Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b176a187-5863-4413-a001-74ccc0321be5.roa
File: b176a187-5863-4413-a001-74ccc0321be5.roa (raw, json)
Hash identifier: v1oMWkDNwEAE8mlYpPDvJc/OUqDYkpZDRW8lFUn++H0=
Subject key identifier: E9:3A:50:F9:82:A7:8D:F2:61:06:82:B5:42:E9:3D:EA:65:39:3F:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C741A6827D0ECC53901D100F3053CBFAA256339
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b176a187-5863-4413-a001-74ccc0321be5.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02c::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:74:1a:68:27:d0:ec:c5:39:01:d1:00:f3:05:3c:bf:aa:25:63:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=c07a585e58d166dd6ebc5a4ecb4a23be8f74f5c5415197f579ddc090bf9124c7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:1a:d8:56:82:45:c7:e6:d6:60:fe:04:76:96:
d1:cf:9c:17:3d:a3:58:99:e2:9e:a0:41:81:cd:7a:
8d:0d:eb:4a:85:d7:e8:37:fd:8f:29:c9:0e:39:89:
cf:56:5f:3e:c9:08:70:83:53:69:8e:e8:0e:b2:58:
1f:39:0f:8d:ea:78:d1:87:89:97:3e:91:f7:58:38:
72:b9:90:97:d9:a2:8a:28:ee:db:ee:60:5d:f4:f7:
17:53:98:0e:d5:a9:5d:a5:57:30:de:3b:d0:c3:b5:
64:e1:96:0f:6d:23:4d:c4:41:f0:57:63:12:8c:0f:
f1:d5:2c:a4:1c:6c:3a:65:56:60:a4:8a:3e:bb:cc:
d8:8e:26:0d:da:08:42:fe:6a:f2:f2:38:28:e8:61:
a2:43:33:70:d9:9b:96:05:e1:66:e6:f0:ab:28:da:
9a:0a:66:89:0f:37:fd:be:eb:41:70:6f:44:30:67:
81:b9:7a:97:8a:f9:76:c0:09:8b:50:d7:ef:3a:eb:
de:86:d3:d8:0e:95:74:f7:06:1e:53:db:bc:88:9c:
89:6b:4e:8d:71:a6:2c:0c:87:51:3e:63:60:07:38:
40:2d:fa:4e:bc:13:74:d9:18:b4:5f:1f:5a:d2:4f:
d8:cc:ec:8f:5a:5d:57:81:83:12:d6:1e:ba:73:c3:
91:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:3A:50:F9:82:A7:8D:F2:61:06:82:B5:42:E9:3D:EA:65:39:3F:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b176a187-5863-4413-a001-74ccc0321be5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02c::/36
Signature Algorithm: sha256WithRSAEncryption
3a:e8:28:ae:6a:13:9d:74:33:24:67:79:cc:a7:0b:21:ef:99:
89:ea:45:f4:91:3e:c9:dd:0f:76:6c:f0:29:2e:53:41:13:b8:
f8:cf:75:1f:04:95:a6:56:a2:40:8f:ef:28:51:2a:87:a6:99:
2d:63:d2:1b:10:a8:5c:a6:d6:db:a5:a1:91:68:3a:f3:10:0b:
9f:37:f6:c9:1c:e3:fd:57:2d:f6:f6:60:0a:34:1c:85:36:2b:
9e:fa:70:15:37:96:b7:88:23:39:6f:cd:68:f6:94:92:cc:74:
ff:d2:d7:ab:4c:83:18:c3:2d:22:e0:e5:25:2d:8a:cc:f6:25:
21:a1:73:12:96:af:40:fe:6e:78:68:0f:2c:23:cc:f2:ab:d7:
a7:1e:69:53:fd:ad:76:7e:25:98:49:a8:45:28:38:04:cb:cd:
bb:a2:d9:20:34:55:6f:74:d4:ca:00:ed:d6:04:42:6c:b3:fb:
9f:86:6e:77:5c:4a:d3:82:c8:1e:6d:54:51:0d:29:80:dd:a2:
13:a5:5d:6f:7f:d3:4e:0f:6d:63:90:c8:57:2d:a3:ad:f0:d4:
73:58:7d:42:4d:ff:c0:90:3e:32:51:bd:a5:01:47:c3:1a:43:
87:ef:42:5f:2b:b9:60:85:24:73:d8:b6:53:ea:4d:25:7b:2a:
42:75:f5:b2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHHQaaCfQ7MU5AdEA8wU8v6olYzkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwN2E1ODVlNThkMTY2ZGQ2ZWJjNWE0ZWNiNGEyM2JlOGY3NGY1YzU0MTUx
OTdmNTc5ZGRjMDkwYmY5MTI0YzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANIa2FaCRcfm1mD+BHaW0c+cFz2jWJninqBBgc16jQ3rSoXX6Df9jynJDjmJ
z1ZfPskIcINTaY7oDrJYHzkPjep40YeJlz6R91g4crmQl9miiiju2+5gXfT3F1OY
DtWpXaVXMN470MO1ZOGWD20jTcRB8FdjEowP8dUspBxsOmVWYKSKPrvM2I4mDdoI
Qv5q8vI4KOhhokMzcNmblgXhZubwqyjamgpmiQ83/b7rQXBvRDBngbl6l4r5dsAJ
i1DX7zrr3obT2A6VdPcGHlPbvIiciWtOjXGmLAyHUT5jYAc4QC36TrwTdNkYtF8f
WtJP2Mzsj1pdV4GDEtYeunPDkSMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTpOlD5
gqeN8mEGgrVC6T3qZTk/3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjE3NmExODctNTg2My00NDEzLWEwMDEtNzRjY2MwMzIxYmU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CwA
MA0GCSqGSIb3DQEBCwUAA4IBAQA66CiuahOddDMkZ3nMpwsh75mJ6kX0kT7J3Q92
bPApLlNBE7j4z3UfBJWmVqJAj+8oUSqHppktY9IbEKhcptbbpaGRaDrzEAufN/bJ
HOP9Vy329mAKNByFNiue+nAVN5a3iCM5b81o9pSSzHT/0terTIMYwy0i4OUlLYrM
9iUhoXMSlq9A/m54aA8sI8zyq9enHmlT/a12fiWYSahFKDgEy827otkgNFVvdNTK
AO3WBEJss/ufhm53XErTgsgebVRRDSmA3aITpV1vf9NOD21jkMhXLaOt8NRzWH1C
Tf/AkD4yUb2lAUfDGkOH70JfK7lghSRz2LZT6k0leypCdfWy
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:32 2024 by rpki-client on console-fra.rpki-client.org