Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa
File: c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa (raw, json)
Hash identifier: vhn0/wUoaUKCcwmgVMjs3mPQPRXhPBeiNwrdlP/oS5U=
Subject key identifier: CB:6A:CD:FA:E3:86:F4:08:69:86:E1:2F:C6:A0:09:CE:CF:D2:ED:C5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2FB46940F94F9FCFAFD2FD4FE7F607D79D4297F2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 12:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:b4:69:40:f9:4f:9f:cf:af:d2:fd:4f:e7:f6:07:d7:9d:42:97:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=4b0539f110ec220df6018bb1be718619758ee45a322b75632f9ee00d026eeccd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:51:43:5a:c7:f0:c8:4e:74:47:3b:65:f7:8e:
eb:d7:4c:95:dd:f8:36:a1:ef:54:d2:c8:19:df:20:
b1:03:3b:8e:22:16:e9:63:1c:35:17:ff:8a:31:b8:
79:56:e3:55:e1:c2:e8:7f:63:60:bf:c1:c2:45:c6:
24:e1:51:1a:b3:22:54:5a:e7:a5:d5:d7:e1:6c:d5:
3e:b9:10:ae:93:ae:9f:96:f3:0c:b4:03:c2:52:65:
01:e7:8f:e7:37:7c:9f:a9:74:ac:f4:b3:0c:34:27:
c3:f0:a1:a5:eb:59:7b:52:52:39:c6:0f:7f:5d:39:
e0:f7:ee:8b:92:71:7d:f1:24:cb:69:44:c6:d7:c2:
1d:3a:80:a3:eb:2b:ab:41:1f:70:cd:a0:27:31:6a:
af:1f:fe:55:2b:98:a5:a1:3c:4d:9a:b5:0f:96:c2:
b7:ec:ff:67:8e:02:a1:49:db:bc:fa:15:5d:24:46:
5f:a3:ad:5a:e5:cf:2d:34:76:2d:7c:42:9f:e8:f3:
1c:2d:b0:bc:79:03:62:b2:5c:c0:7c:a8:d7:54:9f:
eb:e9:8e:f5:7f:6d:19:48:33:11:43:4d:04:67:7f:
b4:57:8d:d5:93:e6:55:c9:a5:8d:9e:87:72:47:49:
8a:f3:64:1d:a7:71:48:d0:2e:e6:0e:d2:2f:6e:3a:
0d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:6A:CD:FA:E3:86:F4:08:69:86:E1:2F:C6:A0:09:CE:CF:D2:ED:C5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:2000::/40
Signature Algorithm: sha256WithRSAEncryption
81:3a:ed:4d:7c:11:7e:f6:26:3d:e4:29:46:eb:90:0e:b6:d5:
49:d8:75:49:a1:b8:1a:08:c4:0e:8c:1d:1b:56:ba:8d:d2:9f:
33:28:c1:0a:62:80:d2:07:77:54:ea:f1:46:24:07:69:8d:20:
a5:b4:1d:0a:f2:96:3b:b4:d8:8d:28:cf:8e:d4:bc:99:07:d3:
d7:7e:c1:a6:83:c5:fc:84:ab:15:9a:05:34:ba:e1:45:8c:92:
27:77:28:e0:b6:bf:3b:8a:bf:1c:5f:45:d6:c0:fb:76:13:a8:
3e:3d:33:05:d0:60:6b:59:7f:a9:73:00:cd:59:c4:4f:20:53:
de:7b:41:e7:76:af:75:d0:f6:ce:84:b1:c8:fd:2c:37:6d:c2:
54:85:e4:39:52:ef:c6:5f:29:ba:65:fd:be:b6:05:4f:79:32:
c4:27:3f:fb:29:a6:49:b0:58:22:50:59:ef:fe:98:2c:63:cc:
52:5b:ea:e7:6d:f3:12:7a:5a:90:95:e0:93:08:cd:c4:9d:77:
06:0a:d4:37:cb:7c:b6:b7:a6:db:a1:15:64:af:d6:50:7e:23:
61:a2:0d:10:d0:17:a6:38:4b:df:43:b0:0c:05:0c:3e:7a:f9:
f6:80:06:d3:73:1a:3c:47:26:19:da:87:f9:7c:1d:90:5a:6a:
2c:37:81:90
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUL7RpQPlPn8+v0v1P5/YH151Cl/IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiMDUzOWYxMTBlYzIyMGRmNjAxOGJiMWJlNzE4NjE5NzU4ZWU0NWEzMjJi
NzU2MzJmOWVlMDBkMDI2ZWVjY2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ5RQ1rH8MhOdEc7ZfeO69dMld34NqHvVNLIGd8gsQM7jiIW6WMcNRf/ijG4
eVbjVeHC6H9jYL/BwkXGJOFRGrMiVFrnpdXX4WzVPrkQrpOun5bzDLQDwlJlAeeP
5zd8n6l0rPSzDDQnw/ChpetZe1JSOcYPf1054Pfui5JxffEky2lExtfCHTqAo+sr
q0EfcM2gJzFqrx/+VSuYpaE8TZq1D5bCt+z/Z44CoUnbvPoVXSRGX6OtWuXPLTR2
LXxCn+jzHC2wvHkDYrJcwHyo11Sf6+mO9X9tGUgzEUNNBGd/tFeN1ZPmVcmljZ6H
ckdJivNkHadxSNAu5g7SL246DRECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTLas36
44b0CGmG4S/GoAnOz9LtxTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzZhNWFjZmYtYjVkOC00YzgwLTllY2MtOTQxNTQwNjU3NmYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HUg
MA0GCSqGSIb3DQEBCwUAA4IBAQCBOu1NfBF+9iY95ClG65AOttVJ2HVJobgaCMQO
jB0bVrqN0p8zKMEKYoDSB3dU6vFGJAdpjSCltB0K8pY7tNiNKM+O1LyZB9PXfsGm
g8X8hKsVmgU0uuFFjJIndyjgtr87ir8cX0XWwPt2E6g+PTMF0GBrWX+pcwDNWcRP
IFPee0Hndq910PbOhLHI/Sw3bcJUheQ5Uu/GXym6Zf2+tgVPeTLEJz/7KaZJsFgi
UFnv/pgsY8xSW+rnbfMSelqQleCTCM3EnXcGCtQ3y3y2t6bboRVkr9ZQfiNhog0Q
0BemOEvfQ7AMBQw+evn2gAbTcxo8RyYZ2of5fB2QWmosN4GQ
-----END CERTIFICATE-----
Generated at Sun Apr 28 16:49:04 2024 by rpki-client on console-ams.rpki-client.org