Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad26580-4404-437c-a347-5bcc76cfedaf.roa
File: bad26580-4404-437c-a347-5bcc76cfedaf.roa (raw, json)
Hash identifier: kIDAn38KrbL9Xa/PzjQcR1cuyAp3bZSTGMLjHvNOezo=
Subject key identifier: 53:47:CC:05:1F:13:FB:72:B9:9F:72:BB:27:6C:57:6F:0D:AD:FC:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68767662A9EBE739457F2B72C4A1597960903480
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad26580-4404-437c-a347-5bcc76cfedaf.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:76:76:62:a9:eb:e7:39:45:7f:2b:72:c4:a1:59:79:60:90:34:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=c9cff78b1044e5847404d4c9f864722377ea040202343614518a798c98f2cf77, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:fe:62:d9:9a:c0:3d:66:09:71:40:e0:0b:65:
78:98:dc:5b:db:ce:26:49:fa:b2:05:c1:f9:83:84:
ab:0a:29:7b:82:9b:ba:35:d8:c9:ef:a9:d4:d5:8b:
20:d4:4b:be:8f:0c:d5:d0:4b:f2:32:22:97:1c:02:
b7:2a:c9:62:5b:d7:94:8a:23:c1:63:ee:a7:e3:05:
34:7a:61:bf:97:ee:70:90:04:d2:30:7d:82:35:09:
1a:a7:1c:d9:5e:a6:e8:c1:47:70:ae:8e:01:1c:d2:
b7:a8:de:44:19:39:12:58:b9:a4:6d:ba:a4:cd:31:
f7:3e:21:1f:8e:bc:b8:94:8f:9f:86:5b:cb:50:d9:
ce:1a:dd:2d:64:bc:7b:38:49:ec:61:de:bb:70:36:
c0:fc:c6:de:38:2a:61:86:39:40:67:ba:86:94:1c:
0f:5d:0e:00:49:dd:6a:50:d6:8b:89:5f:61:5c:ba:
ae:86:e9:8c:97:ad:54:20:c8:9a:fb:4c:ba:23:17:
d9:27:48:c3:73:22:9f:ce:7b:b3:57:4a:74:50:9a:
b7:58:ff:c3:e6:d7:9f:69:01:0a:fd:e2:7e:90:64:
a4:d4:1a:5a:c6:95:00:6d:8e:c7:86:5f:e2:f0:17:
79:1a:fa:9c:37:f7:a5:0b:e5:72:82:52:53:cb:7f:
20:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:47:CC:05:1F:13:FB:72:B9:9F:72:BB:27:6C:57:6F:0D:AD:FC:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad26580-4404-437c-a347-5bcc76cfedaf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:9000::/40
Signature Algorithm: sha256WithRSAEncryption
03:c2:01:a4:8f:bf:08:71:3c:7a:f0:58:9b:b7:05:87:bb:af:
8f:c8:34:b4:54:e4:e0:77:d9:de:2d:fd:87:be:86:9c:73:23:
19:95:b9:5c:ea:38:8e:0e:23:5a:17:6b:b1:5f:f0:f9:5e:6e:
7c:9c:22:53:1b:99:de:dc:2e:43:e0:57:00:75:dd:14:79:72:
4c:5a:a5:04:6d:02:4a:c9:d2:b7:d8:8b:d6:a6:80:13:c8:ac:
73:9e:b1:6e:3f:f8:1e:0a:b3:09:6a:86:bc:85:54:bf:82:e0:
70:90:4d:16:6f:8e:a5:c1:58:85:83:09:b0:08:95:dc:78:6c:
3d:3f:3d:8b:a5:2b:2b:9f:6d:5c:3c:d7:d8:df:26:a3:bd:b2:
4c:c1:17:a1:55:2d:11:a5:50:30:8f:e5:85:86:d0:38:6e:2a:
a4:fa:5a:41:50:62:16:5e:43:16:b0:01:28:1a:de:bb:36:67:
89:50:69:19:f1:ac:57:ac:99:3b:af:7a:57:1d:7d:b2:f4:65:
f1:fc:1d:f7:1c:3b:09:16:42:59:8a:bd:97:14:d0:85:a2:e0:
ef:69:cd:73:9b:06:0a:8e:38:83:9b:84:8a:ed:69:4b:80:2d:
c4:f4:67:a8:66:8f:7c:50:a1:54:01:82:8b:e2:50:22:b7:3c:
24:2a:7a:bb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaHZ2Yqnr5zlFfytyxKFZeWCQNIAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5Y2ZmNzhiMTA0NGU1ODQ3NDA0ZDRjOWY4NjQ3MjIzNzdlYTA0MDIwMjM0
MzYxNDUxOGE3OThjOThmMmNmNzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIb+YtmawD1mCXFA4AtleJjcW9vOJkn6sgXB+YOEqwope4KbujXYye+p1NWL
INRLvo8M1dBL8jIilxwCtyrJYlvXlIojwWPup+MFNHphv5fucJAE0jB9gjUJGqcc
2V6m6MFHcK6OARzSt6jeRBk5Eli5pG26pM0x9z4hH468uJSPn4Zby1DZzhrdLWS8
ezhJ7GHeu3A2wPzG3jgqYYY5QGe6hpQcD10OAEndalDWi4lfYVy6robpjJetVCDI
mvtMuiMX2SdIw3Min857s1dKdFCat1j/w+bXn2kBCv3ifpBkpNQaWsaVAG2Ox4Zf
4vAXeRr6nDf3pQvlcoJSU8t/ILkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRTR8wF
HxP7crmfcrsnbFdvDa38VzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmFkMjY1ODAtNDQwNC00MzdjLWEzNDctNWJjYzc2Y2ZlZGFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWQ
MA0GCSqGSIb3DQEBCwUAA4IBAQADwgGkj78IcTx68FibtwWHu6+PyDS0VOTgd9ne
Lf2HvoaccyMZlblc6jiODiNaF2uxX/D5Xm58nCJTG5ne3C5D4FcAdd0UeXJMWqUE
bQJKydK32IvWpoATyKxznrFuP/geCrMJaoa8hVS/guBwkE0Wb46lwViFgwmwCJXc
eGw9Pz2LpSsrn21cPNfY3yajvbJMwRehVS0RpVAwj+WFhtA4biqk+lpBUGIWXkMW
sAEoGt67NmeJUGkZ8axXrJk7r3pXHX2y9GXx/B33HDsJFkJZir2XFNCFouDvac1z
mwYKjjiDm4SK7WlLgC3E9GeoZo98UKFUAYKL4lAitzwkKnq7
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:45 2024 by rpki-client on console-ams.rpki-client.org