Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d67752ef-5be4-49e1-bfb3-b6ad809586e1.roa
File: d67752ef-5be4-49e1-bfb3-b6ad809586e1.roa (raw, json)
Hash identifier: fFBqGTwbvypOy7aDqA6IqASfFmQR70OdSV5xUdFcIbQ=
Subject key identifier: 56:B9:B0:36:B0:A2:C2:76:73:4A:74:7A:93:7F:F4:13:24:5B:28:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 595AC0856707EBD1067EB5403B284ADE1D615AD4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d67752ef-5be4-49e1-bfb3-b6ad809586e1.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:5a:c0:85:67:07:eb:d1:06:7e:b5:40:3b:28:4a:de:1d:61:5a:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=e72c4a8f91f33ccf94ce8bb99489b5ac031637021c0d4f5dfb0f18dc0d8dafb7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c7:12:f4:a0:31:97:ae:3b:1f:47:6a:35:05:
fe:74:43:b5:62:dc:b4:96:bd:53:93:8f:c5:5c:99:
4c:d7:56:d5:71:69:2a:ec:61:a9:a2:68:e9:ce:cb:
d2:8a:8b:47:e5:21:6d:f3:53:97:c4:99:e7:8e:90:
f4:11:36:e2:97:65:ec:80:79:93:0d:2d:58:92:1b:
4d:b3:66:b1:83:28:65:62:b1:68:74:d8:19:d5:27:
bf:fb:78:81:39:b6:8a:43:d6:0c:71:66:be:ef:4b:
32:18:d4:c2:66:32:e3:39:2c:5e:46:96:3f:16:f2:
16:e8:1b:1c:e3:c7:e6:e0:f1:d7:33:f5:31:f1:26:
7e:59:34:74:52:a8:bd:ff:3a:c1:15:9e:46:65:4f:
d2:af:02:9e:4f:b0:74:6f:67:d5:15:10:3b:5a:3f:
23:65:43:23:0a:e5:22:00:00:16:3d:3f:c2:39:9e:
0f:93:7e:02:9c:67:d1:5d:a6:3a:81:94:ec:e9:ca:
0d:ef:76:5f:84:57:bf:a6:cd:b5:27:cf:1f:54:7c:
f5:24:38:89:5b:64:f1:dc:a2:fa:8f:be:67:95:ad:
8b:96:f2:3d:89:fb:08:f0:81:89:90:08:cf:b1:33:
e1:8d:0c:0e:0c:b1:66:d3:96:bb:52:61:eb:fd:d5:
39:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:B9:B0:36:B0:A2:C2:76:73:4A:74:7A:93:7F:F4:13:24:5B:28:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d67752ef-5be4-49e1-bfb3-b6ad809586e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:1000::/40
Signature Algorithm: sha256WithRSAEncryption
42:25:65:b8:f2:fc:d3:ec:1b:e4:5e:aa:62:f6:4d:df:ef:5d:
45:6a:e3:04:94:ec:cf:8f:08:05:e7:65:d1:00:cf:b2:f9:c5:
0c:e7:a8:82:52:64:76:9a:a3:0f:f6:9e:b2:6c:ea:fb:20:f7:
a0:a2:1c:4a:8f:34:fd:37:ef:47:5a:6a:27:ee:17:d7:a0:4d:
5c:c9:5c:88:11:01:eb:92:96:cf:66:11:24:44:e0:9a:62:c7:
a8:3a:57:06:1c:59:2d:14:e5:60:55:77:7a:ff:b1:aa:72:87:
d6:76:5d:fe:42:5e:1e:82:61:38:4c:e6:0b:2a:70:75:bb:0a:
a7:3b:5b:94:81:a3:de:71:fc:12:31:e9:45:ed:4e:f8:09:ce:
ec:c4:70:83:d3:7c:b5:b9:44:6a:0e:0a:ec:d2:86:c2:39:b7:
1a:97:95:e2:ed:5a:93:eb:ca:1d:80:0f:ee:88:99:33:57:13:
fc:1b:39:1a:b7:e8:56:a7:49:9f:c0:a9:3f:b6:33:08:0b:e8:
b1:3b:bc:ce:cd:38:57:82:0a:0b:39:53:b7:b1:44:6d:f7:df:
9b:51:cd:5f:8e:2a:a4:a5:1c:ff:0d:de:0c:dc:5c:67:34:f9:
b9:66:7f:13:0c:44:27:5d:2a:58:78:0b:35:92:4a:0a:fd:fc:
7b:5a:3a:54
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWVrAhWcH69EGfrVAOyhK3h1hWtQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3MmM0YThmOTFmMzNjY2Y5NGNlOGJiOTk0ODliNWFjMDMxNjM3MDIxYzBk
NGY1ZGZiMGYxOGRjMGQ4ZGFmYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPHEvSgMZeuOx9HajUF/nRDtWLctJa9U5OPxVyZTNdW1XFpKuxhqaJo6c7L
0oqLR+UhbfNTl8SZ546Q9BE24pdl7IB5kw0tWJIbTbNmsYMoZWKxaHTYGdUnv/t4
gTm2ikPWDHFmvu9LMhjUwmYy4zksXkaWPxbyFugbHOPH5uDx1zP1MfEmflk0dFKo
vf86wRWeRmVP0q8Cnk+wdG9n1RUQO1o/I2VDIwrlIgAAFj0/wjmeD5N+Apxn0V2m
OoGU7OnKDe92X4RXv6bNtSfPH1R89SQ4iVtk8dyi+o++Z5Wti5byPYn7CPCBiZAI
z7Ez4Y0MDgyxZtOWu1Jh6/3VOakCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRWubA2
sKLCdnNKdHqTf/QTJFsoJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDY3NzUyZWYtNWJlNC00OWUxLWJmYjMtYjZhZDgwOTU4NmUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HsQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBCJWW48vzT7BvkXqpi9k3f711FauMElOzPjwgF
52XRAM+y+cUM56iCUmR2mqMP9p6ybOr7IPegohxKjzT9N+9HWmon7hfXoE1cyVyI
EQHrkpbPZhEkROCaYseoOlcGHFktFOVgVXd6/7GqcofWdl3+Ql4egmE4TOYLKnB1
uwqnO1uUgaPecfwSMelF7U74Cc7sxHCD03y1uURqDgrs0obCObcal5Xi7VqT68od
gA/uiJkzVxP8Gzkat+hWp0mfwKk/tjMIC+ixO7zOzThXggoLOVO3sURt99+bUc1f
jiqkpRz/Dd4M3FxnNPm5Zn8TDEQnXSpYeAs1kkoK/fx7WjpU
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:31:27 2024 by rpki-client on console-fra.rpki-client.org