Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bcc54b09-bf59-4a2e-b56b-ff5ead915cfb.roa
File: bcc54b09-bf59-4a2e-b56b-ff5ead915cfb.roa (raw, json)
Hash identifier: uQ4qqosVJrg3cL1iWErkRSv6V1xKDNjjLEQsLQI/5wc=
Subject key identifier: B2:77:BA:15:CE:70:F1:A1:DE:94:55:58:4A:61:3B:61:18:7C:35:27
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 70F64AB931A1205ECF93678306BE81EB6DD37190
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bcc54b09-bf59-4a2e-b56b-ff5ead915cfb.roa
Signing time: Fri 22 Nov 2024 00:00:00 +0000
ROA not before: Fri 22 Nov 2024 00:00:00 +0000
ROA not after: Fri 27 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:f6:4a:b9:31:a1:20:5e:cf:93:67:83:06:be:81:eb:6d:d3:71:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 22 00:00:00 2024 GMT
Not After : Dec 27 23:59:59 2024 GMT
Subject: serialNumber=e1bfff1eebfb25436e94d9c3faec874032d6e115e440b79909da4173c40abd0f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:7f:90:03:be:08:42:0e:86:fc:50:80:59:cf:
8e:18:87:d7:c8:32:35:a1:78:74:5f:d3:d4:cb:f3:
81:30:7b:14:52:f6:21:76:c7:30:a5:da:b4:e3:e3:
d4:46:80:fb:a7:7a:54:5a:3d:d3:bd:cc:56:b9:d0:
48:08:cd:c7:6d:cf:fd:34:23:d7:1a:33:b0:d7:45:
63:92:a8:08:dd:dd:6a:52:d6:5e:94:f1:35:e4:37:
f1:2e:74:4f:c1:bf:70:0e:c9:c6:e9:74:58:6b:be:
f1:2e:2d:44:cf:00:48:dc:1c:25:c3:a5:59:e1:10:
6b:19:a8:1f:77:0c:4a:74:16:3c:2e:a5:65:f5:99:
2d:f3:bb:b4:19:6c:9f:d4:3a:01:12:20:61:f9:96:
06:75:7e:8f:1c:3e:26:31:37:6a:28:da:66:e7:d2:
67:d2:dc:5b:c8:df:33:83:84:71:30:9a:bc:64:2f:
60:a9:42:9b:86:81:04:73:0a:c2:de:68:19:d6:1e:
fb:65:46:1e:65:dc:71:c5:7d:9d:a9:69:4c:4c:04:
bd:78:de:51:6c:d6:2d:b5:e6:2c:65:5f:70:9f:d8:
95:6a:92:c2:fd:70:51:c4:f8:aa:c3:7a:a8:20:88:
f9:31:16:38:a5:1c:6c:64:61:d5:1f:1e:dc:27:79:
4e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:77:BA:15:CE:70:F1:A1:DE:94:55:58:4A:61:3B:61:18:7C:35:27
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bcc54b09-bf59-4a2e-b56b-ff5ead915cfb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:4000::/40
Signature Algorithm: sha256WithRSAEncryption
3d:5a:76:d6:20:88:b1:00:a6:18:21:09:32:bf:4a:db:3d:15:
92:69:d4:3c:5c:35:57:67:d4:3c:c8:9d:6d:bc:41:da:16:d8:
98:81:d6:f2:c9:c3:31:8c:e4:a6:fc:2c:1e:9a:88:4e:d9:5a:
ed:47:81:39:21:7b:38:89:32:bc:f7:d4:cf:f9:b6:1e:44:c0:
c6:d0:d6:9f:55:ac:72:de:82:50:3d:61:d4:ab:31:73:7c:f5:
d9:ea:9a:9e:60:97:ba:85:4f:d6:b7:49:d6:97:6e:23:67:36:
dd:e8:7d:d7:6e:23:76:ab:80:df:b0:30:76:e8:9e:88:2a:ed:
c5:1c:8f:d6:27:3c:23:f5:ea:1e:74:1f:af:b9:ab:b1:c8:8b:
8c:f7:a0:bf:77:a9:91:55:e4:3d:6d:1f:9b:5d:39:70:ee:5f:
f0:8c:86:9e:b8:42:75:49:76:fc:f6:07:4a:81:13:95:45:e5:
0f:bd:eb:d1:d3:8a:a2:09:32:ae:19:4b:c8:0f:74:26:12:d4:
e2:7b:3b:19:f2:68:3a:20:d2:60:ac:ea:4c:1b:8f:73:15:d5:
df:15:36:ed:af:ef:a6:7e:47:17:49:27:85:ae:4f:ff:3b:c9:
c0:0a:ae:ab:3a:64:4a:7a:65:94:61:08:55:79:5c:46:17:07:
2b:0f:27:3d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcPZKuTGhIF7Pk2eDBr6B623TcZAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMjIwMDAwMDBaFw0yNDEyMjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxYmZmZjFlZWJmYjI1NDM2ZTk0ZDljM2ZhZWM4NzQwMzJkNmUxMTVlNDQw
Yjc5OTA5ZGE0MTczYzQwYWJkMGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPB/kAO+CEIOhvxQgFnPjhiH18gyNaF4dF/T1MvzgTB7FFL2IXbHMKXatOPj
1EaA+6d6VFo9073MVrnQSAjNx23P/TQj1xozsNdFY5KoCN3dalLWXpTxNeQ38S50
T8G/cA7Jxul0WGu+8S4tRM8ASNwcJcOlWeEQaxmoH3cMSnQWPC6lZfWZLfO7tBls
n9Q6ARIgYfmWBnV+jxw+JjE3aijaZufSZ9LcW8jfM4OEcTCavGQvYKlCm4aBBHMK
wt5oGdYe+2VGHmXcccV9nalpTEwEvXjeUWzWLbXmLGVfcJ/YlWqSwv1wUcT4qsN6
qCCI+TEWOKUcbGRh1R8e3Cd5ThsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSyd7oV
znDxod6UVVhKYTthGHw1JzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmNjNTRiMDktYmY1OS00YTJlLWI1NmItZmY1ZWFkOTE1Y2ZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HZA
MA0GCSqGSIb3DQEBCwUAA4IBAQA9WnbWIIixAKYYIQkyv0rbPRWSadQ8XDVXZ9Q8
yJ1tvEHaFtiYgdbyycMxjOSm/CwemohO2VrtR4E5IXs4iTK899TP+bYeRMDG0Naf
Vaxy3oJQPWHUqzFzfPXZ6pqeYJe6hU/Wt0nWl24jZzbd6H3XbiN2q4DfsDB26J6I
Ku3FHI/WJzwj9eoedB+vuauxyIuM96C/d6mRVeQ9bR+bXTlw7l/wjIaeuEJ1SXb8
9gdKgROVReUPvevR04qiCTKuGUvID3QmEtTiezsZ8mg6INJgrOpMG49zFdXfFTbt
r++mfkcXSSeFrk//O8nACq6rOmRKemWUYQhVeVxGFwcrDyc9
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:45 2024 by rpki-client on console-ams.rpki-client.org