68
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:1000::/40
Signature Algorithm: sha256WithRSAEncryption
1a:e1:e4:d2:44:dc:fd:8c:92:a7:db:ac:5f:ac:7a:eb:19:a1:
fa:8b:e1:8c:5b:84:fb:28:01:13:28:91:6f:4d:7a:ff:07:3c:
b5:de:52:39:98:36:3f:48:5a:f1:90:57:fc:54:70:d7:5c:e6:
b5:1f:a5:f4:eb:d8:6f:bd:d5:45:b4:89:b2:60:ca:a1:7c:6c:
ca:d9:69:24:29:c2:c9:6d:9e:20:b0:7a:d4:5e:74:c0:29:49:
2a:d4:e7:a0:f0:63:2f:16:51:87:4a:92:11:d5:53:83:d5:e0:
83:85:cb:76:38:d6:7b:b8:96:32:2e:ac:2e:4f:53:20:5a:2a:
02:35:5a:a7:de:92:86:d7:4e:2e:53:51:a1:6d:b3:0e:20:0b:
61:f4:fd:f2:68:92:a7:a0:7d:aa:66:6e:5e:49:f2:b8:90:e1:
e4:f4:e4:b6:99:f9:9a:31:99:4a:2a:21:5b:9b:04:19:c5:a3:
56:d8:d8:2f:2f:e7:05:96:bd:d0:bd:a6:9c:4a:b4:96:e1:9a:
62:39:c8:ca:e0:9d:42:c2:d3:51:94:8d:7f:d6:95:ad:0b:21:
d3:4c:cf:30:c5:1a:b2:b8:ec:35:b5:e6:0e:37:62:8e:e5:f5:
26:34:e4:50:dc:4e:3b:3a:ef:cb:f8:06:89:08:6d:fe:7a:2f:
14:93:dc:3e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUD9lkiaZJkG/tGFCl3Dj/vwbKgR0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMjIwMDAwMDBaFw0yNDEyMjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDk1NTk5MDdhODhmOTRkYjM5MGRkMzkyMGNmYjVjNDRjNWQyZGM1Mjg2Mjlm
YWY4ZWFkZmUxZGZjNjNhOWM1MWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO2Z2CG3qokCpX5JA1mIUAVxpBmHcyrcXSvx24QvfSNGLhbTw9b7A6ssgsig
jGq/jW3nX+CBl40lWxzr/6UqCnsj8YtL/9174O8V36wtP8EmedSvImPA9IciDauc
Iw25Z9yqRcVMoyRGRzFuHFtT9vwoUT1PAkQyB9bUkvxGf9e2CiHoO2DqaLBBbWwq
80J2/2AiZ/4Gmerf7Ayib5pIy7+0dV+iOUkRbemXDB6CsCnB62qGLX3O/u/MQhIl
htNuqNTJG8dkKzSvRYKiMHt8ZDUJZS/ln+a72BM8KdJIH0aLuTTbhNLaNCwaCsiu
HS3Kfkoea2PTlm50D3L9vDO9Q50CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQpjvFA
bko6Z0FVcsrplunw7CpMaDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTM3YjNlNDktY2VjNS00ZGVmLWIzZWYtNTM1NjI3N2Q4MmFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAa4eTSRNz9jJKn26xfrHrrGaH6i+GMW4T7KAET
KJFvTXr/Bzy13lI5mDY/SFrxkFf8VHDXXOa1H6X069hvvdVFtImyYMqhfGzK2Wkk
KcLJbZ4gsHrUXnTAKUkq1Oeg8GMvFlGHSpIR1VOD1eCDhct2ONZ7uJYyLqwuT1Mg
WioCNVqn3pKG104uU1GhbbMOIAth9P3yaJKnoH2qZm5eSfK4kOHk9OS2mfmaMZlK
KiFbmwQZxaNW2NgvL+cFlr3QvaacSrSW4ZpiOcjK4J1CwtNRlI1/1pWtCyHTTM8w
xRqyuOw1teYON2KO5fUmNORQ3E47Ou/L+AaJCG3+ei8Uk9w+
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:58:40 2024 by rpki-client on console-fra.rpki-client.org