Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d67752ef-5be4-49e1-bfb3-b6ad809586e1.roa
File: d67752ef-5be4-49e1-bfb3-b6ad809586e1.roa (raw, json)
Hash identifier: s9ks6KXBcBFWjWA3u1ctNG4fWYlodA5r+EcbC0yuYMs=
Subject key identifier: DE:1C:79:57:2F:D1:8B:1F:42:77:69:34:35:BC:AB:65:2F:87:1F:11
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7BBF62E1C2C5664E13BD9726A0DBFAD6612EDDE0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d67752ef-5be4-49e1-bfb3-b6ad809586e1.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:bf:62:e1:c2:c5:66:4e:13:bd:97:26:a0:db:fa:d6:61:2e:dd:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=d18cb662cae24bc46810b253c294bb15351d6fb4a7e213127d42d6192db186c0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:04:f0:b7:66:b7:81:f2:f5:d5:70:c4:ad:c6:
f5:dc:92:df:a4:11:4c:2e:23:a9:bb:9a:d9:1d:08:
30:e7:4e:29:93:1b:e5:11:c2:c7:60:97:99:10:75:
f3:36:96:40:f6:71:00:dc:5b:93:fb:d5:15:fc:78:
de:cb:e7:0d:50:e7:20:52:5c:fa:63:d3:75:5b:53:
f5:7c:df:38:64:df:47:49:fa:75:a4:da:be:27:5c:
1d:0d:d4:66:75:72:ee:a5:15:56:08:a5:4a:0a:0f:
2e:7e:5e:5d:8e:e6:18:4b:c9:1f:85:13:5e:4b:97:
9c:2e:d5:cb:4c:cb:4a:bd:3e:33:8d:4f:0a:9d:ea:
cb:1c:73:68:dd:a7:7f:4d:d5:0b:8a:3d:0d:c4:60:
4f:28:8e:38:ba:b7:0f:37:d6:21:01:75:b8:92:b8:
14:97:3f:c0:f0:99:4a:3d:35:08:93:1f:39:8a:92:
88:ab:c4:4d:fc:88:92:87:17:c3:6f:df:d3:ce:78:
59:a9:fa:f7:c1:bd:3e:86:a8:a2:ec:cb:73:55:d5:
8c:47:64:cb:fe:13:df:23:04:b8:2b:eb:e0:ec:f1:
23:2d:e5:b5:2d:43:24:96:db:13:5f:f6:cf:5f:c9:
80:e2:f3:08:b3:27:88:89:1b:15:56:a7:28:90:0b:
bf:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:1C:79:57:2F:D1:8B:1F:42:77:69:34:35:BC:AB:65:2F:87:1F:11
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d67752ef-5be4-49e1-bfb3-b6ad809586e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:1000::/40
Signature Algorithm: sha256WithRSAEncryption
84:62:33:b8:5d:92:5d:e9:91:83:0e:5d:d1:eb:64:e8:34:ec:
1a:69:82:2e:9e:45:50:ba:fe:ec:d5:78:ec:34:69:58:da:77:
a1:7c:1a:c7:59:ce:98:41:91:07:be:a5:02:a8:4f:2a:c5:84:
f8:08:d2:cf:dd:9c:32:aa:77:c0:9f:2e:55:ac:03:cf:e2:78:
e5:fd:97:85:70:3c:6a:23:df:1c:ad:1c:19:6b:e3:8d:13:6e:
ae:ca:36:8a:10:0d:ac:9e:d7:41:73:94:c1:dd:fb:d6:4b:4f:
cb:de:00:41:8d:2c:3f:df:73:3c:4c:d7:0c:74:86:ca:6b:8c:
90:73:15:bc:83:99:39:05:8c:0c:5e:68:58:ba:5d:34:aa:cb:
0e:fe:69:74:cb:49:33:e8:7b:4f:68:76:88:dc:c5:ce:b7:45:
3b:34:d4:c4:69:3e:f6:fa:8b:55:b8:9c:a2:26:9e:f1:36:2d:
af:1a:a9:b6:8b:8f:1e:b8:bb:89:79:ca:77:57:3f:5d:86:87:
ea:c0:3e:97:b3:c6:cb:46:52:42:0f:10:37:c0:85:3e:6b:ba:
b9:bb:b7:bb:cf:45:c0:d4:71:0e:78:b2:8a:4d:d3:25:60:ea:
d1:39:0f:c7:8a:3a:59:2b:68:28:e3:b6:11:61:9f:fc:90:f4:
7a:96:b3:a8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUe79i4cLFZk4TvZcmoNv61mEu3eAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxOGNiNjYyY2FlMjRiYzQ2ODEwYjI1M2MyOTRiYjE1MzUxZDZmYjRhN2Uy
MTMxMjdkNDJkNjE5MmRiMTg2YzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKoE8Ldmt4Hy9dVwxK3G9dyS36QRTC4jqbua2R0IMOdOKZMb5RHCx2CXmRB1
8zaWQPZxANxbk/vVFfx43svnDVDnIFJc+mPTdVtT9XzfOGTfR0n6daTavidcHQ3U
ZnVy7qUVVgilSgoPLn5eXY7mGEvJH4UTXkuXnC7Vy0zLSr0+M41PCp3qyxxzaN2n
f03VC4o9DcRgTyiOOLq3DzfWIQF1uJK4FJc/wPCZSj01CJMfOYqSiKvETfyIkocX
w2/f0854Wan698G9PoaoouzLc1XVjEdky/4T3yMEuCvr4OzxIy3ltS1DJJbbE1/2
z1/JgOLzCLMniIkbFVanKJALv+kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTeHHlX
L9GLH0J3aTQ1vKtlL4cfETAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDY3NzUyZWYtNWJlNC00OWUxLWJmYjMtYjZhZDgwOTU4NmUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HsQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCEYjO4XZJd6ZGDDl3R62ToNOwaaYIunkVQuv7s
1XjsNGlY2nehfBrHWc6YQZEHvqUCqE8qxYT4CNLP3ZwyqnfAny5VrAPP4njl/ZeF
cDxqI98crRwZa+ONE26uyjaKEA2sntdBc5TB3fvWS0/L3gBBjSw/33M8TNcMdIbK
a4yQcxW8g5k5BYwMXmhYul00qssO/ml0y0kz6HtPaHaI3MXOt0U7NNTEaT72+otV
uJyiJp7xNi2vGqm2i48euLuJecp3Vz9dhofqwD6Xs8bLRlJCDxA3wIU+a7q5u7e7
z0XA1HEOeLKKTdMlYOrROQ/HijpZK2go47YRYZ/8kPR6lrOo
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:33 2024 by rpki-client on console-ams.rpki-client.org