Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a76c4bf7-5d73-44e2-9678-e0f57175e417.roa
File: a76c4bf7-5d73-44e2-9678-e0f57175e417.roa (raw, json)
Hash identifier: nz2rFV38CKYoOV0mGS+uxb16bN1+PQZlUV8vFcqvI3I=
Subject key identifier: DF:1B:91:8E:A8:08:0F:EC:73:73:E3:66:30:12:3D:86:99:9D:1C:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59F7F6D83233D413DE7E3B7F785E6692B3174FA7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a76c4bf7-5d73-44e2-9678-e0f57175e417.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014::/35 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:f7:f6:d8:32:33:d4:13:de:7e:3b:7f:78:5e:66:92:b3:17:4f:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=669369f14ea38d88b101f315c497c8d337f20524f5bebea8c6216987b5162133, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:37:f1:fd:1d:8d:d0:a9:37:00:2a:fb:dd:6e:
f0:6a:75:ac:ce:f9:34:66:3e:d8:e4:04:03:ed:84:
c4:7a:d1:bc:52:1e:48:17:31:b0:8e:9a:b1:c1:41:
6a:28:fb:39:38:15:da:62:91:66:77:5d:fa:cc:43:
ad:88:21:d7:ee:0c:6c:ac:9a:87:3c:66:d6:cb:ef:
3c:b7:35:d3:76:d9:7e:44:94:a4:3c:c8:45:01:78:
4f:26:f4:6d:5b:5f:a8:12:2e:0b:71:97:e7:04:62:
22:86:f4:77:6c:41:6d:95:96:e2:ec:50:ee:5d:33:
7f:85:24:f3:75:d5:e4:16:90:b4:c9:54:9c:83:b9:
52:b4:64:25:41:c3:50:08:ae:f3:05:1a:1b:48:62:
d4:c3:3d:ca:5d:7c:2a:20:12:f0:7e:01:64:5c:d4:
89:db:5f:58:03:72:6b:7e:10:98:a2:90:28:37:e4:
84:fc:93:34:27:0e:d4:cd:e5:94:5a:74:9a:7d:79:
21:96:86:9b:d1:97:2f:12:53:7a:b1:0c:0e:d3:d0:
9e:e2:55:f0:e7:d8:80:73:cf:60:98:71:24:9b:65:
dd:07:85:63:da:aa:e0:15:41:95:27:eb:c6:87:b0:
e2:27:7b:5e:a3:90:99:e7:3a:b5:df:1a:80:de:d1:
67:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:1B:91:8E:A8:08:0F:EC:73:73:E3:66:30:12:3D:86:99:9D:1C:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a76c4bf7-5d73-44e2-9678-e0f57175e417.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014::/35
Signature Algorithm: sha256WithRSAEncryption
6a:c4:d5:20:6b:77:f8:db:6f:0b:55:a2:1b:36:e7:a7:60:17:
05:85:5b:5b:d1:00:55:1b:3f:d9:58:1c:ee:b0:a9:04:5c:e6:
c7:a2:99:9b:f6:58:5c:ba:0f:69:b4:9a:2d:f0:5f:c7:c6:3e:
62:b6:52:b0:2b:53:f9:ff:44:25:03:53:8e:95:c6:34:3e:3b:
38:02:85:67:cd:de:f4:39:87:6e:e0:c3:d6:03:a1:0e:78:e2:
07:ff:e2:d4:e4:2e:a7:d4:47:84:b7:c8:96:19:94:43:fa:6c:
7f:84:b0:6d:b7:9d:95:e0:f3:7f:6d:03:b3:d7:1d:15:a1:53:
aa:a7:97:f3:20:6e:43:b2:0a:cc:4f:58:1e:67:30:97:b3:64:
6f:4e:8a:0a:4c:cc:a1:60:c4:c0:df:ab:4f:5d:c8:38:5f:b0:
db:5c:a4:ca:57:64:e1:c5:2e:82:b6:fb:a4:91:6d:36:89:cc:
a9:65:82:9e:b3:db:e4:a3:f5:e9:cb:ab:78:d1:6b:eb:ab:1c:
89:d0:31:94:b7:84:85:81:d1:80:b1:ab:0b:22:48:df:aa:47:
1a:22:c6:3e:e9:72:f1:7b:59:ed:e0:a7:88:8f:76:c9:32:a9:
b7:e6:27:ef:57:c0:13:cf:fd:ca:87:0d:4e:48:13:89:2e:73:
76:6c:6d:5c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWff22DIz1BPefjt/eF5mkrMXT6cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2OTM2OWYxNGVhMzhkODhiMTAxZjMxNWM0OTdjOGQzMzdmMjA1MjRmNWJl
YmVhOGM2MjE2OTg3YjUxNjIxMzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOg38f0djdCpNwAq+91u8Gp1rM75NGY+2OQEA+2ExHrRvFIeSBcxsI6ascFB
aij7OTgV2mKRZndd+sxDrYgh1+4MbKyahzxm1svvPLc103bZfkSUpDzIRQF4Tyb0
bVtfqBIuC3GX5wRiIob0d2xBbZWW4uxQ7l0zf4Uk83XV5BaQtMlUnIO5UrRkJUHD
UAiu8wUaG0hi1MM9yl18KiAS8H4BZFzUidtfWANya34QmKKQKDfkhPyTNCcO1M3l
lFp0mn15IZaGm9GXLxJTerEMDtPQnuJV8OfYgHPPYJhxJJtl3QeFY9qq4BVBlSfr
xoew4id7XqOQmec6td8agN7RZ4cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTfG5GO
qAgP7HNz42YwEj2GmZ0cEzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc2YzRiZjctNWQ3My00NGUyLTk2NzgtZTBmNTcxNzVlNDE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBSoF0BQA
MA0GCSqGSIb3DQEBCwUAA4IBAQBqxNUga3f4228LVaIbNuenYBcFhVtb0QBVGz/Z
WBzusKkEXObHopmb9lhcug9ptJot8F/Hxj5itlKwK1P5/0QlA1OOlcY0Pjs4AoVn
zd70OYdu4MPWA6EOeOIH/+LU5C6n1EeEt8iWGZRD+mx/hLBtt52V4PN/bQOz1x0V
oVOqp5fzIG5DsgrMT1geZzCXs2RvTooKTMyhYMTA36tPXcg4X7DbXKTKV2ThxS6C
tvukkW02icypZYKes9vko/Xpy6t40WvrqxyJ0DGUt4SFgdGAsasLIkjfqkcaIsY+
6XLxe1nt4KeIj3bJMqm35ifvV8ATz/3Khw1OSBOJLnN2bG1c
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:32 2024 by rpki-client on console-fra.rpki-client.org