Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
File: b4bc5ce4-db80-4527-b720-60a744036322.roa (raw, json)
Hash identifier: cAcdiZjfxhXA86KBz9zc5mW/h2eptDaOCTDeE8EQ50U=
Subject key identifier: A7:8B:F5:24:6A:A8:D6:1B:2B:F4:3A:87:96:B5:85:B8:38:95:0A:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6450E9B01AE839BBCBBC2535D251AE4B8571B845
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:50:e9:b0:1a:e8:39:bb:cb:bc:25:35:d2:51:ae:4b:85:71:b8:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=9537778f8ab49471791c79eab6e7ae830a841fb1f45c72dd1d6cce617445dcbe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:23:fb:25:58:ec:95:11:1d:d0:25:53:4d:7f:
fe:66:af:7c:9c:8e:50:68:a5:8f:ae:b3:b0:ee:02:
27:0b:4f:38:00:83:d2:d0:b5:29:a3:71:49:25:84:
b3:44:17:f1:03:2f:68:27:e9:25:35:1a:0c:a1:99:
f3:a7:5c:2a:ef:78:c0:7c:b8:54:df:1d:c1:e5:fe:
a3:38:fa:27:8e:55:50:90:99:33:21:a4:3e:96:6e:
6e:7b:03:9f:04:7d:8f:fd:00:67:0e:37:3b:43:be:
fd:6e:e1:65:89:c3:b1:25:89:90:2f:a1:30:c3:28:
e1:fa:bb:a6:80:3a:cb:67:c7:a6:0e:fe:af:c6:e2:
8f:06:39:21:ff:4f:8a:9f:78:55:62:96:d6:9d:43:
0f:25:d3:a8:3f:16:66:f8:04:ec:45:33:d4:77:29:
7a:3c:32:fb:fa:0e:e6:b5:25:f6:41:e2:8d:75:23:
d7:9c:7a:02:7e:65:b8:fa:70:c9:b2:c6:b3:9d:de:
eb:3a:dd:8f:4a:9f:96:00:30:3b:ef:57:63:1d:30:
fb:c6:a8:3b:e8:a7:19:7e:fa:f0:e4:d8:01:19:77:
a3:01:93:6f:5d:a7:21:0f:f4:ee:77:85:6e:01:62:
80:1f:db:5f:0d:ee:6a:56:17:6c:5d:96:b8:6c:f7:
fe:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:8B:F5:24:6A:A8:D6:1B:2B:F4:3A:87:96:B5:85:B8:38:95:0A:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:b000::/40
Signature Algorithm: sha256WithRSAEncryption
27:c4:21:7c:6a:ad:36:65:3b:12:c9:e9:49:a6:d7:9c:0c:1e:
13:01:6c:7c:a6:56:27:c6:88:b0:34:7e:e2:5c:76:04:8b:c4:
f7:4e:86:97:3b:a3:4c:a9:6d:87:d3:28:b7:c7:3c:94:49:3d:
d0:d7:16:02:0b:06:a5:96:b0:c8:da:5d:42:fd:d7:3c:44:57:
d2:46:e9:dd:0a:19:6a:7a:23:16:cb:c8:60:3f:2c:ff:36:fe:
9a:1a:c6:9d:7d:b5:ed:d4:d9:59:9a:41:0b:6a:ab:91:e2:af:
f2:c1:99:10:3b:3e:4d:d6:19:5b:8f:90:92:ca:1d:3b:db:9b:
5b:4f:3c:78:53:70:11:aa:e4:f9:c0:d2:a2:cd:9d:0b:41:ca:
84:da:0f:b8:be:95:b6:c6:38:a5:df:43:45:ff:d6:92:b0:21:
9f:0a:4b:80:45:ef:dd:d9:9d:75:32:14:7e:d1:10:27:06:ea:
12:e4:c0:d9:b8:10:98:18:84:ee:71:fb:a3:db:ad:4b:32:ee:
7f:b4:54:b4:9f:34:ad:86:c6:5c:f6:45:bc:e7:fe:ac:12:d2:
45:97:2f:ec:ca:3e:19:0c:16:30:34:eb:ef:66:dc:d0:3f:dd:
0f:b3:7d:aa:ce:db:4e:14:76:74:21:33:98:32:e9:a4:51:5e:
76:ef:9e:c0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZFDpsBroObvLvCU10lGuS4VxuEUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDk1Mzc3NzhmOGFiNDk0NzE3OTFjNzllYWI2ZTdhZTgzMGE4NDFmYjFmNDVj
NzJkZDFkNmNjZTYxNzQ0NWRjYmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ8j+yVY7JURHdAlU01//mavfJyOUGilj66zsO4CJwtPOACD0tC1KaNxSSWE
s0QX8QMvaCfpJTUaDKGZ86dcKu94wHy4VN8dweX+ozj6J45VUJCZMyGkPpZubnsD
nwR9j/0AZw43O0O+/W7hZYnDsSWJkC+hMMMo4fq7poA6y2fHpg7+r8bijwY5If9P
ip94VWKW1p1DDyXTqD8WZvgE7EUz1Hcpejwy+/oO5rUl9kHijXUj15x6An5luPpw
ybLGs53e6zrdj0qflgAwO+9XYx0w+8aoO+inGX768OTYARl3owGTb12nIQ/07neF
bgFigB/bXw3ualYXbF2WuGz3/lcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSni/Uk
aqjWGyv0OoeWtYW4OJUKKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjRiYzVjZTQtZGI4MC00NTI3LWI3MjAtNjBhNzQ0MDM2MzIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6w
MA0GCSqGSIb3DQEBCwUAA4IBAQAnxCF8aq02ZTsSyelJptecDB4TAWx8plYnxoiw
NH7iXHYEi8T3ToaXO6NMqW2H0yi3xzyUST3Q1xYCCwallrDI2l1C/dc8RFfSRund
ChlqeiMWy8hgPyz/Nv6aGsadfbXt1NlZmkELaquR4q/ywZkQOz5N1hlbj5CSyh07
25tbTzx4U3ARquT5wNKizZ0LQcqE2g+4vpW2xjil30NF/9aSsCGfCkuARe/d2Z11
MhR+0RAnBuoS5MDZuBCYGITucfuj261LMu5/tFS0nzSthsZc9kW85/6sEtJFly/s
yj4ZDBYwNOvvZtzQP90Ps32qzttOFHZ0ITOYMumkUV52757A
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:58:40 2024 by rpki-client on console-fra.rpki-client.org