Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d735e06b-da70-43f9-a07c-a9978bc62606.roa
File: d735e06b-da70-43f9-a07c-a9978bc62606.roa (raw, json)
Hash identifier: h3yX+QeS9/jqUQVxkHA61vkuLUMIYr5OwQAuQOb+HMA=
Subject key identifier: BD:8F:26:D2:E2:17:96:93:11:BE:A5:67:D2:58:46:F1:26:C4:F6:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 214EBEC3B9D285B94E3DDEF3E67BACA50CEDCBC4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d735e06b-da70-43f9-a07c-a9978bc62606.roa
Signing time: Fri 30 Aug 2024 00:00:00 +0000
ROA not before: Fri 30 Aug 2024 00:00:00 +0000
ROA not after: Fri 04 Oct 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d070:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Sep 2024 20:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:4e:be:c3:b9:d2:85:b9:4e:3d:de:f3:e6:7b:ac:a5:0c:ed:cb:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 30 00:00:00 2024 GMT
Not After : Oct 4 23:59:59 2024 GMT
Subject: serialNumber=ab53cc02765a30da259a5be5f3f84e0f625c74810be9fb69e96462112b646f17, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a2:48:d1:e2:be:b1:14:16:e9:12:b2:33:ed:
e5:50:21:a7:69:eb:56:fc:24:cb:2c:7d:03:6a:a5:
49:ae:f3:57:4e:83:ad:8a:a5:ed:eb:4b:c7:6c:3b:
01:cf:f9:bb:a0:06:15:f0:cd:8a:0c:88:53:80:e6:
e0:17:c2:10:e3:c2:9d:61:a9:fa:99:90:d4:64:26:
7a:76:02:ff:ac:34:89:70:00:c0:53:99:79:86:c0:
09:fd:9f:b4:93:ac:9e:f6:8c:ad:42:17:0d:c6:f5:
89:c6:ca:36:4a:05:c3:60:c4:cb:9f:9a:be:9d:fc:
ab:7d:55:6a:97:91:92:c6:12:14:f4:5e:5f:97:06:
e3:9f:0e:63:29:b4:8b:7a:35:41:72:19:75:9e:87:
cd:9d:e4:a7:2e:c3:df:d7:d3:d4:aa:7e:21:87:1f:
5d:51:7c:fb:c0:cc:1c:10:04:24:27:89:1f:62:be:
2b:04:41:a1:30:34:e6:12:fa:5c:1f:5c:2b:c4:98:
a7:5b:5e:ad:45:0a:44:4d:26:d5:c9:16:d3:9c:9d:
ca:7d:0b:33:0e:2b:5a:96:1c:61:99:3b:68:ab:c6:
0d:4f:86:1d:9e:db:ca:ce:83:c4:ff:d5:34:78:4a:
5a:d3:72:57:79:f5:e5:34:74:5d:ac:e7:32:09:7a:
00:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:8F:26:D2:E2:17:96:93:11:BE:A5:67:D2:58:46:F1:26:C4:F6:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d735e06b-da70-43f9-a07c-a9978bc62606.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d070:2000::/40
Signature Algorithm: sha256WithRSAEncryption
31:5f:ee:8f:69:25:ad:e7:53:2c:a8:96:88:27:be:2c:57:75:
71:75:a7:9d:14:51:76:3f:db:07:33:78:5b:8e:ef:d8:77:6b:
91:a5:25:95:62:67:01:83:f4:da:94:be:c0:6a:6b:a4:db:ab:
20:94:b8:56:a4:78:ee:9c:c7:a6:de:81:5c:a6:1c:b2:50:75:
09:67:ad:72:81:1d:3c:97:c1:9b:3a:85:96:84:7b:31:15:ed:
9b:9d:64:81:c8:6e:e2:03:70:43:93:33:d4:2d:16:1c:da:f1:
93:01:5b:a9:63:c3:41:b8:f2:13:58:a6:ad:52:08:d0:9d:26:
07:a7:31:90:37:55:99:2a:70:5f:0c:a3:87:04:da:5a:b4:31:
45:0b:c4:27:c3:ff:58:96:b6:31:73:0a:9a:eb:70:80:43:33:
26:f0:22:88:22:30:fd:50:4f:30:5e:a8:c8:4b:60:e8:10:f1:
72:9e:1d:02:1b:1d:7c:0b:ee:52:55:45:09:85:e9:74:22:0d:
c1:53:1a:52:60:31:31:d1:4e:f8:de:15:6c:fd:15:e4:7b:f6:
33:68:0b:f7:a3:b8:25:91:c0:96:99:07:78:d8:ad:46:d8:56:
91:a4:62:a9:ba:dc:17:cf:b3:19:8d:41:90:64:27:91:99:3b:
d5:4a:72:59
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIU6+w7nShblOPd7z5nuspQzty8QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA4MzAwMDAwMDBaFw0yNDEwMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiNTNjYzAyNzY1YTMwZGEyNTlhNWJlNWYzZjg0ZTBmNjI1Yzc0ODEwYmU5
ZmI2OWU5NjQ2MjExMmI2NDZmMTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGiSNHivrEUFukSsjPt5VAhp2nrVvwkyyx9A2qlSa7zV06DrYql7etLx2w7
Ac/5u6AGFfDNigyIU4Dm4BfCEOPCnWGp+pmQ1GQmenYC/6w0iXAAwFOZeYbACf2f
tJOsnvaMrUIXDcb1icbKNkoFw2DEy5+avp38q31VapeRksYSFPReX5cG458OYym0
i3o1QXIZdZ6HzZ3kpy7D39fT1Kp+IYcfXVF8+8DMHBAEJCeJH2K+KwRBoTA05hL6
XB9cK8SYp1terUUKRE0m1ckW05ydyn0LMw4rWpYcYZk7aKvGDU+GHZ7bys6DxP/V
NHhKWtNyV3n15TR0XaznMgl6AF8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS9jybS
4heWkxG+pWfSWEbxJsT2eTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDczNWUwNmItZGE3MC00M2Y5LWEwN2MtYTk5NzhiYzYyNjA2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HAg
MA0GCSqGSIb3DQEBCwUAA4IBAQAxX+6PaSWt51MsqJaIJ74sV3VxdaedFFF2P9sH
M3hbju/Yd2uRpSWVYmcBg/TalL7Aamuk26sglLhWpHjunMem3oFcphyyUHUJZ61y
gR08l8GbOoWWhHsxFe2bnWSByG7iA3BDkzPULRYc2vGTAVupY8NBuPITWKatUgjQ
nSYHpzGQN1WZKnBfDKOHBNpatDFFC8Qnw/9YlrYxcwqa63CAQzMm8CKIIjD9UE8w
XqjIS2DoEPFynh0CGx18C+5SVUUJhel0Ig3BUxpSYDEx0U743hVs/RXke/YzaAv3
o7glkcCWmQd42K1G2FaRpGKputwXz7MZjUGQZCeRmTvVSnJZ
-----END CERTIFICATE-----
Generated at Sat Sep 7 01:39:50 2024 by rpki-client on console-ams.rpki-client.org