Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce6dbbe7-ad50-484f-ae7a-a4935085715f.roa
File: ce6dbbe7-ad50-484f-ae7a-a4935085715f.roa (raw, json)
Hash identifier: NEjHOb7LXr1QfeyCP2QpGd4Rsld8W+jhEl7xI9T19ec=
Subject key identifier: 31:02:58:0A:CF:58:5A:29:66:D6:8F:4F:99:26:D3:B8:C1:2C:EE:2B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4EFF244D0EA6D40E1021D586ED7CAED50601C4DA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce6dbbe7-ad50-484f-ae7a-a4935085715f.roa
Signing time: Sat 07 Sep 2024 00:00:00 +0000
ROA not before: Sat 07 Sep 2024 00:00:00 +0000
ROA not after: Sat 12 Oct 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02b::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Sep 2024 20:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:ff:24:4d:0e:a6:d4:0e:10:21:d5:86:ed:7c:ae:d5:06:01:c4:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 7 00:00:00 2024 GMT
Not After : Oct 12 23:59:59 2024 GMT
Subject: serialNumber=3f1c2720a1680dbe3a931cb3a012799df7fa5350c1430fa88d4f3f395f20dce6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:32:70:c7:0b:58:de:a7:4c:b1:f1:28:45:07:
22:ef:69:ad:03:c1:52:26:28:80:cf:5f:48:3f:62:
47:64:fc:ea:1b:5a:87:50:3f:7a:2c:c4:19:14:bd:
51:93:1d:7e:a4:12:8f:d2:b0:e5:dd:9e:04:15:20:
4c:48:32:c6:45:c0:d8:e7:26:aa:66:c0:04:3f:2a:
7c:7b:07:9d:c9:97:44:83:46:6c:0e:a1:c7:2a:4b:
2b:37:58:e0:a3:61:ae:12:91:19:65:c6:8c:5b:df:
a2:a8:d9:6c:6b:55:21:d6:94:ac:69:8f:65:6d:56:
fe:0a:35:77:0b:dd:1d:94:e4:c4:85:25:3e:fd:fe:
2e:32:f7:d8:fd:b0:98:f3:e9:20:42:89:5c:62:ee:
d0:86:e7:a0:62:be:74:46:37:b5:47:26:cd:56:26:
9c:61:83:ea:4b:15:8f:91:03:8c:a8:f2:cd:2d:58:
fd:50:07:31:ff:5a:dc:94:fe:d9:3a:5e:11:e2:82:
fe:82:e9:ba:b0:be:10:f1:22:89:6e:a4:85:3f:2b:
32:56:f4:ef:25:df:d1:47:62:92:0d:ca:27:be:6b:
e1:33:cd:0b:ba:74:f8:4e:dc:4c:36:72:73:e5:45:
c0:a0:7a:8e:ed:65:8d:fd:33:63:34:ec:a7:45:7d:
a9:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:02:58:0A:CF:58:5A:29:66:D6:8F:4F:99:26:D3:B8:C1:2C:EE:2B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce6dbbe7-ad50-484f-ae7a-a4935085715f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02b::/36
Signature Algorithm: sha256WithRSAEncryption
17:62:87:0b:90:6a:6b:f7:98:17:c4:9d:4c:94:6d:34:e2:85:
5c:7c:dd:5c:a9:86:0f:2d:f9:42:43:e9:e7:79:1f:a0:5e:b0:
ef:8a:f7:71:03:8d:11:a6:b6:ee:a3:df:62:67:6c:40:57:21:
1a:66:f8:a9:90:b4:0a:f8:cd:4d:bf:dc:a4:d4:97:ff:0b:eb:
84:a4:bc:f6:38:34:fa:97:e3:38:61:a4:e8:0f:18:6b:94:8f:
df:60:f1:31:91:f3:17:18:a0:81:3a:66:99:3c:c6:d9:f2:d9:
47:76:63:8d:ed:9b:fb:01:4c:3a:08:f7:ec:a0:eb:c0:47:ea:
11:a8:6a:6c:ff:07:4c:f0:10:17:83:9b:68:55:9f:95:15:ca:
b6:e9:3d:59:e8:56:e0:08:b8:bd:2d:ff:8f:da:3e:17:f0:b9:
77:97:86:91:ed:c0:c6:8b:35:84:a3:bb:f8:b3:4f:b6:d5:36:
70:b9:be:f5:a2:06:dd:12:8b:a1:01:b9:d8:ce:ec:f0:c8:fe:
c2:3d:19:33:96:4e:48:38:6c:cf:55:07:1a:56:37:b7:17:4f:
8a:49:c4:07:9b:63:3f:99:0b:dc:25:c2:ed:eb:c1:72:c4:6b:
f6:17:8b:a0:c2:9d:7b:76:c1:ac:5e:87:e0:2c:77:b3:ae:81:
ab:0d:44:23
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTv8kTQ6m1A4QIdWG7Xyu1QYBxNowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA5MDcwMDAwMDBaFw0yNDEwMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmMWMyNzIwYTE2ODBkYmUzYTkzMWNiM2EwMTI3OTlkZjdmYTUzNTBjMTQz
MGZhODhkNGYzZjM5NWYyMGRjZTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0ycMcLWN6nTLHxKEUHIu9prQPBUiYogM9fSD9iR2T86htah1A/eizEGRS9
UZMdfqQSj9Kw5d2eBBUgTEgyxkXA2OcmqmbABD8qfHsHncmXRINGbA6hxypLKzdY
4KNhrhKRGWXGjFvfoqjZbGtVIdaUrGmPZW1W/go1dwvdHZTkxIUlPv3+LjL32P2w
mPPpIEKJXGLu0IbnoGK+dEY3tUcmzVYmnGGD6ksVj5EDjKjyzS1Y/VAHMf9a3JT+
2TpeEeKC/oLpurC+EPEiiW6khT8rMlb07yXf0Udikg3KJ75r4TPNC7p0+E7cTDZy
c+VFwKB6ju1ljf0zYzTsp0V9qcUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQxAlgK
z1haKWbWj0+ZJtO4wSzuKzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2U2ZGJiZTctYWQ1MC00ODRmLWFlN2EtYTQ5MzUwODU3MTVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CsA
MA0GCSqGSIb3DQEBCwUAA4IBAQAXYocLkGpr95gXxJ1MlG004oVcfN1cqYYPLflC
Q+nneR+gXrDvivdxA40Rprbuo99iZ2xAVyEaZvipkLQK+M1Nv9yk1Jf/C+uEpLz2
ODT6l+M4YaToDxhrlI/fYPExkfMXGKCBOmaZPMbZ8tlHdmON7Zv7AUw6CPfsoOvA
R+oRqGps/wdM8BAXg5toVZ+VFcq26T1Z6FbgCLi9Lf+P2j4X8Ll3l4aR7cDGizWE
o7v4s0+21TZwub71ogbdEouhAbnYzuzwyP7CPRkzlk5IOGzPVQcaVje3F0+KScQH
m2M/mQvcJcLt68FyxGv2F4ugwp17dsGsXofgLHezroGrDUQj
-----END CERTIFICATE-----
Generated at Sat Sep 7 01:39:50 2024 by rpki-client on console-ams.rpki-client.org