Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad26580-4404-437c-a347-5bcc76cfedaf.roa
File: bad26580-4404-437c-a347-5bcc76cfedaf.roa (raw, json)
Hash identifier: tmJJ4Qnqa3+AKw/F7oo2L4ANQCt3pTKGi2WdyuDpeqc=
Subject key identifier: 15:81:E1:51:A4:90:CC:A4:B5:6F:8E:F5:AD:6E:C7:EA:04:1E:97:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6B3C44B2579E33DDEFB8D5EDEEBDB03718811D8A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad26580-4404-437c-a347-5bcc76cfedaf.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:3c:44:b2:57:9e:33:dd:ef:b8:d5:ed:ee:bd:b0:37:18:81:1d:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=2b4c41603b1580d4643dc0b1b432bade52f6862aa360b5a78f2a748a4fb63ff9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:12:fb:74:61:64:da:39:f5:33:e0:de:cd:be:
ee:ac:84:73:a5:ef:d8:f0:8f:c0:83:8b:29:84:65:
cc:dc:83:d1:09:f6:08:54:e2:51:6f:cc:34:3e:ac:
94:e8:da:ff:33:ae:15:c1:a8:fa:3c:4c:db:b0:8f:
84:72:1d:07:99:c7:a9:38:f9:da:cc:71:01:06:2c:
45:0b:1b:b5:d3:65:8b:95:eb:36:f1:59:df:bd:1a:
f1:69:19:b9:ec:c2:3e:ba:f7:6e:ef:40:da:9c:de:
2e:0d:63:df:1c:5c:2f:1c:e3:09:25:3d:44:88:06:
d6:f7:21:a5:cd:0c:7d:22:9a:a4:1d:99:ad:5e:b5:
ee:da:51:5c:30:07:5d:8f:28:20:12:5b:f0:32:1c:
65:16:3a:85:33:2f:1b:7a:70:67:4b:24:14:aa:87:
86:97:23:2e:78:85:c4:45:b6:bb:17:c7:c6:80:2e:
ab:3d:88:5c:03:4d:68:83:50:97:b2:da:76:65:9e:
0f:48:5e:fe:14:8c:80:2f:20:ef:52:e6:4b:e3:70:
c8:eb:38:7e:4e:ef:04:5f:b2:88:5e:43:d6:0f:ee:
49:31:1e:10:44:c7:35:ab:e0:d2:73:f4:f3:06:57:
ed:da:df:06:a5:e9:f9:3b:61:9f:13:f8:75:7a:ff:
a1:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:81:E1:51:A4:90:CC:A4:B5:6F:8E:F5:AD:6E:C7:EA:04:1E:97:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad26580-4404-437c-a347-5bcc76cfedaf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:9000::/40
Signature Algorithm: sha256WithRSAEncryption
17:b3:73:d9:8e:bd:58:ac:c8:95:8c:82:75:37:83:7b:48:40:
21:f7:56:c2:6f:d2:65:84:0b:03:8b:04:e9:cf:ff:58:69:ae:
46:a5:78:6d:80:64:8a:c9:2f:11:11:cc:51:d6:3f:66:c1:24:
2c:d9:0d:85:9b:96:30:c4:cf:55:a0:40:e3:45:4d:b3:af:f6:
9c:21:55:a9:eb:b3:c8:d2:38:d5:7a:8d:0d:d8:89:b7:62:32:
83:80:4e:21:99:80:d3:5a:46:b7:5a:db:6a:2b:d6:d1:fe:6a:
ef:f1:3b:70:2c:6b:21:1d:91:f7:02:b2:f7:f3:5b:07:8e:72:
d5:f8:17:d6:f3:ab:6e:76:49:6f:b2:6d:87:1d:71:89:ff:79:
f4:27:18:f8:4c:11:a6:b7:cc:b6:3f:92:85:c2:69:0a:f0:5f:
be:b3:8e:95:b9:2b:62:87:4c:18:6b:ec:20:cb:4c:89:01:2a:
a1:34:8f:dc:93:bc:13:b9:07:c6:46:85:df:b4:da:4c:b3:45:
7d:e0:ac:ab:a8:e2:29:60:5b:10:c9:15:6c:d6:0d:55:f7:cd:
5c:58:29:84:f9:25:0a:4c:d2:d4:a8:1f:ab:75:91:45:e6:98:
06:96:9a:08:28:82:db:95:2b:25:7d:c5:34:61:34:fa:ae:2a:
4e:82:3b:e2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUazxEsleeM93vuNXt7r2wNxiBHYowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiNGM0MTYwM2IxNTgwZDQ2NDNkYzBiMWI0MzJiYWRlNTJmNjg2MmFhMzYw
YjVhNzhmMmE3NDhhNGZiNjNmZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJsS+3RhZNo59TPg3s2+7qyEc6Xv2PCPwIOLKYRlzNyD0Qn2CFTiUW/MND6s
lOja/zOuFcGo+jxM27CPhHIdB5nHqTj52sxxAQYsRQsbtdNli5XrNvFZ370a8WkZ
uezCPrr3bu9A2pzeLg1j3xxcLxzjCSU9RIgG1vchpc0MfSKapB2ZrV617tpRXDAH
XY8oIBJb8DIcZRY6hTMvG3pwZ0skFKqHhpcjLniFxEW2uxfHxoAuqz2IXANNaINQ
l7LadmWeD0he/hSMgC8g71LmS+NwyOs4fk7vBF+yiF5D1g/uSTEeEETHNavg0nP0
8wZX7drfBqXp+TthnxP4dXr/oZcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQVgeFR
pJDMpLVvjvWtbsfqBB6X3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmFkMjY1ODAtNDQwNC00MzdjLWEzNDctNWJjYzc2Y2ZlZGFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAXs3PZjr1YrMiVjIJ1N4N7SEAh91bCb9JlhAsD
iwTpz/9Yaa5GpXhtgGSKyS8REcxR1j9mwSQs2Q2Fm5YwxM9VoEDjRU2zr/acIVWp
67PI0jjVeo0N2Im3YjKDgE4hmYDTWka3WttqK9bR/mrv8TtwLGshHZH3ArL381sH
jnLV+BfW86tudklvsm2HHXGJ/3n0Jxj4TBGmt8y2P5KFwmkK8F++s46VuStih0wY
a+wgy0yJASqhNI/ck7wTuQfGRoXftNpMs0V94KyrqOIpYFsQyRVs1g1V981cWCmE
+SUKTNLUqB+rdZFF5pgGlpoIKILblSslfcU0YTT6ripOgjvi
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:32 2024 by rpki-client on console-fra.rpki-client.org