Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bcc54b09-bf59-4a2e-b56b-ff5ead915cfb.roa
File: bcc54b09-bf59-4a2e-b56b-ff5ead915cfb.roa (raw, json)
Hash identifier: j4351t0C1xOHIqez2N/bzMdtWCQzMjbgABhhDps0DL0=
Subject key identifier: 07:02:88:EB:9E:7B:18:D6:15:FF:AC:88:F8:16:CC:B0:3B:30:CB:0C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 647D68425DCD11D6ADEA87D0939D23ED86AE96B2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bcc54b09-bf59-4a2e-b56b-ff5ead915cfb.roa
Signing time: Tue 09 Apr 2024 00:00:00 +0000
ROA not before: Tue 09 Apr 2024 00:00:00 +0000
ROA not after: Tue 14 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 02:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:7d:68:42:5d:cd:11:d6:ad:ea:87:d0:93:9d:23:ed:86:ae:96:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 9 00:00:00 2024 GMT
Not After : May 14 23:59:59 2024 GMT
Subject: serialNumber=502ffbc0601316fcadf42e54b998ce8a3683d940775c2e7492aee1ce2690a96b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:71:48:f7:e4:1f:16:f4:4e:59:02:fb:f2:f3:
7e:95:68:94:43:75:80:47:e3:23:49:78:a2:83:86:
e0:df:60:5b:24:c1:2d:ee:5d:55:45:60:a7:8a:f2:
3b:36:ea:78:77:e4:ef:8c:13:58:7b:07:ee:cc:65:
b4:00:26:46:be:63:d9:81:df:cf:ba:19:02:ab:af:
9e:9d:f9:3c:2a:f6:94:4f:4c:b0:47:6b:bd:b4:39:
aa:f5:62:d8:e2:55:19:5e:24:c6:09:9c:73:48:bf:
c0:52:3b:bd:a7:ab:49:af:6b:44:28:e3:73:e9:b6:
e5:57:17:6b:a7:9f:46:f8:42:ea:56:bb:ae:01:4d:
d4:c6:37:56:fe:c2:91:20:44:fc:96:ad:0f:e6:f4:
bf:ba:45:57:73:68:9e:3d:3c:8a:40:8c:a7:1a:0f:
9d:07:b7:0c:d8:b8:e9:fa:cf:58:70:e2:9c:5a:c6:
c5:cb:83:60:7a:a1:bc:6f:d4:f5:d8:96:3f:c0:b6:
a4:a1:79:cd:6b:b4:f0:e8:8d:17:2b:c9:3c:82:55:
86:a5:fd:6f:78:cf:e5:62:b1:74:0d:21:9d:f3:8c:
19:94:bc:17:ba:27:64:ed:b5:a9:48:cc:57:b3:ae:
10:ad:0d:b6:35:a9:5f:1b:80:fb:65:11:e1:fc:f4:
aa:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:02:88:EB:9E:7B:18:D6:15:FF:AC:88:F8:16:CC:B0:3B:30:CB:0C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bcc54b09-bf59-4a2e-b56b-ff5ead915cfb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:4000::/40
Signature Algorithm: sha256WithRSAEncryption
19:6d:bb:20:c0:1b:ae:85:05:d2:ae:c3:1e:23:c8:8e:dc:ca:
98:03:4a:09:62:66:dc:f3:87:db:b2:9f:76:8d:f9:92:1d:8f:
74:c7:7c:36:b6:55:72:bf:43:94:c0:99:ca:fb:5d:cb:e6:31:
fc:35:e6:f1:22:93:d0:8b:3a:82:26:85:fb:cb:fb:6b:7d:75:
fa:14:b6:fb:06:ad:b9:ac:30:b8:58:c1:04:5d:02:25:d1:a9:
39:d4:33:03:ff:55:1b:c7:5a:3a:7d:a8:a1:cb:da:96:cd:c8:
fd:31:2d:f9:ad:e3:29:f9:6c:8f:29:9f:28:3b:9c:3a:98:55:
50:40:9b:ec:5f:d4:3b:10:20:40:43:9f:0f:c2:64:48:6b:f6:
38:30:78:89:77:a9:b4:19:00:47:53:6e:88:9a:65:f1:61:2d:
42:57:3b:79:f5:b6:8c:75:38:62:af:d7:72:96:ed:b3:10:21:
68:9b:6e:f1:1d:ec:a1:2e:88:77:37:0a:d4:f7:de:88:0d:66:
66:19:5c:16:58:9d:72:cf:a6:94:d8:58:26:65:3b:33:b9:8c:
3f:00:df:7c:e9:a5:bc:18:d9:3f:85:5f:19:93:08:27:eb:ef:
f3:a8:97:26:fd:cf:29:cb:20:68:c5:8c:e2:d1:59:35:8f:e0:
b8:b5:34:c7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZH1oQl3NEdat6ofQk50j7YaulrIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDkwMDAwMDBaFw0yNDA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwMmZmYmMwNjAxMzE2ZmNhZGY0MmU1NGI5OThjZThhMzY4M2Q5NDA3NzVj
MmU3NDkyYWVlMWNlMjY5MGE5NmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANFxSPfkHxb0TlkC+/LzfpVolEN1gEfjI0l4ooOG4N9gWyTBLe5dVUVgp4ry
OzbqeHfk74wTWHsH7sxltAAmRr5j2YHfz7oZAquvnp35PCr2lE9MsEdrvbQ5qvVi
2OJVGV4kxgmcc0i/wFI7vaerSa9rRCjjc+m25VcXa6efRvhC6la7rgFN1MY3Vv7C
kSBE/JatD+b0v7pFV3Nonj08ikCMpxoPnQe3DNi46frPWHDinFrGxcuDYHqhvG/U
9diWP8C2pKF5zWu08OiNFyvJPIJVhqX9b3jP5WKxdA0hnfOMGZS8F7onZO21qUjM
V7OuEK0NtjWpXxuA+2UR4fz0qoUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQHAojr
nnsY1hX/rIj4FsywOzDLDDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmNjNTRiMDktYmY1OS00YTJlLWI1NmItZmY1ZWFkOTE1Y2ZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HZA
MA0GCSqGSIb3DQEBCwUAA4IBAQAZbbsgwBuuhQXSrsMeI8iO3MqYA0oJYmbc84fb
sp92jfmSHY90x3w2tlVyv0OUwJnK+13L5jH8NebxIpPQizqCJoX7y/trfXX6FLb7
Bq25rDC4WMEEXQIl0ak51DMD/1Ubx1o6faihy9qWzcj9MS35reMp+WyPKZ8oO5w6
mFVQQJvsX9Q7ECBAQ58PwmRIa/Y4MHiJd6m0GQBHU26ImmXxYS1CVzt59baMdThi
r9dylu2zECFom27xHeyhLoh3NwrU996IDWZmGVwWWJ1yz6aU2FgmZTszuYw/AN98
6aW8GNk/hV8Zkwgn6+/zqJcm/c8pyyBoxYzi0Vk1j+C4tTTH
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:17:11 2024 by rpki-client on console-ams.rpki-client.org