Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c1a0d893-d091-4e78-abe8-b838de0acdb4.roa
File: c1a0d893-d091-4e78-abe8-b838de0acdb4.roa (raw, json)
Hash identifier: Cu0JHaPAw0iwCMZbvGq6UP4NqHLc3uZV3zC+WEg3sk4=
Subject key identifier: 69:3D:BC:61:91:5C:A4:D1:A9:86:46:94:4B:C9:A2:9A:CE:27:D6:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 40D0857D0B1D035C4DB73829697AF43374E1F6EB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c1a0d893-d091-4e78-abe8-b838de0acdb4.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 79.125.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:d0:85:7d:0b:1d:03:5c:4d:b7:38:29:69:7a:f4:33:74:e1:f6:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=ef639bfde49364168fab743495ee4aa5228e275cf663428a5438a9e6ed43267d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:93:b1:7a:2d:24:a0:03:a0:65:4f:e9:ab:dd:
04:5a:05:b4:03:72:25:d8:00:cf:5d:bd:13:b3:45:
83:11:99:9a:1c:69:fc:b7:cf:6e:05:7d:fd:04:8c:
a4:0b:cc:b9:db:ca:5e:7b:b3:3e:11:51:6e:13:ae:
e2:11:03:81:cf:fb:f8:e0:ad:2f:3d:b2:7a:28:d6:
ca:e3:93:6f:99:5a:ea:97:ce:ff:69:08:53:20:21:
35:8f:aa:a7:5e:c1:7b:83:dd:ee:fa:a8:63:5a:ec:
0f:18:b4:3d:e4:fb:97:32:0c:eb:5d:83:f0:cd:ee:
2f:08:d2:6e:c1:ac:bf:3d:ee:6e:a7:91:0c:b6:c3:
da:a1:5b:c2:f8:29:d8:82:ca:c8:88:44:65:c4:20:
ff:08:dd:3f:3f:89:74:7a:8e:12:f2:99:a2:74:40:
43:ae:eb:dc:80:54:e9:0e:4e:e2:e6:c2:eb:e6:48:
33:69:f0:98:06:15:19:ce:73:6f:df:49:09:ca:24:
0f:70:e3:b3:d4:74:eb:a4:96:e8:64:5c:c8:71:1d:
24:51:63:56:21:50:6f:a3:01:01:af:a7:f4:ba:0d:
92:ba:51:81:69:f5:c0:07:50:96:2e:4e:8f:d7:da:
e4:5d:36:23:26:ce:2f:c2:f7:0b:4d:23:15:a9:3f:
6b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:3D:BC:61:91:5C:A4:D1:A9:86:46:94:4B:C9:A2:9A:CE:27:D6:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c1a0d893-d091-4e78-abe8-b838de0acdb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.0.0/17
Signature Algorithm: sha256WithRSAEncryption
c9:55:b1:4f:40:5a:93:80:bd:7a:68:57:bc:2b:d9:06:89:5d:
b1:15:3b:04:89:7b:34:99:a7:bf:48:4d:cf:60:64:b4:3a:6e:
29:97:85:cd:a8:95:5a:ae:27:ae:bf:1b:2f:03:e8:70:b3:00:
f7:c7:24:d6:68:59:3d:8a:4c:b6:47:d5:5e:23:c7:a6:b8:a5:
4c:f3:1e:9f:97:85:43:95:b1:05:e2:1c:19:bf:1e:44:3a:00:
3e:b9:a3:0a:dd:b3:35:5f:fc:0a:dc:0e:b1:42:7d:4e:54:b4:
bf:ba:1c:5a:df:fd:fd:74:0f:c3:97:7b:99:9b:5f:ee:cd:49:
d8:c2:d4:42:4f:06:48:d5:9d:01:21:66:4c:cc:d1:00:37:c3:
27:ed:21:b5:8e:20:8b:10:ea:77:8c:0c:b4:af:09:24:60:2d:
74:18:38:77:13:ed:46:20:42:01:23:e6:5b:af:9b:32:78:5b:
f4:6d:59:b2:15:49:49:ad:06:b9:e9:c5:12:cb:f4:a1:a8:98:
d7:b2:8c:a4:af:45:f6:33:6a:d6:dc:60:60:cc:80:a1:7b:ef:
98:8f:e8:2c:7f:14:29:d1:8f:95:bb:94:8e:4a:d6:47:47:e7:
77:dd:79:b2:a8:b6:17:10:16:ae:4a:10:c3:33:98:a1:67:40:
da:7b:41:d6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQNCFfQsdA1xNtzgpaXr0M3Th9uswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmNjM5YmZkZTQ5MzY0MTY4ZmFiNzQzNDk1ZWU0YWE1MjI4ZTI3NWNmNjYz
NDI4YTU0MzhhOWU2ZWQ0MzI2N2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKKTsXotJKADoGVP6avdBFoFtANyJdgAz129E7NFgxGZmhxp/LfPbgV9/QSM
pAvMudvKXnuzPhFRbhOu4hEDgc/7+OCtLz2yeijWyuOTb5la6pfO/2kIUyAhNY+q
p17Be4Pd7vqoY1rsDxi0PeT7lzIM612D8M3uLwjSbsGsvz3ubqeRDLbD2qFbwvgp
2ILKyIhEZcQg/wjdPz+JdHqOEvKZonRAQ67r3IBU6Q5O4ubC6+ZIM2nwmAYVGc5z
b99JCcokD3Djs9R066SW6GRcyHEdJFFjViFQb6MBAa+n9LoNkrpRgWn1wAdQli5O
j9fa5F02IybOL8L3C00jFak/a8UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRpPbxh
kVyk0amGRpRLyaKazifW+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzFhMGQ4OTMtZDA5MS00ZTc4LWFiZTgtYjgzOGRlMGFjZGI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB099ADAN
BgkqhkiG9w0BAQsFAAOCAQEAyVWxT0Bak4C9emhXvCvZBoldsRU7BIl7NJmnv0hN
z2BktDpuKZeFzaiVWq4nrr8bLwPocLMA98ck1mhZPYpMtkfVXiPHprilTPMen5eF
Q5WxBeIcGb8eRDoAPrmjCt2zNV/8CtwOsUJ9TlS0v7ocWt/9/XQPw5d7mZtf7s1J
2MLUQk8GSNWdASFmTMzRADfDJ+0htY4gixDqd4wMtK8JJGAtdBg4dxPtRiBCASPm
W6+bMnhb9G1ZshVJSa0GuenFEsv0oaiY17KMpK9F9jNq1txgYMyAoXvvmI/oLH8U
KdGPlbuUjkrWR0fnd915sqi2FxAWrkoQwzOYoWdA2ntB1g==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:32 2024 by rpki-client on console-fra.rpki-client.org