Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba508b2b-e1e6-4e3b-8c63-d3f785854119.roa
File: ba508b2b-e1e6-4e3b-8c63-d3f785854119.roa (raw, json)
Hash identifier: dnVi/1auv7jGkyYyjeMOI/Mzu+Vzrmxf78c3dyc5ijY=
Subject key identifier: 86:24:BA:62:59:0F:9A:25:58:83:95:27:1C:41:7E:BD:EC:48:D2:4B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 29B1B942CB40721AF6A446D2881E45E89EDAC6E6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba508b2b-e1e6-4e3b-8c63-d3f785854119.roa
Signing time: Fri 22 Nov 2024 00:00:00 +0000
ROA not before: Fri 22 Nov 2024 00:00:00 +0000
ROA not after: Fri 27 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d040:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:b1:b9:42:cb:40:72:1a:f6:a4:46:d2:88:1e:45:e8:9e:da:c6:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 22 00:00:00 2024 GMT
Not After : Dec 27 23:59:59 2024 GMT
Subject: serialNumber=087bc25953aac3ac4452e1b478c269284f0bdb10ed19d582be89285efb589842, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ac:c2:54:10:47:e1:d9:6e:92:35:bd:07:c6:
b2:81:0a:04:dd:11:6a:c1:68:44:f8:2d:d3:2b:cb:
ed:e5:c3:4d:33:96:9c:63:89:42:9e:b3:e3:00:44:
12:00:77:9c:37:c6:e9:c3:b7:55:4f:cf:5d:83:40:
6a:9d:02:95:23:98:d2:af:31:02:c2:68:16:dc:a3:
2b:c7:f6:88:5e:7c:66:8c:67:54:1d:42:ac:cf:95:
fd:ab:2b:4b:66:6e:48:10:57:f8:c4:15:f0:a1:bc:
2c:c0:e4:df:aa:20:c8:76:cb:61:1d:7c:2f:55:49:
1d:57:ab:50:de:e8:df:e9:ba:81:86:6e:fd:96:0c:
33:53:ec:b9:73:e0:4f:c6:3f:d5:3f:48:64:75:05:
3e:6c:2a:e6:74:93:54:6f:eb:9b:29:15:0e:2b:a9:
df:1a:bc:51:7b:d8:de:f5:d2:37:5e:4c:37:96:4e:
36:04:b5:c6:19:c0:f5:ad:df:6d:b2:21:62:dc:16:
71:5f:d2:89:cc:a3:98:1a:26:65:ef:33:58:12:23:
14:3d:d5:4e:97:22:53:b4:bd:ed:17:fd:05:54:b0:
93:13:76:cb:2b:ad:a5:5a:b6:5d:eb:46:36:39:b9:
6d:b9:80:17:3d:e4:69:33:7c:4a:df:45:06:a2:bb:
56:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:24:BA:62:59:0F:9A:25:58:83:95:27:1C:41:7E:BD:EC:48:D2:4B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba508b2b-e1e6-4e3b-8c63-d3f785854119.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040:4000::/40
Signature Algorithm: sha256WithRSAEncryption
0e:39:f1:7a:9c:19:e6:52:12:70:68:68:28:4b:f8:25:40:cb:
8f:18:5e:2a:49:94:68:6e:9b:bd:e7:4b:48:07:2b:a5:25:6b:
c9:ae:91:2c:33:de:5c:16:a9:8e:dc:66:1e:b5:74:e9:72:7c:
69:28:2a:d3:0f:cd:57:08:27:a4:29:79:cf:bc:80:ac:38:8d:
96:9c:50:af:b3:f9:ff:5f:f4:4f:2f:01:15:f3:ec:fa:ec:37:
36:14:86:c7:b4:56:80:71:2d:09:87:1d:14:52:38:11:7b:2b:
f7:dd:c6:dd:05:d3:4f:9d:db:76:b8:ac:a2:26:46:4b:14:4b:
fc:99:b2:46:fe:7c:cf:6b:f3:c1:4e:8e:7f:c0:05:f5:44:4e:
6b:1f:77:7e:e6:73:96:db:c6:ae:01:89:37:88:ef:b8:5e:03:
25:1e:dd:97:49:9f:6d:0e:69:6c:ec:6f:84:e9:7b:10:80:82:
d9:b0:5c:39:11:5d:f6:31:2c:a0:a3:db:91:df:34:6d:d2:04:
a5:55:a7:58:f4:1e:4d:eb:d0:34:68:0b:a7:28:96:d3:d7:1b:
0d:2a:75:61:68:ef:52:43:2b:55:dd:03:6e:23:7c:7c:0e:af:
f7:9c:cc:ef:df:d5:a1:0d:8b:f3:33:43:e9:fb:c4:4f:04:b5:
f4:d5:5a:8b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKbG5QstAchr2pEbSiB5F6J7axuYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMjIwMDAwMDBaFw0yNDEyMjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4N2JjMjU5NTNhYWMzYWM0NDUyZTFiNDc4YzI2OTI4NGYwYmRiMTBlZDE5
ZDU4MmJlODkyODVlZmI1ODk4NDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALiswlQQR+HZbpI1vQfGsoEKBN0RasFoRPgt0yvL7eXDTTOWnGOJQp6z4wBE
EgB3nDfG6cO3VU/PXYNAap0ClSOY0q8xAsJoFtyjK8f2iF58ZoxnVB1CrM+V/asr
S2ZuSBBX+MQV8KG8LMDk36ogyHbLYR18L1VJHVerUN7o3+m6gYZu/ZYMM1PsuXPg
T8Y/1T9IZHUFPmwq5nSTVG/rmykVDiup3xq8UXvY3vXSN15MN5ZONgS1xhnA9a3f
bbIhYtwWcV/SicyjmBomZe8zWBIjFD3VTpciU7S97Rf9BVSwkxN2yyutpVq2XetG
Njm5bbmAFz3kaTN8St9FBqK7Vr0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSGJLpi
WQ+aJViDlSccQX697EjSSzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmE1MDhiMmItZTFlNi00ZTNiLThjNjMtZDNmNzg1ODU0MTE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0EBA
MA0GCSqGSIb3DQEBCwUAA4IBAQAOOfF6nBnmUhJwaGgoS/glQMuPGF4qSZRobpu9
50tIByulJWvJrpEsM95cFqmO3GYetXTpcnxpKCrTD81XCCekKXnPvICsOI2WnFCv
s/n/X/RPLwEV8+z67Dc2FIbHtFaAcS0Jhx0UUjgReyv33cbdBdNPndt2uKyiJkZL
FEv8mbJG/nzPa/PBTo5/wAX1RE5rH3d+5nOW28auAYk3iO+4XgMlHt2XSZ9tDmls
7G+E6XsQgILZsFw5EV32MSygo9uR3zRt0gSlVadY9B5N69A0aAunKJbT1xsNKnVh
aO9SQytV3QNuI3x8Dq/3nMzv39WhDYvzM0Pp+8RPBLX01VqL
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:58:40 2024 by rpki-client on console-fra.rpki-client.org