Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a380f4dc-ddaf-44f7-adac-c908e52ec48c.roa
File: a380f4dc-ddaf-44f7-adac-c908e52ec48c.roa (raw, json)
Hash identifier: 5El3Vlfz6sFuZkf2pT/q+tdCZb+jHfHPhK330PMcOA8=
Subject key identifier: F9:C8:C6:92:AF:1F:14:4E:36:61:02:E3:1E:FB:A4:D4:66:BA:60:CE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D2D3DA39F6B5B79E4FF29F320125DDC3DE4934D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a380f4dc-ddaf-44f7-adac-c908e52ec48c.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:2d:3d:a3:9f:6b:5b:79:e4:ff:29:f3:20:12:5d:dc:3d:e4:93:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=53a77c6714aa8e4316350eb04ff769768137908a79332b4af3bfe19e870e9ab7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:9e:a4:c5:4d:e3:dd:9b:67:ad:3a:56:89:a3:
29:15:14:95:32:69:00:3c:34:9f:65:a6:f2:68:64:
30:8d:c3:98:ff:9b:6a:ba:ff:02:c0:f6:1d:cf:21:
89:c7:af:6d:d8:70:82:1d:5a:9c:35:c0:37:64:da:
b1:77:60:94:8d:80:37:f2:00:c9:80:86:e0:c0:cb:
16:81:5d:91:21:f6:63:f0:95:bc:12:97:b6:fe:af:
12:45:e6:25:d3:b6:67:89:60:33:5b:f6:0d:57:00:
e7:7a:86:da:c9:43:12:36:34:67:3e:4e:b6:26:ae:
ee:21:28:50:1f:9b:cc:a2:17:03:b7:c7:de:18:a9:
8f:b7:f7:cd:ca:66:1c:e4:0f:f9:3a:20:0a:a7:09:
9a:7f:1f:b6:9f:14:a8:b4:33:03:1b:80:3b:95:21:
b4:fc:01:36:95:e7:f3:12:0d:2d:39:95:55:7d:16:
e2:aa:1e:af:49:09:e9:0c:5a:1b:cf:34:c2:63:8c:
74:ef:6c:13:c3:51:00:d8:57:c7:09:a1:d8:e6:27:
c9:4c:f0:09:cc:de:66:80:da:3e:90:2f:af:ef:79:
7f:fa:0b:e0:b9:29:25:26:92:bc:29:34:3b:3d:45:
a2:63:a7:94:20:33:a4:9b:2f:17:b6:4f:2d:f8:c8:
fb:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:C8:C6:92:AF:1F:14:4E:36:61:02:E3:1E:FB:A4:D4:66:BA:60:CE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a380f4dc-ddaf-44f7-adac-c908e52ec48c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:1000::/40
Signature Algorithm: sha256WithRSAEncryption
0a:3b:e1:89:98:be:22:b8:6f:2b:8c:31:e6:88:ee:2d:7b:86:
03:54:07:19:ca:77:6b:3b:a2:8d:e5:27:1e:20:c6:b4:a8:30:
b6:68:32:8a:84:00:72:85:ad:88:1f:7d:7c:8f:e5:66:f6:c5:
3c:6e:7b:c5:5c:a1:68:ef:94:a4:ee:e1:9d:8a:e7:8f:e7:08:
27:32:4f:40:6d:9a:0e:fd:cd:0f:e6:c9:3a:55:1d:9f:8e:80:
fd:30:fe:6b:22:c9:66:b9:54:c0:e2:1f:2e:2a:a2:04:11:78:
63:81:28:54:d0:b5:1e:4a:6c:de:d3:a5:34:4c:7f:93:f6:94:
13:87:68:10:89:4c:03:4a:e1:9e:41:d2:16:f6:71:47:54:6f:
ed:18:65:62:4e:e7:6a:30:79:68:f6:09:ad:b6:73:17:99:b4:
ee:15:30:20:14:09:40:07:fc:c9:72:16:1c:4c:3d:0f:71:ce:
71:ea:2b:9a:02:d8:98:57:5a:01:00:f9:a9:ad:fc:5c:01:09:
52:e3:a5:ed:bb:99:29:2a:95:d1:7d:27:c7:f6:68:69:29:f8:
b2:29:74:44:6c:d1:7f:b6:50:6d:03:6c:83:11:28:c3:42:0e:
ec:78:3a:17:82:f5:86:94:8f:42:94:40:72:04:0d:22:31:98:
c9:e1:c7:26
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTS09o59rW3nk/ynzIBJd3D3kk00wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzYTc3YzY3MTRhYThlNDMxNjM1MGViMDRmZjc2OTc2ODEzNzkwOGE3OTMz
MmI0YWYzYmZlMTllODcwZTlhYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPqepMVN492bZ606VomjKRUUlTJpADw0n2Wm8mhkMI3DmP+barr/AsD2Hc8h
icevbdhwgh1anDXAN2TasXdglI2AN/IAyYCG4MDLFoFdkSH2Y/CVvBKXtv6vEkXm
JdO2Z4lgM1v2DVcA53qG2slDEjY0Zz5Otiau7iEoUB+bzKIXA7fH3hipj7f3zcpm
HOQP+TogCqcJmn8ftp8UqLQzAxuAO5UhtPwBNpXn8xINLTmVVX0W4qoer0kJ6Qxa
G880wmOMdO9sE8NRANhXxwmh2OYnyUzwCczeZoDaPpAvr+95f/oL4LkpJSaSvCk0
Oz1FomOnlCAzpJsvF7ZPLfjI+48CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT5yMaS
rx8UTjZhAuMe+6TUZrpgzjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTM4MGY0ZGMtZGRhZi00NGY3LWFkYWMtYzkwOGU1MmVjNDhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAKO+GJmL4iuG8rjDHmiO4te4YDVAcZyndrO6KN
5SceIMa0qDC2aDKKhAByha2IH318j+Vm9sU8bnvFXKFo75Sk7uGdiueP5wgnMk9A
bZoO/c0P5sk6VR2fjoD9MP5rIslmuVTA4h8uKqIEEXhjgShU0LUeSmze06U0TH+T
9pQTh2gQiUwDSuGeQdIW9nFHVG/tGGViTudqMHlo9gmttnMXmbTuFTAgFAlAB/zJ
chYcTD0Pcc5x6iuaAtiYV1oBAPmprfxcAQlS46Xtu5kpKpXRfSfH9mhpKfiyKXRE
bNF/tlBtA2yDESjDQg7seDoXgvWGlI9ClEByBA0iMZjJ4ccm
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:32 2024 by rpki-client on console-fra.rpki-client.org