Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa
File: ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa (raw, json)
Hash identifier: yV9eaeAllSCC44p8J8u8kNNnXdw9s4QL3ImMohDIhnI=
Subject key identifier: 4F:89:F4:2E:EE:73:3F:D0:73:31:9F:30:60:C8:5E:AB:5D:9C:E9:E6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B704B155125AD4D52DFD3FA6BE76ACE201AA415
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa
Signing time: Mon 28 Oct 2024 00:00:00 +0000
ROA not before: Mon 28 Oct 2024 00:00:00 +0000
ROA not after: Mon 02 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:70:4b:15:51:25:ad:4d:52:df:d3:fa:6b:e7:6a:ce:20:1a:a4:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 28 00:00:00 2024 GMT
Not After : Dec 2 23:59:59 2024 GMT
Subject: serialNumber=ff9c51e2b4bda9407f562e962b5fcd2273f847cb6524da7fb0ead2e2395e64a6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:36:be:04:0c:f3:12:e6:af:b1:b3:9f:16:39:
12:e3:d9:ef:af:a1:61:93:97:a9:a7:01:5c:ab:12:
72:15:b4:64:86:24:e9:1e:31:bd:58:8e:59:35:97:
dc:72:a0:50:3a:bb:3b:e6:9b:b8:fc:6e:77:bd:88:
44:51:87:bb:8a:96:5e:68:51:f3:48:98:80:ab:4c:
25:08:f1:40:7d:8e:9c:fa:23:b4:8b:47:14:f0:fb:
30:97:b3:23:29:24:8c:72:63:92:9c:aa:4e:c6:54:
31:2b:da:32:e7:e6:45:0b:bd:8a:5d:3a:08:c0:fd:
22:03:32:fa:a7:db:c5:bc:75:60:d6:01:e7:22:89:
29:5e:8c:1c:74:af:84:2c:98:a5:aa:46:be:92:f7:
f8:dd:d3:2b:98:6d:10:d6:78:3a:6c:cf:63:84:bd:
fc:cb:83:a0:bd:c0:97:52:87:57:b9:a2:b0:d0:ba:
81:79:e4:ad:68:f3:bf:4b:b1:12:be:aa:2f:e6:5b:
02:7a:be:1a:28:ea:cb:92:08:f9:af:d5:fe:a0:0d:
73:0a:34:69:71:ab:aa:00:05:dd:ac:0e:3a:60:e1:
ca:07:ca:56:5f:fd:57:cb:16:9c:24:0f:f1:92:ef:
21:c4:f2:e9:1f:29:3e:9d:64:36:33:bb:4a:92:6a:
78:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:89:F4:2E:EE:73:3F:D0:73:31:9F:30:60:C8:5E:AB:5D:9C:E9:E6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:a000::/40
Signature Algorithm: sha256WithRSAEncryption
35:b5:6a:e9:7e:f7:38:9f:6e:14:5e:39:3a:1d:6c:82:7d:bf:
f1:ac:6c:ae:af:0e:76:52:0d:d1:99:44:d3:8e:d2:d5:29:35:
c4:45:4e:c2:e0:d7:51:af:34:69:09:58:05:03:85:31:de:15:
0d:bc:fb:fe:e2:64:e7:dd:6e:d6:02:f9:e3:51:de:3a:f5:bd:
70:ec:26:43:ee:b3:62:1c:a7:ab:36:27:86:c8:a5:83:ca:e1:
56:a1:00:ca:56:24:00:55:6a:e6:86:24:06:d7:69:8b:ee:45:
21:85:46:13:fe:85:42:24:39:e3:a8:67:63:62:82:1c:5c:53:
9c:42:2f:a4:41:c2:1e:bb:bb:af:5c:81:b2:7a:bd:25:58:c3:
a2:b9:54:33:8b:e3:c2:6d:3f:23:b8:90:bc:4e:f8:e6:34:26:
ee:e3:f9:2b:0b:1a:b4:2a:7d:2e:73:58:0e:cc:e8:8d:df:ee:
c7:63:b6:62:ab:3f:c8:3b:2e:ff:30:58:a2:e9:08:d2:41:e7:
79:da:22:6e:9c:78:2d:51:87:f5:b7:5a:81:31:2c:40:c3:a2:
f7:62:2c:0a:3a:8c:4a:6f:e1:7b:84:14:64:36:ec:82:42:42:
4b:57:04:c9:b9:e9:cc:63:c1:cc:30:02:19:cb:3a:99:49:8d:
06:c1:38:3e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG3BLFVElrU1S39P6a+dqziAapBUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEwMjgwMDAwMDBaFw0yNDEyMDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmOWM1MWUyYjRiZGE5NDA3ZjU2MmU5NjJiNWZjZDIyNzNmODQ3Y2I2NTI0
ZGE3ZmIwZWFkMmUyMzk1ZTY0YTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJU2vgQM8xLmr7GznxY5EuPZ76+hYZOXqacBXKsSchW0ZIYk6R4xvViOWTWX
3HKgUDq7O+abuPxud72IRFGHu4qWXmhR80iYgKtMJQjxQH2OnPojtItHFPD7MJez
IykkjHJjkpyqTsZUMSvaMufmRQu9il06CMD9IgMy+qfbxbx1YNYB5yKJKV6MHHSv
hCyYpapGvpL3+N3TK5htENZ4OmzPY4S9/MuDoL3Al1KHV7misNC6gXnkrWjzv0ux
Er6qL+ZbAnq+Gijqy5II+a/V/qANcwo0aXGrqgAF3awOOmDhygfKVl/9V8sWnCQP
8ZLvIcTy6R8pPp1kNjO7SpJqeB0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRPifQu
7nM/0HMxnzBgyF6rXZzp5jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2UyYmMxZDctZTQyOS00MzUwLWI5Y2QtYTQ5MTU4ZDJiMTE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dig
MA0GCSqGSIb3DQEBCwUAA4IBAQA1tWrpfvc4n24UXjk6HWyCfb/xrGyurw52Ug3R
mUTTjtLVKTXERU7C4NdRrzRpCVgFA4Ux3hUNvPv+4mTn3W7WAvnjUd469b1w7CZD
7rNiHKerNieGyKWDyuFWoQDKViQAVWrmhiQG12mL7kUhhUYT/oVCJDnjqGdjYoIc
XFOcQi+kQcIeu7uvXIGyer0lWMOiuVQzi+PCbT8juJC8TvjmNCbu4/krCxq0Kn0u
c1gOzOiN3+7HY7Ziqz/IOy7/MFii6QjSQed52iJunHgtUYf1t1qBMSxAw6L3YiwK
OoxKb+F7hBRkNuyCQkJLVwTJuenMY8HMMAIZyzqZSY0GwTg+
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:33 2024 by rpki-client on console-ams.rpki-client.org