Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5616cf9-78f7-4329-90b1-90a383fd5890.roa
File: b5616cf9-78f7-4329-90b1-90a383fd5890.roa (raw, json)
Hash identifier: RMETPjRihWqgc7Kz/i0IWE9SG1qc86AYhhi6v3x9s4c=
Subject key identifier: 42:A3:BC:D1:57:A3:D4:11:55:11:F1:6A:38:73:A1:5D:B3:BE:38:CD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6FEDCF035BD9A89B01B7323227C0B34D70B2757F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5616cf9-78f7-4329-90b1-90a383fd5890.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 08:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:ed:cf:03:5b:d9:a8:9b:01:b7:32:32:27:c0:b3:4d:70:b2:75:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=59b671335dfe4fb1742942976f0bfcf22c7f3aa48981bc26b752204fe205007b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:fe:77:ae:d9:b4:bc:f7:c9:96:61:ad:d1:6a:
dc:e6:92:5e:64:5b:c3:0a:62:5e:ee:ff:14:08:56:
1d:c1:dd:f9:ed:00:4f:6e:b4:dd:07:ad:ce:ef:a5:
55:8a:8b:a4:ad:c6:1c:8a:27:a0:c7:85:cf:c3:47:
fc:8e:41:b7:05:47:cb:db:34:f0:c0:79:7c:43:86:
f3:98:c2:41:05:81:cf:95:dd:80:b0:4d:40:63:61:
f1:dd:77:b7:99:d4:56:53:81:0a:f1:eb:bd:af:7c:
ba:93:96:4c:7b:50:29:cc:ad:92:5b:43:1c:03:fc:
68:fd:0c:0a:9e:c9:f0:86:1a:0b:50:63:3c:ce:04:
b7:8b:42:5e:5d:56:07:6d:3c:a6:3f:a9:0b:79:c6:
8e:c5:1c:ba:a1:0f:d7:78:c3:2b:d3:ad:29:33:6e:
42:8a:e4:57:ff:e9:cd:c7:06:1b:95:9c:c9:6f:22:
33:2a:c7:e3:c4:b7:e1:57:40:5d:bd:a8:8f:3a:89:
2f:fd:d0:e3:ba:d9:2a:d5:60:36:49:09:51:75:c2:
43:f6:3d:3e:c1:8f:8f:96:c0:ae:bb:4c:03:ef:d8:
ee:92:cf:b2:82:67:da:99:74:12:d3:e4:c8:1d:52:
39:a1:6f:93:6b:91:bb:21:f0:1c:6b:1b:60:8c:9d:
74:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:A3:BC:D1:57:A3:D4:11:55:11:F1:6A:38:73:A1:5D:B3:BE:38:CD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5616cf9-78f7-4329-90b1-90a383fd5890.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e000::/40
Signature Algorithm: sha256WithRSAEncryption
ba:ae:a8:5c:63:5a:c0:64:b2:d8:f5:e0:be:77:73:ca:88:19:
1d:cb:7a:54:c2:2f:9c:96:64:40:cf:7d:b2:0a:83:d1:3f:97:
58:50:af:c7:00:49:a2:e8:8b:bf:86:3d:d3:8e:2d:ce:9a:5c:
d0:11:7b:02:32:c4:67:1a:63:74:98:39:f7:fe:a0:44:d0:9e:
2c:06:88:63:d6:fe:83:9d:76:dd:34:d9:b4:2d:88:fc:30:2e:
9f:40:87:16:34:87:e6:6f:75:c2:8c:b4:ca:b3:8f:74:b0:2c:
5d:08:4d:41:74:0e:27:69:50:58:51:29:e0:17:d5:04:33:7e:
c0:ac:82:6f:fb:71:4a:27:44:a8:6e:18:b4:67:7c:c1:b6:37:
6e:49:94:5b:63:d5:7b:9f:72:dc:5b:d0:73:0a:29:6e:59:64:
56:8f:9b:33:ee:d9:08:25:7e:1a:70:b8:b7:cc:bb:96:e4:46:
04:92:f2:d0:f8:5a:93:14:78:32:d3:59:47:f4:f6:a5:5f:a5:
8a:46:a4:36:30:81:d6:b0:d7:a3:4e:89:d6:d3:f9:c4:05:1a:
c8:13:77:85:a3:45:c7:d8:79:6b:50:f0:3d:ea:4a:6b:cb:39:
18:fc:26:4e:a5:5d:ce:93:68:70:60:00:0e:dd:1a:ea:97:d7:
25:b2:be:95
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUb+3PA1vZqJsBtzIyJ8CzTXCydX8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5YjY3MTMzNWRmZTRmYjE3NDI5NDI5NzZmMGJmY2YyMmM3ZjNhYTQ4OTgx
YmMyNmI3NTIyMDRmZTIwNTAwN2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO7+d67ZtLz3yZZhrdFq3OaSXmRbwwpiXu7/FAhWHcHd+e0AT2603Qetzu+l
VYqLpK3GHIonoMeFz8NH/I5BtwVHy9s08MB5fEOG85jCQQWBz5XdgLBNQGNh8d13
t5nUVlOBCvHrva98upOWTHtQKcytkltDHAP8aP0MCp7J8IYaC1BjPM4Et4tCXl1W
B208pj+pC3nGjsUcuqEP13jDK9OtKTNuQorkV//pzccGG5WcyW8iMyrH48S34VdA
Xb2ojzqJL/3Q47rZKtVgNkkJUXXCQ/Y9PsGPj5bArrtMA+/Y7pLPsoJn2pl0EtPk
yB1SOaFvk2uRuyHwHGsbYIyddM0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRCo7zR
V6PUEVUR8Wo4c6Fds744zTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjU2MTZjZjktNzhmNy00MzI5LTkwYjEtOTBhMzgzZmQ1ODkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H/g
MA0GCSqGSIb3DQEBCwUAA4IBAQC6rqhcY1rAZLLY9eC+d3PKiBkdy3pUwi+clmRA
z32yCoPRP5dYUK/HAEmi6Iu/hj3Tji3OmlzQEXsCMsRnGmN0mDn3/qBE0J4sBohj
1v6DnXbdNNm0LYj8MC6fQIcWNIfmb3XCjLTKs490sCxdCE1BdA4naVBYUSngF9UE
M37ArIJv+3FKJ0Sobhi0Z3zBtjduSZRbY9V7n3LcW9BzCiluWWRWj5sz7tkIJX4a
cLi3zLuW5EYEkvLQ+FqTFHgy01lH9PalX6WKRqQ2MIHWsNejTonW0/nEBRrIE3eF
o0XH2HlrUPA96kpryzkY/CZOpV3Ok2hwYAAO3Rrql9clsr6V
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:00:58 2024 by rpki-client on console-ams.rpki-client.org