Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a88367e7-0dbc-4c05-8e09-7593b923bed7.roa
File: a88367e7-0dbc-4c05-8e09-7593b923bed7.roa (raw, json)
Hash identifier: lraAapHEGKJAJVgqCkLNfIHW94HXOm4vI+auDXlh9/s=
Subject key identifier: AC:23:45:27:AF:97:CA:40:D2:39:FB:03:F4:CA:7C:8A:9D:18:A4:42
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0638CD4DC64A0F8D49E0A2AFCD8CF22CB22753D6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a88367e7-0dbc-4c05-8e09-7593b923bed7.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:38:cd:4d:c6:4a:0f:8d:49:e0:a2:af:cd:8c:f2:2c:b2:27:53:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=b2d4cc9ce798fb470297e1b9e26446b33e4d54014b9f867c9959b31f1c30acd4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2c:8f:33:82:da:fb:0e:75:8f:3f:76:3c:f8:
0f:99:cb:a7:24:1e:1a:da:51:cd:92:b1:4a:11:c6:
cf:57:53:b7:52:f4:9d:33:79:60:23:aa:76:2a:06:
9d:dc:2d:ad:33:4b:3f:16:d0:a1:3c:c1:63:79:c8:
2b:55:a6:7f:df:3a:fe:c1:7a:df:6a:fd:07:6e:9c:
19:96:cf:26:fb:94:9b:1f:34:5f:7e:32:f2:72:4d:
ed:70:19:ee:6d:8c:2a:73:27:5f:3a:22:4d:53:cb:
7d:3b:93:3c:aa:8b:c0:5f:21:48:8e:4a:3b:05:84:
e7:21:25:18:83:cc:a2:f0:6a:b1:62:3a:b7:dd:f7:
86:c2:94:6a:a8:69:e0:e5:2c:ec:33:92:19:99:e1:
c7:05:77:0a:85:0b:e0:0e:47:37:bd:5b:93:d4:a1:
ce:bc:9c:2a:f0:e5:f5:87:7b:52:1d:38:04:88:0b:
90:41:a6:8b:2f:c8:ac:c7:38:9e:f6:0b:e2:dc:a8:
74:58:d0:7f:8f:37:a2:f1:fa:70:20:91:69:c8:c4:
d8:91:48:cb:38:b0:4a:3d:e2:49:5b:aa:15:33:1b:
5f:6b:c7:e6:a0:cc:ec:81:0b:11:01:fb:2e:a4:80:
cf:71:e9:6a:8b:6d:87:cc:cc:a0:71:87:d9:3d:1d:
76:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:23:45:27:AF:97:CA:40:D2:39:FB:03:F4:CA:7C:8A:9D:18:A4:42
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a88367e7-0dbc-4c05-8e09-7593b923bed7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:8000::/40
Signature Algorithm: sha256WithRSAEncryption
34:2d:eb:d0:76:0b:83:10:35:a1:a4:62:e1:9c:2c:31:ad:44:
36:76:70:1b:37:7c:c6:1c:41:7b:26:e5:4d:da:f1:b9:8e:70:
da:dc:cf:29:48:d3:0d:82:88:c1:8e:dd:19:95:60:b9:9b:27:
33:ff:e7:a3:f3:9a:1d:19:c3:eb:ac:5c:9e:b9:15:3e:63:dc:
32:89:23:ea:53:74:47:2d:2f:67:1e:3c:22:fb:dd:eb:62:7d:
f4:c3:49:dc:03:b4:19:bb:81:40:4e:86:06:89:81:12:5a:b5:
b6:87:5a:9f:a5:97:aa:d8:54:9a:b3:97:7c:d7:e1:7f:32:fd:
d0:0c:0b:71:5e:ea:24:35:57:66:bd:4e:95:6c:37:68:9d:70:
ad:fb:78:f6:9f:0d:83:bd:1e:e4:5c:88:8a:6a:4a:34:67:0b:
05:94:53:23:3b:ec:71:b7:c9:65:8d:e0:c8:f4:e9:65:a6:fb:
71:02:16:60:6d:d1:40:fa:2d:78:32:6c:92:45:da:1a:4a:f7:
91:40:ed:19:7c:e5:83:9a:46:d9:09:db:b9:1e:70:0f:91:9e:
f9:10:c1:f5:1e:c4:b9:5b:ae:a7:1e:71:d4:e1:2f:39:e2:9a:
c0:ad:49:3f:f3:e3:74:f9:50:17:1a:43:e8:74:ca:51:d4:fb:
3a:92:1d:99
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBjjNTcZKD41J4KKvzYzyLLInU9YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyZDRjYzljZTc5OGZiNDcwMjk3ZTFiOWUyNjQ0NmIzM2U0ZDU0MDE0Yjlm
ODY3Yzk5NTliMzFmMWMzMGFjZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALosjzOC2vsOdY8/djz4D5nLpyQeGtpRzZKxShHGz1dTt1L0nTN5YCOqdioG
ndwtrTNLPxbQoTzBY3nIK1Wmf986/sF632r9B26cGZbPJvuUmx80X34y8nJN7XAZ
7m2MKnMnXzoiTVPLfTuTPKqLwF8hSI5KOwWE5yElGIPMovBqsWI6t933hsKUaqhp
4OUs7DOSGZnhxwV3CoUL4A5HN71bk9ShzrycKvDl9Yd7Uh04BIgLkEGmiy/IrMc4
nvYL4tyodFjQf483ovH6cCCRacjE2JFIyziwSj3iSVuqFTMbX2vH5qDM7IELEQH7
LqSAz3Hpaotth8zMoHGH2T0ddvkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSsI0Un
r5fKQNI5+wP0ynyKnRikQjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTg4MzY3ZTctMGRiYy00YzA1LThlMDktNzU5M2I5MjNiZWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DqA
MA0GCSqGSIb3DQEBCwUAA4IBAQA0LevQdguDEDWhpGLhnCwxrUQ2dnAbN3zGHEF7
JuVN2vG5jnDa3M8pSNMNgojBjt0ZlWC5mycz/+ej85odGcPrrFyeuRU+Y9wyiSPq
U3RHLS9nHjwi+93rYn30w0ncA7QZu4FAToYGiYESWrW2h1qfpZeq2FSas5d81+F/
Mv3QDAtxXuokNVdmvU6VbDdonXCt+3j2nw2DvR7kXIiKako0ZwsFlFMjO+xxt8ll
jeDI9OllpvtxAhZgbdFA+i14MmySRdoaSveRQO0ZfOWDmkbZCdu5HnAPkZ75EMH1
HsS5W66nHnHU4S854prArUk/8+N0+VAXGkPodMpR1Ps6kh2Z
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:32 2024 by rpki-client on console-fra.rpki-client.org