Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3dd0e8c-c49b-4937-86da-868e9f9b91d0.roa
File: d3dd0e8c-c49b-4937-86da-868e9f9b91d0.roa (raw, json)
Hash identifier: vGfOUiE5iHaXCCMuD6I64E/PW3l7ag6hNJ17yz+LSZA=
Subject key identifier: 5D:CA:68:70:AE:A2:C0:86:14:44:69:EF:81:37:7F:8D:E9:27:8E:87
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D522ADF39539BEE26D8BF5DA13BD4E9DBE43AD4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3dd0e8c-c49b-4937-86da-868e9f9b91d0.roa
Signing time: Fri 22 Nov 2024 00:00:00 +0000
ROA not before: Fri 22 Nov 2024 00:00:00 +0000
ROA not after: Fri 27 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:52:2a:df:39:53:9b:ee:26:d8:bf:5d:a1:3b:d4:e9:db:e4:3a:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 22 00:00:00 2024 GMT
Not After : Dec 27 23:59:59 2024 GMT
Subject: serialNumber=e971b07182cf6bcce1c9317b5835bf80a39883633ce6f0599ee83190516126be, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d1:63:bd:58:39:80:cb:93:c8:1e:80:7e:53:
87:d5:e9:cb:e7:ad:53:0d:36:75:29:0c:18:57:b9:
3e:61:99:e7:54:7e:88:5d:e2:3b:a4:2f:0c:71:22:
e2:36:a5:bc:d1:69:71:f4:42:94:e7:d0:22:20:e3:
71:9e:06:db:4d:50:18:1e:f9:22:29:86:14:29:cd:
6c:1b:c6:10:48:53:6b:ab:6e:ac:3b:ce:6d:15:55:
0c:a9:9e:e8:a3:66:22:09:05:bb:3b:fc:5e:17:c7:
08:a4:1c:fe:d8:1d:ac:fb:cb:87:d6:31:a0:48:07:
29:cb:5f:78:98:c4:9a:97:07:b3:17:11:66:ef:39:
f3:73:df:c0:b6:2c:33:83:d5:ac:0a:e8:68:20:f2:
3a:bd:80:a8:d4:60:53:04:b5:75:02:b1:fc:54:36:
a3:db:53:16:8a:16:0c:c8:55:53:fa:d7:72:01:9e:
e1:c2:57:46:8e:d5:17:da:2a:7e:3c:9b:30:87:d6:
b9:cc:95:12:d6:bc:b4:c3:cd:cc:00:4e:7f:ec:31:
74:64:bd:ab:fb:62:c9:c9:fc:df:f8:45:c5:75:af:
5a:b9:40:f0:cd:25:fd:9d:4d:ad:51:a9:02:df:72:
dc:c7:f9:9d:72:cc:cc:97:95:ec:8c:71:23:4a:3e:
40:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:CA:68:70:AE:A2:C0:86:14:44:69:EF:81:37:7F:8D:E9:27:8E:87
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3dd0e8c-c49b-4937-86da-868e9f9b91d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:6000::/40
Signature Algorithm: sha256WithRSAEncryption
18:89:ef:28:d6:b0:65:9f:7d:ef:66:d1:f0:95:57:61:a2:dd:
47:7f:0e:44:dd:49:ff:af:40:bf:06:f9:10:6e:ad:03:05:fc:
07:51:0d:29:b6:c2:d1:0c:48:3e:7a:29:48:80:46:3f:55:4e:
87:73:68:51:4a:65:55:6d:6b:d8:f5:ea:ff:de:75:7d:94:9f:
42:ed:51:db:33:04:32:54:b3:95:c1:83:96:5b:00:e2:95:e2:
51:f1:53:30:88:e3:92:bd:53:16:41:90:9a:e7:32:41:1d:44:
a3:be:15:5b:a8:a3:bd:de:9b:24:eb:b4:61:73:c0:99:f4:c7:
2b:80:36:3c:4d:fa:93:20:75:07:52:ea:20:be:81:5c:f6:b6:
0e:db:59:8e:ba:f4:14:cb:c5:f5:5f:c8:eb:e7:9e:6d:a2:b5:
eb:88:e3:07:11:41:2e:ff:22:50:53:bd:12:4e:32:62:86:c2:
61:72:fe:bb:57:75:ea:f1:1a:50:b3:42:15:42:8a:32:bb:80:
50:2e:ba:4a:cd:20:91:af:a4:d0:87:b6:2a:fa:8c:f9:d8:65:
ab:7f:d7:37:fd:08:ca:e6:7b:12:de:ed:0e:fe:2e:55:dd:98:
2c:fa:73:95:38:b6:7d:c9:8c:11:4c:8a:68:0d:1e:5a:d4:35:
7c:1e:ba:c0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbVIq3zlTm+4m2L9doTvU6dvkOtQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMjIwMDAwMDBaFw0yNDEyMjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5NzFiMDcxODJjZjZiY2NlMWM5MzE3YjU4MzViZjgwYTM5ODgzNjMzY2U2
ZjA1OTllZTgzMTkwNTE2MTI2YmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANnRY71YOYDLk8gegH5Th9Xpy+etUw02dSkMGFe5PmGZ51R+iF3iO6QvDHEi
4jalvNFpcfRClOfQIiDjcZ4G201QGB75IimGFCnNbBvGEEhTa6turDvObRVVDKme
6KNmIgkFuzv8XhfHCKQc/tgdrPvLh9YxoEgHKctfeJjEmpcHsxcRZu8583PfwLYs
M4PVrAroaCDyOr2AqNRgUwS1dQKx/FQ2o9tTFooWDMhVU/rXcgGe4cJXRo7VF9oq
fjybMIfWucyVEta8tMPNzABOf+wxdGS9q/tiycn83/hFxXWvWrlA8M0l/Z1NrVGp
At9y3Mf5nXLMzJeV7IxxI0o+QHkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRdymhw
rqLAhhREae+BN3+N6SeOhzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDNkZDBlOGMtYzQ5Yi00OTM3LTg2ZGEtODY4ZTlmOWI5MWQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HZg
MA0GCSqGSIb3DQEBCwUAA4IBAQAYie8o1rBln33vZtHwlVdhot1Hfw5E3Un/r0C/
BvkQbq0DBfwHUQ0ptsLRDEg+eilIgEY/VU6Hc2hRSmVVbWvY9er/3nV9lJ9C7VHb
MwQyVLOVwYOWWwDileJR8VMwiOOSvVMWQZCa5zJBHUSjvhVbqKO93psk67Rhc8CZ
9McrgDY8TfqTIHUHUuogvoFc9rYO21mOuvQUy8X1X8jr555torXriOMHEUEu/yJQ
U70STjJihsJhcv67V3Xq8RpQs0IVQooyu4BQLrpKzSCRr6TQh7Yq+oz52GWrf9c3
/QjK5nsS3u0O/i5V3Zgs+nOVOLZ9yYwRTIpoDR5a1DV8HrrA
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:46 2024 by rpki-client on console-ams.rpki-client.org