Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a526d9b7-e689-4815-8b32-a583fae4e6f1.roa
File: a526d9b7-e689-4815-8b32-a583fae4e6f1.roa (raw, json)
Hash identifier: d4S+dA8qLIFG2mYdV5lMO70SSiqTD34t0VC6y67X73U=
Subject key identifier: D8:D0:DE:80:A4:9E:49:FF:2D:95:6A:F0:81:9D:E6:10:DD:05:E2:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B8F5A902421E0E51DF555F3EDBCF1468E7B2F3A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a526d9b7-e689-4815-8b32-a583fae4e6f1.roa
Signing time: Mon 04 Nov 2024 00:00:00 +0000
ROA not before: Mon 04 Nov 2024 00:00:00 +0000
ROA not after: Mon 09 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:8f:5a:90:24:21:e0:e5:1d:f5:55:f3:ed:bc:f1:46:8e:7b:2f:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 00:00:00 2024 GMT
Not After : Dec 9 23:59:59 2024 GMT
Subject: serialNumber=19d58c21e799f522cc7cd7183b20fb92ec443e574d01a22c84cb312d17e1e5f8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:36:41:93:e7:94:e5:a5:4b:26:45:97:9c:49:
a5:28:6f:1d:d5:fb:ef:a6:f2:d4:0e:8e:b1:48:b8:
a1:c5:a2:ee:d8:cd:4c:cd:3e:58:99:9e:66:3c:0f:
97:a5:01:93:5a:6c:eb:aa:13:5b:fa:ab:39:32:1c:
38:00:d4:09:39:38:a7:07:fe:18:38:87:ae:84:5d:
d7:85:7f:40:cd:be:3d:72:e5:fc:e7:f3:6d:c1:57:
75:c2:c7:17:24:13:ba:93:d5:34:ff:63:2f:e4:55:
78:a8:d7:99:76:36:38:9f:ab:f2:8d:32:d6:3a:b6:
4a:af:c3:a1:f5:9c:2c:bb:30:3f:d7:10:42:26:e4:
d5:a1:6f:f4:b0:5d:d7:9e:cd:58:0b:92:e6:de:cd:
ff:bc:8b:08:e2:83:14:af:64:a0:22:95:ab:67:ff:
66:1b:5a:65:b5:e0:57:7d:90:b0:ec:5e:2e:78:1e:
22:68:09:2e:ec:4c:4c:92:8f:f4:6e:4e:8c:6a:87:
ca:01:b7:0b:1e:17:80:5a:24:f0:bc:03:06:b9:fe:
1f:57:09:56:4e:f2:90:53:75:0e:1a:82:19:d5:2b:
81:a8:82:9d:20:ba:b9:f1:4e:61:f6:06:a9:77:b0:
ec:e0:e6:fb:8c:7a:43:d0:57:6f:8a:84:02:5a:b2:
94:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D0:DE:80:A4:9E:49:FF:2D:95:6A:F0:81:9D:E6:10:DD:05:E2:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a526d9b7-e689-4815-8b32-a583fae4e6f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:e000::/40
Signature Algorithm: sha256WithRSAEncryption
05:bc:4e:7d:48:5a:e6:1c:87:c8:98:e9:01:5d:ef:83:ac:2f:
45:f9:74:a9:ab:98:05:88:98:6c:4b:17:72:f3:7b:c5:33:a2:
7a:46:19:67:df:b9:ef:08:d1:87:87:dd:af:6a:f8:35:87:f0:
b0:6d:ad:bb:7a:d5:d1:f6:13:b7:d6:f4:ca:d3:61:8c:1f:0a:
ca:3c:3b:fa:58:53:6b:c2:6a:89:0e:85:40:d5:29:7b:3c:3f:
24:7e:b3:ec:f6:0e:d6:29:3b:c3:b5:b9:c3:ba:7d:b6:d8:d7:
ea:80:97:5d:03:df:9e:1f:b8:66:b8:1f:4d:9e:97:45:ee:b6:
8b:43:c5:78:ce:5b:41:95:89:de:9f:f2:35:11:ce:39:7a:95:
6f:cb:9e:a5:6c:ef:d9:1e:2b:08:66:4a:ed:75:4b:12:7b:37:
68:b0:3d:00:1b:0e:12:23:3b:8f:1c:30:7a:54:95:5b:84:f6:
23:56:62:11:12:29:30:fd:ff:80:04:2b:44:25:ef:43:10:31:
f7:38:06:94:03:5c:25:de:83:81:6a:b9:4f:be:0c:fa:44:1f:
30:2d:52:3c:67:25:6e:1b:c0:02:65:73:b0:6d:02:ed:bd:76:
6e:46:09:41:62:de:1b:8c:26:d2:9c:97:1a:17:bb:c9:36:69:
e8:8d:00:69
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUC49akCQh4OUd9VXz7bzxRo57LzowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMDQwMDAwMDBaFw0yNDEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5ZDU4YzIxZTc5OWY1MjJjYzdjZDcxODNiMjBmYjkyZWM0NDNlNTc0ZDAx
YTIyYzg0Y2IzMTJkMTdlMWU1ZjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALU2QZPnlOWlSyZFl5xJpShvHdX776by1A6OsUi4ocWi7tjNTM0+WJmeZjwP
l6UBk1ps66oTW/qrOTIcOADUCTk4pwf+GDiHroRd14V/QM2+PXLl/OfzbcFXdcLH
FyQTupPVNP9jL+RVeKjXmXY2OJ+r8o0y1jq2Sq/DofWcLLswP9cQQibk1aFv9LBd
157NWAuS5t7N/7yLCOKDFK9koCKVq2f/ZhtaZbXgV32QsOxeLngeImgJLuxMTJKP
9G5OjGqHygG3Cx4XgFok8LwDBrn+H1cJVk7ykFN1DhqCGdUrgaiCnSC6ufFOYfYG
qXew7ODm+4x6Q9BXb4qEAlqylCECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTY0N6A
pJ5J/y2VavCBneYQ3QXi6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTUyNmQ5YjctZTY4OS00ODE1LThiMzItYTU4M2ZhZTRlNmYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hbg
MA0GCSqGSIb3DQEBCwUAA4IBAQAFvE59SFrmHIfImOkBXe+DrC9F+XSpq5gFiJhs
Sxdy83vFM6J6Rhln37nvCNGHh92vavg1h/Cwba27etXR9hO31vTK02GMHwrKPDv6
WFNrwmqJDoVA1Sl7PD8kfrPs9g7WKTvDtbnDun222NfqgJddA9+eH7hmuB9NnpdF
7raLQ8V4zltBlYnen/I1Ec45epVvy56lbO/ZHisIZkrtdUsSezdosD0AGw4SIzuP
HDB6VJVbhPYjVmIREikw/f+ABCtEJe9DEDH3OAaUA1wl3oOBarlPvgz6RB8wLVI8
ZyVuG8ACZXOwbQLtvXZuRglBYt4bjCbSnJcaF7vJNmnojQBp
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:58:40 2024 by rpki-client on console-fra.rpki-client.org