Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a96d9971-6d4e-47a3-9408-d633699b643b.roa
File: a96d9971-6d4e-47a3-9408-d633699b643b.roa (raw, json)
Hash identifier: HILQncsyHCBdgkMA74b+HCmr5H4evDNwGkFuu8fBVxA=
Subject key identifier: 29:C1:14:14:04:34:D8:66:1A:5F:3F:3D:81:FC:15:2F:58:4E:E4:0F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 343B83D10747590F54369B65BBDAED7D8BA45E8D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a96d9971-6d4e-47a3-9408-d633699b643b.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:3b:83:d1:07:47:59:0f:54:36:9b:65:bb:da:ed:7d:8b:a4:5e:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=8f44811cf83a825cefac7d02b53c674a38aedf8439bec222ed8a0562987d757b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:76:40:fe:d3:ed:e5:53:78:34:4f:35:7d:f8:
0f:fd:c6:83:f5:0c:8e:06:a4:88:f4:11:e2:33:43:
bd:80:86:7a:39:34:d3:68:26:14:84:46:a8:e4:49:
8c:9d:c1:fd:fd:f2:67:22:20:d4:f7:d4:d4:21:38:
bd:9d:ff:be:16:d5:3d:2f:0e:35:b7:2b:b8:11:f2:
3a:77:16:55:ee:30:2d:d9:45:5c:c6:af:17:3f:73:
c8:b7:00:71:d1:1c:aa:ed:bd:69:33:78:aa:f1:8d:
ca:7d:63:95:43:19:ab:53:94:d7:c6:c2:56:92:1c:
ee:ad:f3:47:2d:84:5b:72:11:c5:d1:d9:aa:46:54:
5d:6b:58:38:3e:05:3a:70:d0:28:e0:6f:4f:9b:06:
f5:b6:07:73:85:c3:ea:a6:51:ed:e3:9a:10:71:da:
97:8f:f0:71:89:85:5c:3c:82:e7:7e:dc:f6:eb:cc:
e6:8b:17:ef:1c:89:21:ee:96:a5:de:16:82:9f:69:
57:4d:23:45:50:86:66:99:a9:b8:fa:b7:51:8c:bc:
97:f3:1c:9c:aa:c4:74:64:a8:3f:9b:1f:ce:b3:94:
22:70:69:ba:90:7d:46:d8:b5:2d:08:04:12:59:cf:
ad:86:0a:86:b9:ff:65:dd:06:f4:bf:93:dc:04:22:
33:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:C1:14:14:04:34:D8:66:1A:5F:3F:3D:81:FC:15:2F:58:4E:E4:0F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a96d9971-6d4e-47a3-9408-d633699b643b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:2000::/40
Signature Algorithm: sha256WithRSAEncryption
88:b6:3d:0d:17:c2:4d:85:85:6e:16:14:74:f3:c5:22:7c:85:
8c:70:49:30:a5:fb:d8:92:95:c7:34:c0:03:e0:10:7b:8b:fa:
f9:49:86:e0:d4:0a:ac:e1:f5:db:39:4d:c9:40:05:23:87:6b:
74:6b:db:4f:ab:2c:37:0d:07:be:f3:02:9a:43:74:0a:ac:bf:
a8:b3:84:54:5c:1e:a9:0d:6f:2a:5b:d6:0f:ae:84:9c:e0:41:
e4:ee:7f:b4:e3:0c:68:27:3a:7f:21:e7:0d:ba:08:54:40:e6:
0f:59:7f:9b:b7:02:14:2b:99:b8:34:92:87:9a:4d:1b:66:1c:
31:ef:1c:e2:c0:00:8b:4b:6b:42:63:11:4b:66:00:b8:c3:fd:
d1:ca:0c:73:25:53:17:5f:92:f2:a4:08:f5:32:a9:91:61:cf:
af:bb:42:1d:df:81:64:6a:97:75:af:d1:82:83:47:e7:b5:7f:
e7:a7:cc:9a:9b:e2:c0:68:d4:ec:e0:60:5f:b8:79:f6:5c:22:
02:44:50:88:50:24:54:0d:1d:8d:76:b4:a3:84:3b:fb:d0:17:
75:a8:1d:ea:05:42:45:1a:bc:a6:e1:92:88:e5:ea:ee:2f:2f:
b6:71:c8:eb:ad:eb:b9:12:f7:69:a2:76:06:62:88:5b:0c:4a:
2e:12:c4:d7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNDuD0QdHWQ9UNptlu9rtfYukXo0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmNDQ4MTFjZjgzYTgyNWNlZmFjN2QwMmI1M2M2NzRhMzhhZWRmODQzOWJl
YzIyMmVkOGEwNTYyOTg3ZDc1N2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJ2QP7T7eVTeDRPNX34D/3Gg/UMjgakiPQR4jNDvYCGejk002gmFIRGqORJ
jJ3B/f3yZyIg1PfU1CE4vZ3/vhbVPS8ONbcruBHyOncWVe4wLdlFXMavFz9zyLcA
cdEcqu29aTN4qvGNyn1jlUMZq1OU18bCVpIc7q3zRy2EW3IRxdHZqkZUXWtYOD4F
OnDQKOBvT5sG9bYHc4XD6qZR7eOaEHHal4/wcYmFXDyC537c9uvM5osX7xyJIe6W
pd4Wgp9pV00jRVCGZpmpuPq3UYy8l/McnKrEdGSoP5sfzrOUInBpupB9Rti1LQgE
ElnPrYYKhrn/Zd0G9L+T3AQiM8kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQpwRQU
BDTYZhpfPz2B/BUvWE7kDzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTk2ZDk5NzEtNmQ0ZS00N2EzLTk0MDgtZDYzMzY5OWI2NDNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H4g
MA0GCSqGSIb3DQEBCwUAA4IBAQCItj0NF8JNhYVuFhR088UifIWMcEkwpfvYkpXH
NMAD4BB7i/r5SYbg1Aqs4fXbOU3JQAUjh2t0a9tPqyw3DQe+8wKaQ3QKrL+os4RU
XB6pDW8qW9YProSc4EHk7n+04wxoJzp/IecNughUQOYPWX+btwIUK5m4NJKHmk0b
Zhwx7xziwACLS2tCYxFLZgC4w/3RygxzJVMXX5LypAj1MqmRYc+vu0Id34Fkapd1
r9GCg0fntX/np8yam+LAaNTs4GBfuHn2XCICRFCIUCRUDR2NdrSjhDv70Bd1qB3q
BUJFGrym4ZKI5eruLy+2ccjrreu5EvdponYGYohbDEouEsTX
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:58:40 2024 by rpki-client on console-fra.rpki-client.org