Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a526d9b7-e689-4815-8b32-a583fae4e6f1.roa
File: a526d9b7-e689-4815-8b32-a583fae4e6f1.roa (raw, json)
Hash identifier: w7wpqkpJjypi7G915WTBQfqoDQvIS0n84/xBXKcuGts=
Subject key identifier: 22:7D:FC:3D:4D:9B:AB:88:D7:01:AE:0B:82:0A:DC:95:F9:7F:9A:AA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 29F4C398EAE636EB97195B8D5EE0ED93B2E465D1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a526d9b7-e689-4815-8b32-a583fae4e6f1.roa
Signing time: Sat 13 Apr 2024 00:00:00 +0000
ROA not before: Sat 13 Apr 2024 00:00:00 +0000
ROA not after: Sat 18 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:f4:c3:98:ea:e6:36:eb:97:19:5b:8d:5e:e0:ed:93:b2:e4:65:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 13 00:00:00 2024 GMT
Not After : May 18 23:59:59 2024 GMT
Subject: serialNumber=2d63a4c84ede993365f7b1f399a2b632c9bf0ed9228367830c34d8b8ae89ce02, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:38:10:e0:23:67:7b:26:12:3d:28:59:1c:5d:
34:ba:2c:56:95:f3:f5:27:f4:99:1e:23:e4:47:22:
8c:d5:2f:31:cb:7e:2c:e5:05:6e:82:b1:3b:96:d0:
69:17:2a:f2:5b:2d:aa:d4:f7:f2:1c:67:0b:77:70:
bb:02:2d:98:4c:3f:32:9b:a3:4c:7a:2a:a0:21:d7:
bd:df:f7:44:f4:1f:91:12:db:c6:cd:48:e5:9a:83:
5d:d8:fc:67:4e:16:b1:9c:54:94:10:51:1e:57:6a:
32:b9:c0:6e:0c:5d:03:2f:5f:39:1c:68:e4:32:60:
5e:06:c3:c7:d7:92:b3:67:01:f1:a1:e9:d8:3c:9a:
38:c0:20:3a:78:53:5c:37:0f:cb:95:34:d8:2b:83:
0f:51:ed:16:a6:61:1f:72:1b:1b:c8:e2:f5:28:70:
d2:69:02:c6:03:3e:87:a3:6a:de:f9:ed:93:9a:05:
87:f8:28:00:0e:e5:01:4a:d9:a8:b7:04:2c:d1:d6:
45:46:31:f5:1f:5d:2d:18:e7:48:b7:6b:a3:e0:6f:
63:f6:1b:66:68:94:08:85:d2:39:d2:fe:7e:9b:66:
34:16:48:e2:21:e9:46:d3:aa:08:73:98:1e:17:76:
22:7f:de:42:fe:1c:53:3f:b6:c4:14:0f:de:1c:f8:
82:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:7D:FC:3D:4D:9B:AB:88:D7:01:AE:0B:82:0A:DC:95:F9:7F:9A:AA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a526d9b7-e689-4815-8b32-a583fae4e6f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:e000::/40
Signature Algorithm: sha256WithRSAEncryption
bf:d0:c6:6d:d1:8e:c2:1f:96:82:8e:3a:10:d6:17:64:4b:4e:
a6:1f:d9:5d:10:ca:16:93:da:2f:16:e7:6f:9d:2a:e8:64:82:
bb:87:c7:7a:16:30:2e:03:e8:2a:98:4d:9a:b8:2e:a7:e5:fd:
29:ea:3f:df:ef:fc:42:e8:3c:80:d7:d0:6e:b2:33:12:46:fe:
09:ac:6c:c3:55:9b:e5:cf:00:2f:94:39:ef:08:23:57:2c:0b:
ef:72:f5:3c:4a:fd:6b:da:f3:f8:2c:ee:54:5b:3b:8a:1b:67:
67:10:09:8c:f2:dd:7b:4b:dd:9f:6c:08:c7:94:00:7d:bf:ad:
13:b5:f4:8c:0a:86:62:cb:25:c4:3c:38:b8:8d:f8:34:24:f9:
a1:79:93:e7:45:85:3c:72:3d:f9:ca:47:76:36:bf:79:f5:4d:
72:fb:33:0b:a0:c3:93:2f:cc:1b:69:42:38:0f:52:a8:78:89:
9e:0b:32:6a:bc:2e:22:52:c7:57:b0:47:2c:74:bd:3c:70:d6:
6a:a2:8f:15:a8:12:29:74:87:2c:68:70:db:64:14:0f:6c:63:
86:d7:4b:55:3f:88:df:20:b2:79:19:cb:02:c6:ae:e5:1b:bd:
ce:c9:7a:76:69:e4:b8:67:c7:c1:53:3d:34:42:ee:94:d5:4a:
2b:62:45:9a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKfTDmOrmNuuXGVuNXuDtk7LkZdEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MTMwMDAwMDBaFw0yNDA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkNjNhNGM4NGVkZTk5MzM2NWY3YjFmMzk5YTJiNjMyYzliZjBlZDkyMjgz
Njc4MzBjMzRkOGI4YWU4OWNlMDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMw4EOAjZ3smEj0oWRxdNLosVpXz9Sf0mR4j5EcijNUvMct+LOUFboKxO5bQ
aRcq8lstqtT38hxnC3dwuwItmEw/MpujTHoqoCHXvd/3RPQfkRLbxs1I5ZqDXdj8
Z04WsZxUlBBRHldqMrnAbgxdAy9fORxo5DJgXgbDx9eSs2cB8aHp2DyaOMAgOnhT
XDcPy5U02CuDD1HtFqZhH3IbG8ji9Shw0mkCxgM+h6Nq3vntk5oFh/goAA7lAUrZ
qLcELNHWRUYx9R9dLRjnSLdro+BvY/YbZmiUCIXSOdL+fptmNBZI4iHpRtOqCHOY
Hhd2In/eQv4cUz+2xBQP3hz4gl8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQiffw9
TZuriNcBrguCCtyV+X+aqjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTUyNmQ5YjctZTY4OS00ODE1LThiMzItYTU4M2ZhZTRlNmYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hbg
MA0GCSqGSIb3DQEBCwUAA4IBAQC/0MZt0Y7CH5aCjjoQ1hdkS06mH9ldEMoWk9ov
FudvnSroZIK7h8d6FjAuA+gqmE2auC6n5f0p6j/f7/xC6DyA19BusjMSRv4JrGzD
VZvlzwAvlDnvCCNXLAvvcvU8Sv1r2vP4LO5UWzuKG2dnEAmM8t17S92fbAjHlAB9
v60TtfSMCoZiyyXEPDi4jfg0JPmheZPnRYU8cj35ykd2Nr959U1y+zMLoMOTL8wb
aUI4D1KoeImeCzJqvC4iUsdXsEcsdL08cNZqoo8VqBIpdIcsaHDbZBQPbGOG10tV
P4jfILJ5GcsCxq7lG73OyXp2aeS4Z8fBUz00Qu6U1UorYkWa
-----END CERTIFICATE-----
Generated at Sat Apr 27 17:54:24 2024 by rpki-client on console-ams.rpki-client.org