Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c44d3640-5b10-4e27-a9a8-e3a689b9244e.roa
File: c44d3640-5b10-4e27-a9a8-e3a689b9244e.roa (raw, json)
Hash identifier: Monn+c+mBaNFQLibcZIbWt9BduAomnRenTdy2HmZMuk=
Subject key identifier: 9A:FB:C2:23:FD:2E:06:BF:BC:CF:53:43:87:82:1E:54:FA:C2:6D:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6FCA86CD1F24806A685C8D52655B89C67E84BAEB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c44d3640-5b10-4e27-a9a8-e3a689b9244e.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:ca:86:cd:1f:24:80:6a:68:5c:8d:52:65:5b:89:c6:7e:84:ba:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=3d252378e40924ba519f60f34054bdc9d36e0c060c287cbc525a16c6cf5342b3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:47:da:d0:43:fb:47:3a:75:36:1c:e7:07:cd:
82:03:22:e4:a9:14:9d:35:a0:6e:69:fa:34:bf:ae:
8e:47:5a:f8:8c:ae:78:3f:b0:7e:e8:2f:bb:f4:4b:
a1:a5:fa:cf:68:c3:b4:b6:46:34:b5:02:04:94:57:
ff:6c:55:b7:10:d4:37:6b:98:c9:c0:f0:d5:f1:bc:
53:72:80:43:ed:4e:7b:f8:86:cb:60:26:fe:f0:1a:
44:11:77:4e:8a:05:50:ab:ab:1b:45:36:87:59:de:
c0:11:24:4b:c3:78:98:71:fd:f2:31:8e:5c:55:58:
f4:2f:c5:db:bc:46:82:1e:97:28:46:6a:07:72:c3:
54:10:21:f4:9f:0e:53:6c:58:6f:78:af:2c:8d:e4:
e5:69:82:ea:7c:f5:59:ad:7b:b4:7f:1f:bf:1f:2a:
67:af:97:fc:b9:7a:5e:9a:de:fb:af:6d:77:c8:a0:
88:44:63:1a:2e:aa:e8:3b:99:92:41:06:cd:ce:37:
bd:cc:f8:d3:6e:50:10:1d:ee:ce:45:db:2b:9a:ae:
85:14:5d:4e:d2:ef:9c:30:db:c7:3e:2f:9d:3a:fa:
ec:e9:48:72:46:77:84:3a:37:72:8c:28:a2:05:90:
e7:52:e8:20:a8:c4:dc:28:8f:15:a9:22:c7:04:25:
35:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:FB:C2:23:FD:2E:06:BF:BC:CF:53:43:87:82:1E:54:FA:C2:6D:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c44d3640-5b10-4e27-a9a8-e3a689b9244e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c:8000::/40
Signature Algorithm: sha256WithRSAEncryption
c0:ae:7a:fc:d4:d0:fd:11:59:48:58:57:c8:6f:9c:cc:f1:dc:
58:f3:29:4e:21:54:5a:91:47:bd:20:bb:bb:fe:33:f7:65:82:
8e:f7:8d:06:64:a1:aa:29:28:c1:6d:56:fc:45:53:23:72:9d:
2f:c3:e8:d3:3b:45:32:e8:09:53:39:0c:c2:23:90:59:2c:19:
fc:3d:15:63:74:e0:ff:f3:aa:c6:e0:f2:7f:99:6d:86:b9:42:
b5:0e:df:49:21:32:96:9a:34:7d:54:d7:10:18:28:f2:05:52:
01:19:b0:d4:80:ea:f8:86:4f:51:d2:76:d9:8b:e6:40:06:26:
ae:9a:ef:f7:39:f5:3d:c8:02:fe:cf:33:3f:ae:ae:c3:03:a0:
76:20:83:a9:b6:41:14:fe:60:59:dd:76:17:14:ea:ab:be:48:
40:15:36:4f:a2:eb:c7:bc:73:ef:8f:f4:21:15:7c:eb:f9:e6:
11:80:d4:fd:52:d5:c0:2f:37:35:ca:d2:1f:16:6c:18:00:f9:
27:f2:f3:64:e2:89:31:1e:80:da:bf:b2:71:3f:2d:e5:61:52:
d6:57:f0:d9:68:fc:40:d8:32:f9:3f:54:83:16:28:d6:42:6d:
97:4c:68:a2:61:63:8d:5f:87:7c:9c:d9:70:67:41:df:8c:a6:
ac:86:a9:fd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUb8qGzR8kgGpoXI1SZVuJxn6EuuswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkMjUyMzc4ZTQwOTI0YmE1MTlmNjBmMzQwNTRiZGM5ZDM2ZTBjMDYwYzI4
N2NiYzUyNWExNmM2Y2Y1MzQyYjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJVH2tBD+0c6dTYc5wfNggMi5KkUnTWgbmn6NL+ujkda+IyueD+wfugvu/RL
oaX6z2jDtLZGNLUCBJRX/2xVtxDUN2uYycDw1fG8U3KAQ+1Oe/iGy2Am/vAaRBF3
TooFUKurG0U2h1newBEkS8N4mHH98jGOXFVY9C/F27xGgh6XKEZqB3LDVBAh9J8O
U2xYb3ivLI3k5WmC6nz1Wa17tH8fvx8qZ6+X/Ll6Xpre+69td8igiERjGi6q6DuZ
kkEGzc43vcz4025QEB3uzkXbK5quhRRdTtLvnDDbxz4vnTr67OlIckZ3hDo3cowo
ogWQ51LoIKjE3CiPFakixwQlNbcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSa+8Ij
/S4Gv7zPU0OHgh5U+sJtnDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzQ0ZDM2NDAtNWIxMC00ZTI3LWE5YTgtZTNhNjg5YjkyNDRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HyA
MA0GCSqGSIb3DQEBCwUAA4IBAQDArnr81ND9EVlIWFfIb5zM8dxY8ylOIVRakUe9
ILu7/jP3ZYKO940GZKGqKSjBbVb8RVMjcp0vw+jTO0Uy6AlTOQzCI5BZLBn8PRVj
dOD/86rG4PJ/mW2GuUK1Dt9JITKWmjR9VNcQGCjyBVIBGbDUgOr4hk9R0nbZi+ZA
Biaumu/3OfU9yAL+zzM/rq7DA6B2IIOptkEU/mBZ3XYXFOqrvkhAFTZPouvHvHPv
j/QhFXzr+eYRgNT9UtXALzc1ytIfFmwYAPkn8vNk4okxHoDav7JxPy3lYVLWV/DZ
aPxA2DL5P1SDFijWQm2XTGiiYWONX4d8nNlwZ0HfjKashqn9
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:32 2024 by rpki-client on console-fra.rpki-client.org