Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
File: a37b3e49-cec5-4def-b3ef-5356277d82ab.roa (raw, json)
Hash identifier: f33BBwSlR93Zu5zerfSBGVVaP0LJAa3fVJWF27ikrR4=
Subject key identifier: 00:81:E4:E8:A5:89:F2:80:DA:98:3F:C4:7C:CD:39:33:F1:2A:34:B6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E38FDB3784E49CF4DD1F458DA20C7051E6627B5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
Signing time: Fri 06 Sep 2024 00:00:00 +0000
ROA not before: Fri 06 Sep 2024 00:00:00 +0000
ROA not after: Fri 11 Oct 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Sep 2024 20:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:38:fd:b3:78:4e:49:cf:4d:d1:f4:58:da:20:c7:05:1e:66:27:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 6 00:00:00 2024 GMT
Not After : Oct 11 23:59:59 2024 GMT
Subject: serialNumber=6f8ed4e998723cba7c3fc9edf8771c25e5605ceeea33967488bd6ac31fc92405, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c4:f6:74:a2:f8:4a:1d:c7:29:a6:e6:d6:60:
1f:00:a2:e2:66:05:52:82:22:47:30:c1:9e:a7:6b:
3b:6b:5f:dd:c7:f2:69:b5:54:40:a5:5d:50:f6:e7:
bc:05:be:c5:e8:cd:71:dd:2c:ef:0c:cf:e3:6d:6b:
bd:81:94:82:0a:b3:df:7e:2a:d1:42:07:43:45:25:
d1:69:ab:79:27:08:67:8d:b8:27:ea:95:87:cd:4d:
15:7a:34:d9:eb:9c:2b:9d:9b:38:71:e1:15:4b:01:
3b:76:02:51:06:b0:4a:c0:20:9e:9e:6f:54:43:ec:
5a:5c:9a:7f:53:ca:99:9d:c5:19:7c:3f:7f:43:93:
f6:a4:b6:f2:2f:98:b1:ba:85:bb:53:aa:f7:31:c9:
81:d2:4c:a1:b9:07:39:9f:23:33:23:34:c3:de:06:
8a:70:af:0b:1a:c6:7c:30:63:6e:a3:ac:e9:b3:ab:
1f:25:29:fd:cc:21:a7:91:ed:b4:9e:1b:3c:6b:25:
87:eb:ad:09:b4:87:f8:f1:ce:c4:69:b7:f1:b2:84:
6d:8a:19:59:5b:0f:2f:e6:39:a7:df:89:24:77:70:
7b:1a:d0:7e:38:96:55:c9:b3:c5:0b:4f:29:2c:21:
90:f9:06:e8:a0:48:3b:fe:06:12:4a:2f:9d:8a:0f:
0b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:81:E4:E8:A5:89:F2:80:DA:98:3F:C4:7C:CD:39:33:F1:2A:34:B6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:1000::/40
Signature Algorithm: sha256WithRSAEncryption
5a:fd:4a:21:b5:74:35:b7:9b:9c:6a:1d:10:bc:c0:72:3a:5f:
cf:31:e9:fd:e2:c6:d6:56:77:9d:a9:c9:dd:a5:15:33:78:0b:
cf:88:94:6b:8f:af:0c:e5:2b:dd:87:15:5a:b2:91:7a:51:72:
c2:bd:f8:0d:ca:81:1b:d0:62:fa:a4:f9:61:72:1e:36:e5:1c:
fd:7f:6a:0c:0e:7f:67:d3:28:59:07:78:6d:f9:35:e4:2c:50:
72:81:4e:2a:6d:ab:1f:2e:b5:b9:dc:5d:eb:0c:aa:f3:3a:59:
f5:85:6a:bd:3d:43:42:2f:bf:24:07:d4:91:7f:da:af:2d:02:
67:b8:9c:87:c3:44:7b:5d:59:b1:5c:35:48:9f:a1:b4:92:3a:
2d:95:de:bf:cc:a6:7b:71:bd:91:54:98:fa:ee:6f:7f:3d:c9:
11:b6:7c:8c:aa:25:c5:a8:bd:23:49:b2:b9:6a:42:2e:74:ec:
06:34:94:5c:f3:49:d9:61:70:73:2e:41:22:a4:98:3a:1a:03:
e2:5c:eb:f8:c3:e8:50:e5:1b:a0:78:dc:f8:27:29:28:d7:2f:
1f:05:e2:a0:7e:d1:95:35:34:61:41:46:09:9d:30:42:59:ac:
24:a2:3d:c5:e5:2f:27:0c:7d:05:e1:46:f2:6c:12:bb:08:e6:
7a:28:46:a9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbjj9s3hOSc9N0fRY2iDHBR5mJ7UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA5MDYwMDAwMDBaFw0yNDEwMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmOGVkNGU5OTg3MjNjYmE3YzNmYzllZGY4NzcxYzI1ZTU2MDVjZWVlYTMz
OTY3NDg4YmQ2YWMzMWZjOTI0MDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANLE9nSi+Eodxymm5tZgHwCi4mYFUoIiRzDBnqdrO2tf3cfyabVUQKVdUPbn
vAW+xejNcd0s7wzP421rvYGUggqz334q0UIHQ0Ul0WmreScIZ424J+qVh81NFXo0
2eucK52bOHHhFUsBO3YCUQawSsAgnp5vVEPsWlyaf1PKmZ3FGXw/f0OT9qS28i+Y
sbqFu1Oq9zHJgdJMobkHOZ8jMyM0w94GinCvCxrGfDBjbqOs6bOrHyUp/cwhp5Ht
tJ4bPGslh+utCbSH+PHOxGm38bKEbYoZWVsPL+Y5p9+JJHdwexrQfjiWVcmzxQtP
KSwhkPkG6KBIO/4GEkovnYoPCz0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQAgeTo
pYnygNqYP8R8zTkz8So0tjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTM3YjNlNDktY2VjNS00ZGVmLWIzZWYtNTM1NjI3N2Q4MmFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBa/UohtXQ1t5ucah0QvMByOl/PMen94sbWVned
qcndpRUzeAvPiJRrj68M5SvdhxVaspF6UXLCvfgNyoEb0GL6pPlhch425Rz9f2oM
Dn9n0yhZB3ht+TXkLFBygU4qbasfLrW53F3rDKrzOln1hWq9PUNCL78kB9SRf9qv
LQJnuJyHw0R7XVmxXDVIn6G0kjotld6/zKZ7cb2RVJj67m9/PckRtnyMqiXFqL0j
SbK5akIudOwGNJRc80nZYXBzLkEipJg6GgPiXOv4w+hQ5RugeNz4Jyko1y8fBeKg
ftGVNTRhQUYJnTBCWawkoj3F5S8nDH0F4UbybBK7COZ6KEap
-----END CERTIFICATE-----
Generated at Sat Sep 7 01:39:49 2024 by rpki-client on console-ams.rpki-client.org