Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c1f61529-4ff8-4380-a3cb-87884046881d.roa
File: c1f61529-4ff8-4380-a3cb-87884046881d.roa (raw, json)
Hash identifier: DT2IZ8zIOH3kt+O/1vNEMoN0V9ZHq5hdsGYTTuMvgtY=
Subject key identifier: E6:1D:2B:33:CD:0B:E7:59:43:B8:9A:2E:5F:05:38:72:DB:D9:43:23
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 60CE1C23342AC3A7348B712A746F42EC65D9702C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c1f61529-4ff8-4380-a3cb-87884046881d.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:ce:1c:23:34:2a:c3:a7:34:8b:71:2a:74:6f:42:ec:65:d9:70:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=6bbb3808541459de41002a0689ef8c98c6c94b9e2e9345e4398a905af84722d3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c3:6f:62:61:b2:1a:68:04:0a:5b:8d:41:05:
d4:2f:41:b2:be:e1:1d:4c:f4:58:22:17:39:0a:e4:
3e:ed:8d:70:ad:2f:43:2c:3d:70:10:19:8c:74:0f:
1d:84:8d:db:35:5e:61:75:d2:2e:d2:0b:ff:66:f3:
0e:ee:44:53:a2:d8:72:da:75:3f:47:cc:37:17:c1:
e7:29:6c:a1:57:f3:29:d1:cc:0a:ad:36:98:b1:07:
ba:24:20:bd:03:e7:58:1e:bd:1e:da:3b:25:d6:25:
db:04:65:15:e8:4e:bc:6e:b2:3f:75:93:f9:42:cc:
0d:f1:17:82:12:ec:1c:7e:33:ab:63:eb:2a:c9:38:
62:36:d9:dc:57:50:22:78:8e:3d:22:96:57:18:0f:
aa:d7:58:68:12:9c:94:e6:e5:bd:56:7a:05:35:0a:
3e:1a:3e:a4:a7:e4:9a:96:8d:91:ff:07:04:3a:8d:
4a:8d:14:89:cd:4e:55:f2:b4:0c:85:93:66:5f:ab:
99:43:7a:71:76:bd:80:a5:80:21:17:99:1c:5b:1b:
7e:81:97:a7:8b:df:31:b5:3b:ca:8b:a4:2f:38:52:
37:55:2a:0b:5c:6b:85:63:97:b9:b0:20:58:73:97:
4c:32:99:31:9f:9b:6c:71:b7:8a:35:32:a1:af:d5:
f8:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:1D:2B:33:CD:0B:E7:59:43:B8:9A:2E:5F:05:38:72:DB:D9:43:23
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c1f61529-4ff8-4380-a3cb-87884046881d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8000::/40
Signature Algorithm: sha256WithRSAEncryption
a7:8d:52:e5:fb:9d:46:ba:48:d1:b9:00:35:75:e3:80:bd:2d:
e4:a6:7c:98:da:bc:73:ca:00:fd:80:65:a6:f0:28:06:59:b9:
7a:ea:d1:67:88:78:41:9e:d5:ac:07:ef:33:78:68:fc:eb:47:
7e:3d:2c:35:ea:56:ac:a2:f0:78:5c:65:99:26:06:f7:e5:b6:
09:8a:df:86:87:1c:aa:5a:1f:4f:0b:25:8f:b6:8f:7b:2f:88:
7d:66:f9:87:1e:9e:4e:f7:61:95:97:be:7b:ce:34:f6:30:f8:
45:cf:51:71:e1:66:7f:3b:a6:ff:79:85:87:12:af:01:3c:1c:
89:f6:32:31:e9:07:fa:28:89:ec:6b:3e:8e:d7:69:1e:f0:fe:
e0:ff:aa:31:50:2d:aa:2c:57:c0:b9:f6:91:a5:f9:69:6c:a5:
55:55:51:35:cc:a5:97:32:ba:f9:03:a1:ae:b1:00:ce:30:a3:
b3:c5:a4:f3:4b:3b:41:66:80:ae:1a:a9:86:74:a3:c9:d6:96:
15:27:79:24:3d:82:3c:34:bd:14:fd:d4:96:01:84:f6:49:b4:
a2:d3:5c:ea:7a:2b:e6:1f:1d:ab:da:4c:a2:0d:9a:58:8e:fe:
da:11:65:e4:27:14:dc:24:63:bf:ac:b2:e4:57:c4:b6:f0:d3:
51:51:c0:a7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYM4cIzQqw6c0i3EqdG9C7GXZcCwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiYmIzODA4NTQxNDU5ZGU0MTAwMmEwNjg5ZWY4Yzk4YzZjOTRiOWUyZTkz
NDVlNDM5OGE5MDVhZjg0NzIyZDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJfDb2JhshpoBApbjUEF1C9Bsr7hHUz0WCIXOQrkPu2NcK0vQyw9cBAZjHQP
HYSN2zVeYXXSLtIL/2bzDu5EU6LYctp1P0fMNxfB5ylsoVfzKdHMCq02mLEHuiQg
vQPnWB69Hto7JdYl2wRlFehOvG6yP3WT+ULMDfEXghLsHH4zq2PrKsk4YjbZ3FdQ
IniOPSKWVxgPqtdYaBKclOblvVZ6BTUKPho+pKfkmpaNkf8HBDqNSo0Uic1OVfK0
DIWTZl+rmUN6cXa9gKWAIReZHFsbfoGXp4vfMbU7youkLzhSN1UqC1xrhWOXubAg
WHOXTDKZMZ+bbHG3ijUyoa/V+IcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTmHSsz
zQvnWUO4mi5fBThy29lDIzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzFmNjE1MjktNGZmOC00MzgwLWEzY2ItODc4ODQwNDY4ODFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKA
MA0GCSqGSIb3DQEBCwUAA4IBAQCnjVLl+51GukjRuQA1deOAvS3kpnyY2rxzygD9
gGWm8CgGWbl66tFniHhBntWsB+8zeGj860d+PSw16lasovB4XGWZJgb35bYJit+G
hxyqWh9PCyWPto97L4h9ZvmHHp5O92GVl757zjT2MPhFz1Fx4WZ/O6b/eYWHEq8B
PByJ9jIx6Qf6KInsaz6O12ke8P7g/6oxUC2qLFfAufaRpflpbKVVVVE1zKWXMrr5
A6GusQDOMKOzxaTzSztBZoCuGqmGdKPJ1pYVJ3kkPYI8NL0U/dSWAYT2SbSi01zq
eivmHx2r2kyiDZpYjv7aEWXkJxTcJGO/rLLkV8S28NNRUcCn
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:45 2024 by rpki-client on console-ams.rpki-client.org