Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c8475bef-14cd-49df-8152-c3662b2d1c21.roa
File: c8475bef-14cd-49df-8152-c3662b2d1c21.roa (raw, json)
Hash identifier: CTaIx/ux23RgRXT5WpasxjDshoqDFNfrPeeP3y4mm6Q=
Subject key identifier: 1A:A3:D5:63:FB:50:03:A1:DF:21:29:7C:B0:B5:11:FF:29:91:14:FE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0BFF9B83DA92F08380D1B9B418222EF87E75675D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c8475bef-14cd-49df-8152-c3662b2d1c21.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:ff:9b:83:da:92:f0:83:80:d1:b9:b4:18:22:2e:f8:7e:75:67:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=03ebfda7d5cdad4e2d066909e1760c6f21d3e8900a31c5857a75a4933ab1c2f2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fe:d6:aa:16:e3:cc:a5:ca:da:f4:5a:db:03:
62:93:6a:60:8e:e3:21:fb:fe:c0:9c:30:ca:5c:ad:
9d:cc:39:d9:a6:d5:97:83:08:c7:d8:34:28:0e:27:
70:ac:c8:58:13:a5:bc:db:0a:44:6a:55:30:c5:1b:
c5:76:21:98:17:a6:d3:3f:7f:3a:f7:b2:63:42:d7:
d4:c7:0e:0c:2c:54:09:cf:21:8a:be:0e:2c:30:94:
7a:dc:9b:16:19:0d:d6:14:4c:c8:e2:48:6e:27:82:
de:05:ba:de:72:3c:d0:d4:b2:f0:28:d3:8d:5e:19:
f9:52:24:16:d9:48:0e:ac:d1:f5:00:c8:33:4e:b4:
b5:00:70:e5:5b:82:24:45:e9:79:87:07:36:e1:a8:
04:2a:a8:2c:32:64:8b:77:d7:4d:e5:98:18:17:bc:
b8:b3:81:85:d8:50:d4:68:05:d5:9e:73:42:06:ca:
34:8d:7b:84:0a:fd:15:b6:80:56:28:c0:d0:ae:9d:
c9:67:db:2f:b1:11:c6:bf:da:ed:df:7c:e4:d3:40:
2d:ed:51:9d:ef:c4:b9:f3:c8:da:63:69:69:17:5d:
8f:bf:7d:76:e5:0f:8d:1a:0b:9d:8f:ea:97:ca:81:
6a:a2:48:09:3d:01:a7:ba:96:d3:82:53:e3:82:14:
f1:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:A3:D5:63:FB:50:03:A1:DF:21:29:7C:B0:B5:11:FF:29:91:14:FE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c8475bef-14cd-49df-8152-c3662b2d1c21.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:4000::/40
Signature Algorithm: sha256WithRSAEncryption
92:16:84:be:c9:f3:42:f6:72:91:31:70:57:7b:08:ce:33:d0:
f6:39:74:a4:50:bf:51:1f:f4:d2:f5:51:5a:d1:3e:e9:a0:81:
97:8b:96:58:a0:0e:5a:a0:ad:d2:a7:0b:61:f6:84:08:c0:95:
26:1f:29:39:02:7e:3f:e6:ac:ab:3c:13:77:f5:d8:7f:1f:45:
64:4c:6b:ed:f3:cd:b2:f7:4c:ed:fa:4b:a3:f0:4b:d2:94:c6:
e9:44:b4:d1:68:71:93:a6:1d:58:3a:84:8c:ec:41:aa:67:24:
39:f0:27:46:f4:2f:15:46:ed:e0:9c:b3:47:5b:4e:c9:fe:e4:
29:d0:22:e5:42:6e:9b:f2:6e:fd:91:c7:4c:da:03:36:c4:73:
26:76:ff:d5:93:35:9c:39:00:ae:34:75:89:99:05:60:c8:3c:
9f:64:41:fc:46:40:98:08:b4:b0:90:21:28:d3:47:a7:f4:b6:
92:28:41:62:12:09:58:d1:5a:e7:23:aa:52:be:37:ae:a9:a2:
7d:5d:8f:d3:a5:d8:d0:39:b1:43:35:2b:5c:65:da:15:da:e6:
55:e2:ec:15:bd:82:c1:e3:e6:ef:60:76:c2:81:ee:a3:62:be:
1b:3f:3c:77:0c:0e:95:c7:22:43:1b:a1:e3:6d:83:4f:4c:fb:
5f:63:0c:25
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUC/+bg9qS8IOA0bm0GCIu+H51Z10wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzZWJmZGE3ZDVjZGFkNGUyZDA2NjkwOWUxNzYwYzZmMjFkM2U4OTAwYTMx
YzU4NTdhNzVhNDkzM2FiMWMyZjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMH+1qoW48ylytr0WtsDYpNqYI7jIfv+wJwwylytncw52abVl4MIx9g0KA4n
cKzIWBOlvNsKRGpVMMUbxXYhmBem0z9/OveyY0LX1McODCxUCc8hir4OLDCUetyb
FhkN1hRMyOJIbieC3gW63nI80NSy8CjTjV4Z+VIkFtlIDqzR9QDIM060tQBw5VuC
JEXpeYcHNuGoBCqoLDJki3fXTeWYGBe8uLOBhdhQ1GgF1Z5zQgbKNI17hAr9FbaA
VijA0K6dyWfbL7ERxr/a7d985NNALe1Rne/EufPI2mNpaRddj799duUPjRoLnY/q
l8qBaqJICT0Bp7qW04JT44IU8WECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQao9Vj
+1ADod8hKXywtRH/KZEU/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzg0NzViZWYtMTRjZC00OWRmLTgxNTItYzM2NjJiMmQxYzIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBA
MA0GCSqGSIb3DQEBCwUAA4IBAQCSFoS+yfNC9nKRMXBXewjOM9D2OXSkUL9RH/TS
9VFa0T7poIGXi5ZYoA5aoK3Spwth9oQIwJUmHyk5An4/5qyrPBN39dh/H0VkTGvt
882y90zt+kuj8EvSlMbpRLTRaHGTph1YOoSM7EGqZyQ58CdG9C8VRu3gnLNHW07J
/uQp0CLlQm6b8m79kcdM2gM2xHMmdv/VkzWcOQCuNHWJmQVgyDyfZEH8RkCYCLSw
kCEo00en9LaSKEFiEglY0VrnI6pSvjeuqaJ9XY/TpdjQObFDNStcZdoV2uZV4uwV
vYLB4+bvYHbCge6jYr4bPzx3DA6VxyJDG6HjbYNPTPtfYwwl
-----END CERTIFICATE-----
Generated at Sun Apr 21 03:29:56 2024 by rpki-client on console-fra.rpki-client.org