Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
File: be1170a3-5a68-4c9c-8b51-b7efde64b945.roa (raw, json)
Hash identifier: 2SUKSjehfXw2jF3SeODmnFQsNjocOGlaDNLUjN+5nns=
Subject key identifier: E2:14:31:05:D4:80:63:15:1E:8F:08:62:5C:F3:6D:4C:81:C8:E7:6C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76BB093C3A25B25DB9A7E4F111BE5F876D66D739
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:bb:09:3c:3a:25:b2:5d:b9:a7:e4:f1:11:be:5f:87:6d:66:d7:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=4a8a6ddf70712f142997a8bd205e2ee26fb923f24025b6a1f25379e6e53a5a5c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:62:41:26:2f:84:b2:aa:c1:99:fe:6e:ec:b1:
25:0b:d1:ef:1a:98:62:78:af:01:45:cb:85:f7:0d:
3a:13:6f:21:be:d8:ad:f8:4c:f6:b6:6c:8f:f4:3a:
4a:23:8b:e3:5d:1b:37:43:69:23:18:4c:34:40:11:
04:5b:b3:8d:65:0a:43:fb:66:f9:cf:99:e1:4a:34:
ce:cc:7e:c3:b4:09:f4:25:1d:f2:2f:fb:ed:04:f2:
21:9f:9a:00:38:d6:a7:11:d8:c7:98:a3:63:b3:ca:
a9:22:d7:c9:00:cc:44:ea:59:24:bc:1e:6c:d3:93:
8c:c4:96:f9:36:c8:15:fd:65:f0:3a:65:c3:7a:45:
50:ed:f6:b4:98:fd:85:d0:1a:3c:02:20:1f:60:6d:
ab:96:00:ed:57:e2:1b:ee:35:fc:72:f4:28:ac:58:
be:60:15:06:05:f4:d6:c6:65:74:60:ef:05:7d:73:
81:5c:f6:46:53:c3:54:88:11:83:f8:f2:59:96:0d:
55:92:44:fb:a2:93:31:43:ab:36:25:55:61:25:e6:
3b:28:a8:e8:3d:9a:1f:28:ce:67:65:a8:81:3f:77:
7b:32:bd:0b:69:b3:ae:92:6f:85:dc:8e:d5:5a:36:
99:c6:b2:ee:b4:39:88:73:16:fa:74:c3:1d:71:c0:
14:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:14:31:05:D4:80:63:15:1E:8F:08:62:5C:F3:6D:4C:81:C8:E7:6C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:6000::/40
Signature Algorithm: sha256WithRSAEncryption
4b:fb:d5:07:1a:61:bd:1f:6e:6c:8c:93:51:ae:73:a0:5c:0f:
be:e7:a9:5f:ee:be:56:93:0b:54:a6:88:02:eb:b9:73:af:34:
dc:06:b9:cd:dd:a5:71:52:65:3d:77:aa:d0:50:47:f7:f4:bf:
7a:38:0b:56:b1:74:dd:5f:e0:84:fc:f3:e4:9f:19:3e:ac:ed:
79:60:9d:cd:03:7a:b8:c0:8d:bb:c4:ff:7e:6c:f8:cb:99:9c:
ee:93:af:b2:80:ed:16:88:85:5d:13:6e:d9:a9:20:66:d3:2d:
b0:0d:24:69:40:f7:42:11:2e:ef:68:aa:bf:c1:67:4d:91:6f:
5c:a4:52:cb:70:fb:d1:e9:7b:22:9a:23:1f:52:2c:eb:f4:b0:
f5:00:b5:5e:c2:4c:72:44:40:10:82:bd:8b:a2:56:50:22:b7:
86:b8:d7:e8:38:3d:47:88:f0:d9:8c:bc:82:58:8e:92:5f:ef:
d2:dc:46:f3:d8:36:d5:5d:e7:eb:53:83:5b:ee:e4:a3:66:bf:
d5:36:60:ae:d5:cc:3a:34:b6:99:0a:4d:70:d6:96:88:a4:1a:
04:e7:73:2f:d6:a0:52:ee:88:82:16:31:39:ea:30:de:70:f9:
7f:9b:f6:35:35:4f:26:99:b6:cc:72:24:41:8b:f1:fd:f7:99:
5a:7f:9c:53
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdrsJPDolsl25p+TxEb5fh21m1zkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhOGE2ZGRmNzA3MTJmMTQyOTk3YThiZDIwNWUyZWUyNmZiOTIzZjI0MDI1
YjZhMWYyNTM3OWU2ZTUzYTVhNWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRiQSYvhLKqwZn+buyxJQvR7xqYYnivAUXLhfcNOhNvIb7YrfhM9rZsj/Q6
SiOL410bN0NpIxhMNEARBFuzjWUKQ/tm+c+Z4Uo0zsx+w7QJ9CUd8i/77QTyIZ+a
ADjWpxHYx5ijY7PKqSLXyQDMROpZJLwebNOTjMSW+TbIFf1l8Dplw3pFUO32tJj9
hdAaPAIgH2Btq5YA7VfiG+41/HL0KKxYvmAVBgX01sZldGDvBX1zgVz2RlPDVIgR
g/jyWZYNVZJE+6KTMUOrNiVVYSXmOyio6D2aHyjOZ2WogT93ezK9C2mzrpJvhdyO
1Vo2mcay7rQ5iHMW+nTDHXHAFJECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTiFDEF
1IBjFR6PCGJc821MgcjnbDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmUxMTcwYTMtNWE2OC00YzljLThiNTEtYjdlZmRlNjRiOTQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFg
MA0GCSqGSIb3DQEBCwUAA4IBAQBL+9UHGmG9H25sjJNRrnOgXA++56lf7r5WkwtU
pogC67lzrzTcBrnN3aVxUmU9d6rQUEf39L96OAtWsXTdX+CE/PPknxk+rO15YJ3N
A3q4wI27xP9+bPjLmZzuk6+ygO0WiIVdE27ZqSBm0y2wDSRpQPdCES7vaKq/wWdN
kW9cpFLLcPvR6XsimiMfUizr9LD1ALVewkxyREAQgr2LolZQIreGuNfoOD1HiPDZ
jLyCWI6SX+/S3Ebz2DbVXefrU4Nb7uSjZr/VNmCu1cw6NLaZCk1w1paIpBoE53Mv
1qBS7oiCFjE56jDecPl/m/Y1NU8mmbbMciRBi/H995laf5xT
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:33 2024 by rpki-client on console-ams.rpki-client.org