Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
File: bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa (raw, json)
Hash identifier: oGyEv11Atn4uVTBPkfnJIY/amIGfRTRmHFUuqfgzXgI=
Subject key identifier: 60:F7:2B:A7:0A:A5:6F:EF:8C:FE:FC:99:BC:EA:D2:63:FD:21:1C:2F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B39F5D8AC8A0AB9DF5957362D283BD696C457D8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 08:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:39:f5:d8:ac:8a:0a:b9:df:59:57:36:2d:28:3b:d6:96:c4:57:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=aee9ebff5949baf32b1ffbdcb0c41cbc62bd8ea41ebeecf5b155571b58f178f4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:ed:d8:f2:37:99:30:20:46:37:4f:eb:6f:b1:
81:f7:9c:dc:bd:ce:96:d8:0b:61:9a:b9:09:a9:19:
3a:48:91:d2:a4:f5:31:ad:e8:b7:d7:08:8c:80:ae:
cc:9a:dd:41:c2:bf:a0:2d:f8:7d:69:95:cb:fa:aa:
bd:fd:20:52:3d:d6:1d:7f:96:34:1e:6a:cb:c1:6d:
04:ea:22:3a:55:03:50:7e:8c:ee:d8:f4:b2:de:dd:
a4:0d:2a:4e:cc:30:ac:7a:c1:a1:91:a2:59:a4:5d:
94:18:79:93:df:06:b9:8e:91:3c:80:cf:7e:d2:9a:
31:10:f6:0c:06:61:9d:fc:2e:16:74:a6:15:bb:07:
88:e4:1b:92:c6:3e:c6:ba:91:94:50:1c:e8:f5:bc:
03:1b:dd:f1:04:50:19:f2:c7:33:15:b4:fd:d5:2b:
ac:9b:1f:fa:a0:08:a3:42:07:dd:b0:70:41:b5:47:
49:bb:43:07:99:96:5b:30:6f:c7:c5:9f:f2:f8:dd:
71:4d:c6:be:32:d9:66:9c:a5:fa:36:f2:73:32:48:
e7:7b:a0:d4:7f:39:8d:50:b0:56:9a:a6:6c:08:e8:
7c:e7:22:69:b8:b7:60:bc:2a:a4:d5:e0:40:02:d0:
1d:22:ae:d6:f3:32:b3:38:f1:21:4a:79:1d:c6:3f:
88:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F7:2B:A7:0A:A5:6F:EF:8C:FE:FC:99:BC:EA:D2:63:FD:21:1C:2F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:4000::/40
Signature Algorithm: sha256WithRSAEncryption
0f:4d:df:47:67:27:49:cd:25:a7:63:1b:b0:fa:97:c7:57:93:
a7:07:a9:d5:49:d7:fe:05:87:b2:ee:d3:bd:29:18:11:c4:3b:
e4:ad:7b:bc:c4:d0:34:80:ae:af:29:40:98:4f:8a:c5:69:da:
25:a2:4d:54:48:d6:93:91:37:f9:40:1f:3d:c9:4f:45:79:76:
57:97:9b:6a:95:28:78:26:fb:1d:9a:d4:b1:56:18:d8:ae:96:
96:2c:0c:95:9e:72:52:40:9a:f6:92:52:36:d7:c3:a6:20:2c:
19:6c:3e:cf:0e:e3:28:9f:a3:71:d0:b6:aa:a7:e3:57:5d:c3:
78:2c:5f:72:72:4b:fd:b2:dd:06:d7:75:37:93:0d:2a:35:16:
be:94:17:8d:a4:21:1a:64:06:fc:bc:3e:c1:f2:f0:27:07:24:
b4:6a:27:56:3a:6f:26:a4:06:47:79:3a:ca:75:6c:40:07:45:
9d:01:60:f1:16:a6:f9:8c:c3:c0:2a:74:17:b3:af:01:14:2d:
cc:6d:bf:42:a8:f7:10:3b:95:ca:9a:c5:0f:ad:f7:72:b0:2d:
84:fa:a9:3e:68:3d:0c:31:69:37:68:f6:67:4a:91:34:63:ee:
e4:71:53:88:ae:98:ba:1b:12:ff:af:c1:b8:8e:cf:81:a4:52:
35:d2:59:d8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKzn12KyKCrnfWVc2LSg71pbEV9gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlZTllYmZmNTk0OWJhZjMyYjFmZmJkY2IwYzQxY2JjNjJiZDhlYTQxZWJl
ZWNmNWIxNTU1NzFiNThmMTc4ZjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOvt2PI3mTAgRjdP62+xgfec3L3OltgLYZq5CakZOkiR0qT1Ma3ot9cIjICu
zJrdQcK/oC34fWmVy/qqvf0gUj3WHX+WNB5qy8FtBOoiOlUDUH6M7tj0st7dpA0q
TswwrHrBoZGiWaRdlBh5k98GuY6RPIDPftKaMRD2DAZhnfwuFnSmFbsHiOQbksY+
xrqRlFAc6PW8Axvd8QRQGfLHMxW0/dUrrJsf+qAIo0IH3bBwQbVHSbtDB5mWWzBv
x8Wf8vjdcU3GvjLZZpyl+jbyczJI53ug1H85jVCwVpqmbAjofOciabi3YLwqpNXg
QALQHSKu1vMyszjxIUp5HcY/iNUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRg9yun
CqVv74z+/Jm86tJj/SEcLzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmIyMTcxMGEtYTM3YS00NDc2LWFiNmItM2QwNzllOWQxY2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5A
MA0GCSqGSIb3DQEBCwUAA4IBAQAPTd9HZydJzSWnYxuw+pfHV5OnB6nVSdf+BYey
7tO9KRgRxDvkrXu8xNA0gK6vKUCYT4rFadolok1USNaTkTf5QB89yU9FeXZXl5tq
lSh4JvsdmtSxVhjYrpaWLAyVnnJSQJr2klI218OmICwZbD7PDuMon6Nx0Laqp+NX
XcN4LF9yckv9st0G13U3kw0qNRa+lBeNpCEaZAb8vD7B8vAnByS0aidWOm8mpAZH
eTrKdWxAB0WdAWDxFqb5jMPAKnQXs68BFC3Mbb9CqPcQO5XKmsUPrfdysC2E+qk+
aD0MMWk3aPZnSpE0Y+7kcVOIrpi6GxL/r8G4js+BpFI10lnY
-----END CERTIFICATE-----
Generated at Fri Apr 26 13:36:05 2024 by rpki-client on console-ams.rpki-client.org