Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a380f4dc-ddaf-44f7-adac-c908e52ec48c.roa
File: a380f4dc-ddaf-44f7-adac-c908e52ec48c.roa (raw, json)
Hash identifier: 0xDs7sc/4XrM6LssY5e0hRRJsDuatROYBGxPW4dvCYU=
Subject key identifier: 99:F6:9E:12:D4:71:F0:E0:D1:A4:4E:24:F2:E1:45:7F:08:E0:C5:45
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 354F0ADC9683071D1B49AAA51882C6EDD3D34125
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a380f4dc-ddaf-44f7-adac-c908e52ec48c.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:4f:0a:dc:96:83:07:1d:1b:49:aa:a5:18:82:c6:ed:d3:d3:41:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=17b55c774e7d67508744a695848d99165464a2bf2a76d266caa5505e455cb159, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:cb:c7:91:50:1f:f5:c8:0e:c3:a2:14:fc:ef:
95:2d:f6:37:6a:d8:65:3b:c4:51:bf:7d:af:90:97:
9f:d4:c1:50:d3:6f:04:2f:26:fe:98:f8:06:53:f4:
7e:70:7c:d2:cd:c8:3b:6c:b5:aa:b5:39:3a:07:63:
17:a0:1f:f9:18:44:75:4d:6e:70:dd:f6:5a:91:8f:
0f:04:fb:36:1c:41:12:31:f0:74:6f:7f:a9:ba:a7:
fe:f5:bf:62:46:fe:2c:3d:34:9c:60:64:26:a7:c3:
4f:e7:a3:b5:22:ef:a3:ae:55:af:b1:93:21:3a:b9:
78:74:a9:d9:e1:45:7f:ab:45:7b:67:06:52:68:08:
b6:ae:a8:61:1c:ab:4b:f3:69:0e:7e:c1:9f:2c:79:
3b:e9:d7:5d:ef:31:ce:8a:af:bf:51:58:08:39:c2:
68:37:63:b6:5d:79:07:d0:cd:c8:b9:57:2e:37:69:
fb:da:7f:25:20:83:c3:e4:6b:7f:a5:31:28:eb:97:
26:4a:57:47:30:8f:9e:f7:eb:f6:6e:93:02:0b:a4:
bb:86:ae:4f:b6:93:01:d6:fe:f9:04:52:20:08:61:
d3:29:5b:2d:a5:b0:b9:6b:a3:b7:f9:6b:4b:c4:ee:
53:5b:3e:4c:28:43:f3:b4:01:f2:01:78:d1:26:52:
fa:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F6:9E:12:D4:71:F0:E0:D1:A4:4E:24:F2:E1:45:7F:08:E0:C5:45
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a380f4dc-ddaf-44f7-adac-c908e52ec48c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:1000::/40
Signature Algorithm: sha256WithRSAEncryption
24:79:7a:fc:a0:43:0b:3c:8d:45:52:04:3f:7d:74:e3:c5:6a:
44:01:a1:4c:1a:a6:33:76:0e:29:ea:4e:5d:0b:3c:50:22:68:
cc:8c:e2:66:4c:58:6a:21:d5:0c:04:19:39:f6:a7:d7:13:78:
00:bf:0f:43:b2:7f:51:a8:3f:31:d4:31:f6:3a:84:f5:78:72:
61:51:c2:92:bb:44:69:b3:5f:df:2d:4f:92:61:8d:2d:e2:cc:
dc:4c:33:e7:52:71:dc:88:d3:db:ac:99:ce:f2:cf:15:e9:cd:
66:94:85:84:71:94:73:bf:08:45:eb:d4:dd:9d:a4:c5:43:fc:
9f:b0:e8:71:4d:ce:69:fd:49:53:eb:a4:b4:ec:e1:5e:28:cf:
4b:50:c6:2d:6f:7f:cc:a4:79:7c:9a:41:b7:f7:a6:4f:e5:35:
49:23:ac:fe:17:86:5f:ec:14:de:5c:e4:a6:0f:b5:b2:18:e8:
21:15:b7:1b:9a:eb:a7:b9:4c:af:6f:2e:b7:16:1a:67:1b:a2:
f4:db:05:88:11:dc:3e:eb:bc:5e:4b:d2:3d:66:57:9d:fc:db:
ca:d7:33:9e:ad:19:ad:1e:a0:84:08:c1:ef:3d:8a:9b:90:6f:
f1:cc:55:f5:0e:b0:8c:3f:00:19:94:c7:a2:7f:2a:4c:5a:4b:
6d:f9:f5:e2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNU8K3JaDBx0bSaqlGILG7dPTQSUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3YjU1Yzc3NGU3ZDY3NTA4NzQ0YTY5NTg0OGQ5OTE2NTQ2NGEyYmYyYTc2
ZDI2NmNhYTU1MDVlNDU1Y2IxNTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzLx5FQH/XIDsOiFPzvlS32N2rYZTvEUb99r5CXn9TBUNNvBC8m/pj4BlP0
fnB80s3IO2y1qrU5OgdjF6Af+RhEdU1ucN32WpGPDwT7NhxBEjHwdG9/qbqn/vW/
Ykb+LD00nGBkJqfDT+ejtSLvo65Vr7GTITq5eHSp2eFFf6tFe2cGUmgItq6oYRyr
S/NpDn7Bnyx5O+nXXe8xzoqvv1FYCDnCaDdjtl15B9DNyLlXLjdp+9p/JSCDw+Rr
f6UxKOuXJkpXRzCPnvfr9m6TAguku4auT7aTAdb++QRSIAhh0ylbLaWwuWujt/lr
S8TuU1s+TChD87QB8gF40SZS+lECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSZ9p4S
1HHw4NGkTiTy4UV/CODFRTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTM4MGY0ZGMtZGRhZi00NGY3LWFkYWMtYzkwOGU1MmVjNDhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAkeXr8oEMLPI1FUgQ/fXTjxWpEAaFMGqYzdg4p
6k5dCzxQImjMjOJmTFhqIdUMBBk59qfXE3gAvw9Dsn9RqD8x1DH2OoT1eHJhUcKS
u0Rps1/fLU+SYY0t4szcTDPnUnHciNPbrJnO8s8V6c1mlIWEcZRzvwhF69TdnaTF
Q/yfsOhxTc5p/UlT66S07OFeKM9LUMYtb3/MpHl8mkG396ZP5TVJI6z+F4Zf7BTe
XOSmD7WyGOghFbcbmuunuUyvby63FhpnG6L02wWIEdw+67xeS9I9Zled/NvK1zOe
rRmtHqCECMHvPYqbkG/xzFX1DrCMPwAZlMeifypMWktt+fXi
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:32 2024 by rpki-client on console-fra.rpki-client.org