Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5250031-50c8-41eb-902a-008df475b518.roa
File: b5250031-50c8-41eb-902a-008df475b518.roa (raw, json)
Hash identifier: Q0aoc/sEOkLvdXcOGc6zjVSu4S16FxNqpWdnf2d5oTs=
Subject key identifier: F5:00:3B:A8:C8:DA:37:92:57:39:94:40:13:5C:6A:B9:01:56:7F:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32CB9D8CA5F6E9108285179E2201E87A3C385D84
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5250031-50c8-41eb-902a-008df475b518.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 08:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:cb:9d:8c:a5:f6:e9:10:82:85:17:9e:22:01:e8:7a:3c:38:5d:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=b14f0f88f2fca7fb9f1b0e9cb53cdb47aacc5a520b5a7652b9ac26d08c22ce11, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:69:f6:b2:93:9d:32:19:69:c9:61:0a:9a:65:
37:5f:09:0e:71:27:e6:0d:4e:9d:a7:f7:4d:26:31:
1f:27:be:b6:56:5a:0d:71:ac:a4:d6:84:b4:9e:93:
52:f9:c9:6d:df:04:6c:e8:56:9d:c3:d6:8a:de:7a:
8d:ab:07:85:73:91:3a:f7:3c:ed:b9:8b:1e:ae:b4:
61:7b:ca:63:8b:2d:22:f7:53:4d:2e:6c:79:38:fd:
ce:4f:9c:2f:90:fc:28:66:1d:8c:8e:18:79:65:46:
13:df:b7:bc:a0:45:b5:64:60:bb:bb:e7:ec:3b:13:
d4:5d:3e:9b:fc:7f:55:d8:0b:89:f1:ae:39:23:51:
8e:8d:be:07:b1:96:a5:a3:96:36:bf:d0:77:a1:52:
25:f7:86:c9:34:51:8b:20:85:1c:df:43:9c:cd:f5:
bc:1d:9c:7e:33:32:88:13:83:9d:64:29:41:5a:63:
8d:82:8b:c0:fa:6e:36:f1:bc:40:40:fe:59:84:87:
ca:73:d1:11:4a:08:36:bf:28:5a:f6:17:64:78:ca:
c7:8e:ab:8b:f9:2a:b5:b7:0d:50:0d:54:8a:db:48:
5e:91:bb:57:75:1b:c3:2f:e0:ac:f7:0e:4b:17:51:
9d:63:56:6e:84:e0:a8:b2:29:fe:f0:fc:22:8b:50:
62:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:00:3B:A8:C8:DA:37:92:57:39:94:40:13:5C:6A:B9:01:56:7F:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5250031-50c8-41eb-902a-008df475b518.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:6000::/40
Signature Algorithm: sha256WithRSAEncryption
aa:e4:17:b9:43:be:49:c9:46:56:67:28:f1:73:f9:3f:1f:55:
03:7c:3c:8c:2c:c0:6e:18:fe:5e:97:e3:86:98:b2:f2:5c:e3:
e3:09:19:c7:0b:a0:58:c7:92:c4:1e:22:1d:85:fb:41:d9:c4:
ca:02:5c:d6:b8:af:bd:47:ab:df:1c:ad:61:c6:c1:7b:15:59:
db:09:5d:e7:0c:c2:f6:56:e7:b1:63:8d:3c:67:84:95:a6:4d:
0d:8a:d5:1a:ee:68:67:32:42:27:05:11:47:41:6f:bc:b6:b2:
ff:b7:b7:ce:e4:0c:86:a2:0e:d9:59:62:ab:16:b7:be:31:97:
db:59:f5:7f:96:88:60:d9:dd:45:0f:ad:0a:ce:5e:ba:49:86:
46:ec:96:6d:d2:41:ee:5a:55:59:d8:dd:f3:3f:99:76:33:97:
2c:64:4a:2d:cc:b4:0a:c0:f8:26:cc:5d:99:a8:01:06:8a:a5:
22:d1:9a:be:09:f3:72:80:f6:ee:b2:85:e7:4e:be:27:4c:9e:
e6:5c:18:61:24:a4:22:4a:95:0f:1f:a9:ef:fc:dc:1f:b6:27:
fa:eb:2c:f0:0d:e7:0d:80:5f:95:34:cb:80:23:d1:7c:5f:55:
45:37:35:0c:18:93:aa:4f:1d:40:62:85:94:06:3b:e5:50:c9:
9b:e6:02:6d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMsudjKX26RCChReeIgHoejw4XYQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxNGYwZjg4ZjJmY2E3ZmI5ZjFiMGU5Y2I1M2NkYjQ3YWFjYzVhNTIwYjVh
NzY1MmI5YWMyNmQwOGMyMmNlMTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFp9rKTnTIZaclhCpplN18JDnEn5g1Onaf3TSYxHye+tlZaDXGspNaEtJ6T
UvnJbd8EbOhWncPWit56jasHhXOROvc87bmLHq60YXvKY4stIvdTTS5seTj9zk+c
L5D8KGYdjI4YeWVGE9+3vKBFtWRgu7vn7DsT1F0+m/x/VdgLifGuOSNRjo2+B7GW
paOWNr/Qd6FSJfeGyTRRiyCFHN9DnM31vB2cfjMyiBODnWQpQVpjjYKLwPpuNvG8
QED+WYSHynPREUoINr8oWvYXZHjKx46ri/kqtbcNUA1UittIXpG7V3Ubwy/grPcO
SxdRnWNWboTgqLIp/vD8IotQYh8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT1ADuo
yNo3klc5lEATXGq5AVZ/BzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjUyNTAwMzEtNTBjOC00MWViLTkwMmEtMDA4ZGY0NzViNTE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Htg
MA0GCSqGSIb3DQEBCwUAA4IBAQCq5Be5Q75JyUZWZyjxc/k/H1UDfDyMLMBuGP5e
l+OGmLLyXOPjCRnHC6BYx5LEHiIdhftB2cTKAlzWuK+9R6vfHK1hxsF7FVnbCV3n
DML2VuexY408Z4SVpk0NitUa7mhnMkInBRFHQW+8trL/t7fO5AyGog7ZWWKrFre+
MZfbWfV/lohg2d1FD60Kzl66SYZG7JZt0kHuWlVZ2N3zP5l2M5csZEotzLQKwPgm
zF2ZqAEGiqUi0Zq+CfNygPbusoXnTr4nTJ7mXBhhJKQiSpUPH6nv/Nwftif66yzw
DecNgF+VNMuAI9F8X1VFNzUMGJOqTx1AYoWUBjvlUMmb5gJt
-----END CERTIFICATE-----
Generated at Fri Apr 26 13:36:05 2024 by rpki-client on console-ams.rpki-client.org