Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a936626d-d488-4592-873a-b340b1b23c31.roa
File: a936626d-d488-4592-873a-b340b1b23c31.roa (raw, json)
Hash identifier: ifKMunXSTxdtxhK1XPX+Hl3NNMBQX8UgIk787zzVXDY=
Subject key identifier: 38:B8:C7:EC:8C:D5:15:3E:AB:F6:81:62:7C:1E:DB:A2:6B:4C:AD:B7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4689A83981B27ECF5BD425AC94D5D58C2A5E126D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a936626d-d488-4592-873a-b340b1b23c31.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:89:a8:39:81:b2:7e:cf:5b:d4:25:ac:94:d5:d5:8c:2a:5e:12:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=2f221a85412e07e22fc699a90f3603c51202b52a71e475a54035edaa1daffc3a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:fb:a6:75:2b:96:24:d3:ae:24:6e:80:76:61:
b7:81:b4:ab:03:7c:54:61:9c:b1:78:59:a0:12:75:
6f:fa:4d:fb:30:cb:61:25:c7:af:e2:0b:37:8a:6f:
ee:ef:8f:f5:e9:c3:13:c4:5b:f6:f4:48:b1:da:3b:
2b:1b:cf:c6:97:75:12:eb:e5:2c:dd:40:d5:ee:e2:
db:10:fd:64:bf:51:93:b9:b2:5d:8c:64:2d:e5:f5:
25:b7:2f:8c:61:13:f9:8c:27:3f:11:37:48:8e:58:
67:c6:6c:e6:bd:62:41:89:34:29:ad:b5:bd:3a:24:
bb:2a:d5:a7:37:9a:17:ce:ea:0c:ed:35:62:2d:44:
74:44:c0:90:9f:2e:ee:d1:91:ce:e2:9a:1c:03:30:
53:fd:f2:7e:c1:6e:b8:41:ca:26:29:37:c2:fc:6d:
46:97:b0:46:6b:35:ab:39:08:9b:08:1d:e0:af:e1:
d0:2f:c6:2f:82:c2:b5:73:c9:c4:b7:a6:52:22:c6:
87:d2:9f:7b:d8:3d:90:e5:32:04:6d:98:f7:c6:6d:
45:97:05:b2:fe:75:43:53:cb:c2:50:83:59:f1:e2:
0e:27:89:23:6e:e4:a4:20:06:3f:ae:ba:da:85:40:
41:15:ff:b0:73:4e:2d:17:3c:16:cf:c0:1d:bc:b5:
17:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B8:C7:EC:8C:D5:15:3E:AB:F6:81:62:7C:1E:DB:A2:6B:4C:AD:B7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a936626d-d488-4592-873a-b340b1b23c31.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:b000::/40
Signature Algorithm: sha256WithRSAEncryption
28:62:74:b1:a8:4a:c5:27:4b:ed:33:cc:c7:54:4d:d1:65:ec:
d7:c4:ac:cf:84:d9:6c:7d:13:56:66:c2:ab:f9:da:3e:df:d9:
e3:b5:73:b3:d5:76:36:7b:28:9f:03:6f:05:51:37:38:01:91:
c1:55:a7:f8:f5:d0:98:ae:81:67:4c:9e:ef:a9:f3:17:82:aa:
31:43:fe:26:15:f2:a6:b5:33:21:07:50:7f:f5:9d:93:ad:01:
76:5d:65:7a:be:d8:05:8a:08:0b:a1:91:b3:8f:29:7c:6e:3d:
55:56:98:89:45:90:38:64:e7:9f:75:c8:6b:1d:e6:e3:f0:5c:
d7:7c:55:eb:06:aa:63:ce:d5:47:d7:f9:e4:94:59:bc:01:cc:
8d:44:d0:3a:fa:9e:1d:1e:8f:c7:b4:6b:24:2c:aa:b3:8e:ba:
c0:98:48:78:99:97:03:34:f6:1d:1c:be:42:3c:d9:5c:56:1e:
00:16:80:27:ac:52:97:a2:4c:55:9c:c8:7e:ad:45:d7:42:e6:
0e:63:90:3c:f2:2e:8d:e6:68:7f:54:a7:b7:48:53:af:7d:7d:
15:98:4c:b9:ff:a5:f4:18:cb:e0:88:4c:7b:7d:91:62:65:67:
ad:02:0d:ca:2c:61:df:7c:28:fc:8c:e8:e9:c1:9a:e9:1c:6f:
6c:1d:56:cb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURomoOYGyfs9b1CWslNXVjCpeEm0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmMjIxYTg1NDEyZTA3ZTIyZmM2OTlhOTBmMzYwM2M1MTIwMmI1MmE3MWU0
NzVhNTQwMzVlZGFhMWRhZmZjM2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAND7pnUrliTTriRugHZht4G0qwN8VGGcsXhZoBJ1b/pN+zDLYSXHr+ILN4pv
7u+P9enDE8Rb9vRIsdo7KxvPxpd1EuvlLN1A1e7i2xD9ZL9Rk7myXYxkLeX1Jbcv
jGET+YwnPxE3SI5YZ8Zs5r1iQYk0Ka21vTokuyrVpzeaF87qDO01Yi1EdETAkJ8u
7tGRzuKaHAMwU/3yfsFuuEHKJik3wvxtRpewRms1qzkImwgd4K/h0C/GL4LCtXPJ
xLemUiLGh9Kfe9g9kOUyBG2Y98ZtRZcFsv51Q1PLwlCDWfHiDieJI27kpCAGP666
2oVAQRX/sHNOLRc8Fs/AHby1F+MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ4uMfs
jNUVPqv2gWJ8Htuia0yttzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTkzNjYyNmQtZDQ4OC00NTkyLTg3M2EtYjM0MGIxYjIzYzMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCw
MA0GCSqGSIb3DQEBCwUAA4IBAQAoYnSxqErFJ0vtM8zHVE3RZezXxKzPhNlsfRNW
ZsKr+do+39njtXOz1XY2eyifA28FUTc4AZHBVaf49dCYroFnTJ7vqfMXgqoxQ/4m
FfKmtTMhB1B/9Z2TrQF2XWV6vtgFiggLoZGzjyl8bj1VVpiJRZA4ZOefdchrHebj
8FzXfFXrBqpjztVH1/nklFm8AcyNRNA6+p4dHo/HtGskLKqzjrrAmEh4mZcDNPYd
HL5CPNlcVh4AFoAnrFKXokxVnMh+rUXXQuYOY5A88i6N5mh/VKe3SFOvfX0VmEy5
/6X0GMvgiEx7fZFiZWetAg3KLGHffCj8jOjpwZrpHG9sHVbL
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:58:40 2024 by rpki-client on console-fra.rpki-client.org