Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c1f61529-4ff8-4380-a3cb-87884046881d.roa
File: c1f61529-4ff8-4380-a3cb-87884046881d.roa (raw, json)
Hash identifier: vxg0suEdgWcnUP308FdbCJPhJJQjQoQpDB++yO7YAfc=
Subject key identifier: 82:90:B6:F6:0F:0E:D1:14:C1:45:1F:15:44:2F:D1:37:05:B9:19:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 658B5F7D9B9193C205275CBFBFD5875102693AC8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c1f61529-4ff8-4380-a3cb-87884046881d.roa
Signing time: Fri 29 Mar 2024 00:00:00 +0000
ROA not before: Fri 29 Mar 2024 00:00:00 +0000
ROA not after: Fri 03 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:8b:5f:7d:9b:91:93:c2:05:27:5c:bf:bf:d5:87:51:02:69:3a:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 29 00:00:00 2024 GMT
Not After : May 3 23:59:59 2024 GMT
Subject: serialNumber=cdb5d3298069b20d96e289ee551486a1740a1ba8025b368403791bf6a6d03fd4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:15:09:be:ec:7a:ec:3d:d8:80:84:0d:9b:30:
8d:30:2f:5f:c7:70:8d:4c:ee:c5:0f:ca:7b:12:3b:
de:59:fb:d8:87:a6:c6:a1:f6:4b:2c:30:5c:45:04:
d3:2e:d0:bf:a6:c3:87:df:ea:90:2a:cb:80:5d:0a:
d8:e6:08:15:9b:24:89:65:ad:f5:8b:59:f7:cd:05:
cd:ab:21:31:9b:fd:9d:c7:58:a2:28:c9:70:dd:66:
16:c0:b2:c0:b0:a3:89:c9:d0:e0:f3:5f:6c:bd:74:
fb:75:c4:50:f0:e4:da:00:3e:48:c5:9d:0c:26:07:
2d:f5:81:c8:3b:25:9f:ff:47:2e:f8:d2:93:5f:dc:
38:39:41:c5:24:04:6d:d0:35:fd:0e:41:c0:89:4c:
4b:bb:96:9f:9c:cc:95:75:e6:1a:e1:e2:10:20:29:
7c:4d:2b:01:dc:14:b2:db:cd:7c:67:82:7d:14:d2:
e1:b3:ca:dd:f3:26:99:91:51:d6:19:2f:7f:ec:d9:
6b:49:47:e4:0e:f5:d6:08:e7:a9:ff:93:ec:0a:e8:
24:1e:e5:18:2f:76:3c:12:ac:02:9c:9f:e3:29:64:
8c:fe:39:59:90:89:05:40:c2:78:73:f5:ab:84:92:
84:42:3c:e5:24:12:c6:45:c5:6f:28:6b:53:14:0c:
42:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:90:B6:F6:0F:0E:D1:14:C1:45:1F:15:44:2F:D1:37:05:B9:19:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c1f61529-4ff8-4380-a3cb-87884046881d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8000::/40
Signature Algorithm: sha256WithRSAEncryption
c6:70:fd:37:9b:92:94:20:24:2d:4a:a7:30:6b:2b:18:24:75:
cd:13:8b:05:5c:92:2e:59:27:d2:69:02:52:13:99:55:04:84:
f7:c5:99:f2:92:a9:1e:6f:5a:09:29:b4:72:c6:13:89:15:c9:
3d:03:f0:89:bf:da:1c:ff:17:5e:e2:44:6c:2f:5a:2a:e4:21:
24:a6:c6:1a:3b:1e:4e:bb:3c:63:27:8e:f8:45:36:95:9e:6e:
c9:c6:90:8b:a2:c6:84:c8:c5:52:d9:03:b4:d6:39:b5:6f:c6:
42:34:81:e9:88:0c:c1:4e:bf:ac:15:dc:b7:29:c5:55:27:69:
3b:5a:e8:42:54:06:7f:9a:28:ca:5c:e5:38:1a:42:65:33:c9:
ee:7d:52:c2:52:a2:39:de:03:0d:d9:e5:9e:43:ba:46:6b:80:
c9:ee:b8:db:61:23:8b:80:2a:0f:cf:96:f9:9e:21:f2:e8:36:
eb:5c:c3:a3:05:6c:e0:ec:7b:02:14:a6:b0:d0:de:78:0d:0c:
d5:27:db:ce:e0:7a:e4:ff:68:cb:c0:0a:aa:c3:a6:ca:cd:3b:
63:f2:18:6c:96:e6:c7:1b:99:9e:f5:b0:06:5e:15:e0:b4:57:
8b:eb:6f:16:72:f0:41:50:81:b8:72:e1:ac:8e:bd:62:b0:22:
3b:34:eb:2d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZYtffZuRk8IFJ1y/v9WHUQJpOsgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDAzMjkwMDAwMDBaFw0yNDA1MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkYjVkMzI5ODA2OWIyMGQ5NmUyODllZTU1MTQ4NmExNzQwYTFiYTgwMjVi
MzY4NDAzNzkxYmY2YTZkMDNmZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMVCb7seuw92ICEDZswjTAvX8dwjUzuxQ/KexI73ln72IemxqH2SywwXEUE
0y7Qv6bDh9/qkCrLgF0K2OYIFZskiWWt9YtZ980FzashMZv9ncdYoijJcN1mFsCy
wLCjicnQ4PNfbL10+3XEUPDk2gA+SMWdDCYHLfWByDsln/9HLvjSk1/cODlBxSQE
bdA1/Q5BwIlMS7uWn5zMlXXmGuHiECApfE0rAdwUstvNfGeCfRTS4bPK3fMmmZFR
1hkvf+zZa0lH5A711gjnqf+T7AroJB7lGC92PBKsApyf4ylkjP45WZCJBUDCeHP1
q4SShEI85SQSxkXFbyhrUxQMQnsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSCkLb2
Dw7RFMFFHxVEL9E3BbkZAjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzFmNjE1MjktNGZmOC00MzgwLWEzY2ItODc4ODQwNDY4ODFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKA
MA0GCSqGSIb3DQEBCwUAA4IBAQDGcP03m5KUICQtSqcwaysYJHXNE4sFXJIuWSfS
aQJSE5lVBIT3xZnykqkeb1oJKbRyxhOJFck9A/CJv9oc/xde4kRsL1oq5CEkpsYa
Ox5OuzxjJ474RTaVnm7JxpCLosaEyMVS2QO01jm1b8ZCNIHpiAzBTr+sFdy3KcVV
J2k7WuhCVAZ/mijKXOU4GkJlM8nufVLCUqI53gMN2eWeQ7pGa4DJ7rjbYSOLgCoP
z5b5niHy6DbrXMOjBWzg7HsCFKaw0N54DQzVJ9vO4Hrk/2jLwAqqw6bKzTtj8hhs
lubHG5me9bAGXhXgtFeL628WcvBBUIG4cuGsjr1isCI7NOst
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:02:32 2024 by rpki-client on console-fra.rpki-client.org