Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c176d4fe-de46-4300-a277-59c0c15d8d82.roa
File: c176d4fe-de46-4300-a277-59c0c15d8d82.roa (raw, json)
Hash identifier: SnN6Ztx5PrCJn1ycLxyIgMYe9fZOr6CcUSkQBlI0zhM=
Subject key identifier: D2:41:BE:A8:80:CD:1C:6A:F0:66:AD:48:D3:CB:5A:0D:FC:A9:C5:52
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D539B757B9FC819A24F3D61FB7C4909343E690B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c176d4fe-de46-4300-a277-59c0c15d8d82.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Apr 2024 19:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:53:9b:75:7b:9f:c8:19:a2:4f:3d:61:fb:7c:49:09:34:3e:69:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=d142899ae1811ea22f3472822cd3ed0d5dc7b9d84fefb8e6f9728501eccc150d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:05:8c:06:7e:25:c3:b1:1b:13:f5:80:4f:19:
1d:13:fa:1f:95:03:e3:cc:08:d2:bf:26:0d:d8:db:
09:df:d7:e1:4f:63:11:02:d7:d6:28:cb:36:d8:2b:
02:7a:c5:f0:c1:df:d3:86:c6:8f:4f:8d:aa:d3:bc:
d9:46:a1:09:a0:82:10:b6:e8:bf:0c:35:a8:40:b2:
e3:a4:14:9d:b1:7b:25:c4:32:5f:c1:ab:b9:94:b4:
ab:84:5d:0c:c8:6f:76:2e:07:e8:fc:85:8e:d7:43:
a3:a3:f0:ab:bc:8a:1b:2d:2e:30:46:e4:e0:98:e5:
2d:ca:ef:69:b6:11:cf:8f:bd:fc:11:a5:31:d8:e9:
1c:93:7a:c6:4c:94:07:77:dc:96:83:f4:74:88:20:
98:c8:96:c5:dd:e2:02:62:3c:d6:f3:e0:55:98:a2:
39:8f:0c:a2:93:1c:50:a6:20:7b:d3:59:db:3c:70:
62:5d:a9:01:b7:63:36:57:6c:14:66:4f:51:a9:9e:
2b:5c:0e:e3:fd:bb:8c:a8:eb:56:de:8b:f1:b0:d7:
f1:1e:58:32:f0:3d:4d:98:3a:bf:ab:9f:51:1b:d9:
79:10:c2:9a:21:a0:a6:ef:66:6e:29:7c:69:ac:6b:
af:a8:5c:6b:17:f7:1c:2e:75:21:5a:2a:fc:60:11:
d3:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:41:BE:A8:80:CD:1C:6A:F0:66:AD:48:D3:CB:5A:0D:FC:A9:C5:52
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c176d4fe-de46-4300-a277-59c0c15d8d82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:2000::/40
Signature Algorithm: sha256WithRSAEncryption
15:ea:1e:fc:8a:f7:34:9d:05:51:8f:a4:f9:03:a7:c3:0a:35:
86:2e:b4:68:70:c0:40:51:ea:07:e8:63:8a:20:35:ca:5a:bf:
58:5d:78:1a:98:4a:40:1f:41:a9:b2:fd:9f:34:0c:49:ef:1b:
0b:cc:9b:78:52:dd:94:29:cd:6b:a6:87:69:b6:da:88:2b:8b:
c8:a0:86:ce:be:6d:6e:db:9d:d2:a6:11:12:1c:44:b5:4f:a1:
fe:54:54:d9:85:17:2e:5b:c5:44:f2:66:55:6c:18:b1:f7:fd:
ba:3a:a8:9c:da:f4:db:3a:ac:19:2b:99:40:62:45:5c:08:c8:
f3:5e:8d:12:61:af:d4:b4:49:c5:65:cd:8b:8b:36:0b:a0:5f:
0a:a0:fe:68:fc:76:77:ea:28:4d:1c:b2:b4:ed:99:5f:65:4b:
ad:2e:2f:a0:d5:cd:b9:a0:c4:e0:4e:78:cd:6f:a8:a3:5f:49:
c2:1f:0c:5f:71:01:d9:2a:45:14:92:17:98:32:4d:d5:6b:3b:
49:a2:cb:03:73:28:0c:cb:ba:a5:a9:79:20:f8:38:fc:82:38:
67:67:3e:a2:37:09:53:fc:13:93:30:41:c5:f9:b7:a9:66:5e:
72:bd:41:0f:89:69:41:bf:4a:d7:f5:6a:d5:51:70:95:0f:ab:
d2:fa:31:f8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbVObdXufyBmiTz1h+3xJCTQ+aQswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxNDI4OTlhZTE4MTFlYTIyZjM0NzI4MjJjZDNlZDBkNWRjN2I5ZDg0ZmVm
YjhlNmY5NzI4NTAxZWNjYzE1MGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEFjAZ+JcOxGxP1gE8ZHRP6H5UD48wI0r8mDdjbCd/X4U9jEQLX1ijLNtgr
AnrF8MHf04bGj0+NqtO82UahCaCCELbovww1qECy46QUnbF7JcQyX8GruZS0q4Rd
DMhvdi4H6PyFjtdDo6Pwq7yKGy0uMEbk4JjlLcrvabYRz4+9/BGlMdjpHJN6xkyU
B3fcloP0dIggmMiWxd3iAmI81vPgVZiiOY8MopMcUKYge9NZ2zxwYl2pAbdjNlds
FGZPUameK1wO4/27jKjrVt6L8bDX8R5YMvA9TZg6v6ufURvZeRDCmiGgpu9mbil8
aaxrr6hcaxf3HC51IVoq/GAR098CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTSQb6o
gM0cavBmrUjTy1oN/KnFUjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzE3NmQ0ZmUtZGU0Ni00MzAwLWEyNzctNTljMGMxNWQ4ZDgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAg
MA0GCSqGSIb3DQEBCwUAA4IBAQAV6h78ivc0nQVRj6T5A6fDCjWGLrRocMBAUeoH
6GOKIDXKWr9YXXgamEpAH0Gpsv2fNAxJ7xsLzJt4Ut2UKc1rpodpttqIK4vIoIbO
vm1u253SphESHES1T6H+VFTZhRcuW8VE8mZVbBix9/26Oqic2vTbOqwZK5lAYkVc
CMjzXo0SYa/UtEnFZc2LizYLoF8KoP5o/HZ36ihNHLK07ZlfZUutLi+g1c25oMTg
TnjNb6ijX0nCHwxfcQHZKkUUkheYMk3VaztJossDcygMy7qlqXkg+Dj8gjhnZz6i
NwlT/BOTMEHF+bepZl5yvUEPiWlBv0rX9WrVUXCVD6vS+jH4
-----END CERTIFICATE-----
Generated at Tue Apr 16 01:10:12 2024 by rpki-client on console-fra.rpki-client.org