Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d735e06b-da70-43f9-a07c-a9978bc62606.roa
File: d735e06b-da70-43f9-a07c-a9978bc62606.roa (raw, json)
Hash identifier: 0rGoiSwtBvn9R8vCZG1PcoctAO8KDY06O14sGvhYQXA=
Subject key identifier: E3:80:8C:3E:20:4D:B5:8B:18:A2:B7:0F:8F:11:F0:53:2E:85:B4:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FCFEF05E78DDA68EE09F656C8E7BC780597B222
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d735e06b-da70-43f9-a07c-a9978bc62606.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d070:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:cf:ef:05:e7:8d:da:68:ee:09:f6:56:c8:e7:bc:78:05:97:b2:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=f15307a4bfa567f62ea158ebd462c3ee1e63a91608b0051719464df28b0bf44b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1e:18:a0:8b:07:c2:9b:fd:b9:4a:5d:9c:60:
d5:5a:4a:5e:61:a1:5e:04:cb:56:a2:38:a7:3b:02:
50:1b:cd:74:46:44:d9:6f:44:1b:b2:34:5b:67:1f:
a5:9c:13:18:63:f1:73:8b:6a:a8:a2:79:ec:61:ea:
30:e3:3e:dc:cb:95:e7:6d:6c:0a:00:e6:fe:f9:db:
ad:86:0a:16:e1:01:e6:03:80:88:ae:b1:a4:74:54:
80:85:70:0d:35:4c:c7:5d:7b:77:1a:81:7c:6d:cc:
fb:be:ff:7e:b6:93:f5:10:ae:15:1a:37:f5:54:e4:
f7:aa:fc:21:65:7a:7f:8f:ab:72:b4:04:e7:47:88:
4a:21:9c:70:f5:35:ca:d4:e5:ec:7d:68:31:20:93:
a0:f3:e8:15:ca:27:12:8a:a5:47:ea:d8:9e:90:6d:
27:2a:87:a2:b3:91:1e:ea:f5:ca:65:4e:83:a1:4d:
eb:07:80:11:54:d9:06:37:07:0a:1a:de:02:07:76:
48:8b:ac:62:e1:c5:42:f4:79:ac:fb:a8:01:e6:e6:
85:de:01:b3:b4:34:10:c9:b2:6f:64:bc:cc:7f:9d:
62:88:39:e5:38:05:6e:2a:28:43:ff:aa:02:99:30:
21:e9:2d:2e:ec:c1:06:74:0a:63:62:53:71:be:e3:
78:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:80:8C:3E:20:4D:B5:8B:18:A2:B7:0F:8F:11:F0:53:2E:85:B4:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d735e06b-da70-43f9-a07c-a9978bc62606.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d070:2000::/40
Signature Algorithm: sha256WithRSAEncryption
5d:47:2d:17:52:ed:95:98:70:75:ec:a5:f9:57:47:9a:52:82:
2c:3f:6e:66:4d:b1:4f:51:f7:f6:4b:14:4c:68:a6:55:fc:63:
aa:52:a4:e4:99:65:f9:a4:9d:d9:c9:23:88:ab:5c:1a:b6:72:
80:9e:bb:dd:a7:08:f9:df:71:5b:3e:ed:6e:ba:e4:53:0d:c6:
d8:57:46:fd:7a:de:8c:79:ce:2d:89:8c:94:61:45:a3:32:13:
ae:ec:a8:95:a3:f4:02:2a:2e:c4:77:af:3f:cc:e8:6c:a9:38:
ae:d9:95:8c:bd:db:62:7a:5a:5e:c2:31:c0:fe:9f:f7:21:6a:
cc:bc:6f:28:d1:c1:14:9c:63:ca:62:24:2f:15:8f:14:8e:c4:
3a:55:6b:bf:16:2e:fc:e1:2f:e1:d1:b5:a6:6c:6e:8e:c6:80:
9e:b7:4d:4f:73:c9:b8:54:9e:b2:2e:a2:b3:39:50:46:6d:e1:
66:65:63:54:f0:91:15:94:56:8b:a6:28:83:e6:fa:4e:5d:08:
20:b7:eb:2d:81:89:ae:5f:fb:12:b4:32:58:95:a7:8b:56:c1:
31:c2:07:0f:4e:4f:82:e4:ce:dc:12:dd:08:48:02:8d:a8:e9:
37:56:d2:36:4d:5b:0d:7b:14:5b:16:4a:fc:3f:e3:87:7a:62:
05:4d:97:58
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf8/vBeeN2mjuCfZWyOe8eAWXsiIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxNTMwN2E0YmZhNTY3ZjYyZWExNThlYmQ0NjJjM2VlMWU2M2E5MTYwOGIw
MDUxNzE5NDY0ZGYyOGIwYmY0NGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4eGKCLB8Kb/blKXZxg1VpKXmGhXgTLVqI4pzsCUBvNdEZE2W9EG7I0W2cf
pZwTGGPxc4tqqKJ57GHqMOM+3MuV521sCgDm/vnbrYYKFuEB5gOAiK6xpHRUgIVw
DTVMx117dxqBfG3M+77/fraT9RCuFRo39VTk96r8IWV6f4+rcrQE50eISiGccPU1
ytTl7H1oMSCToPPoFconEoqlR+rYnpBtJyqHorORHur1ymVOg6FN6weAEVTZBjcH
ChreAgd2SIusYuHFQvR5rPuoAebmhd4Bs7Q0EMmyb2S8zH+dYog55TgFbiooQ/+q
ApkwIektLuzBBnQKY2JTcb7jeNkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTjgIw+
IE21ixiitw+PEfBTLoW0ZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDczNWUwNmItZGE3MC00M2Y5LWEwN2MtYTk5NzhiYzYyNjA2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HAg
MA0GCSqGSIb3DQEBCwUAA4IBAQBdRy0XUu2VmHB17KX5V0eaUoIsP25mTbFPUff2
SxRMaKZV/GOqUqTkmWX5pJ3ZySOIq1watnKAnrvdpwj533FbPu1uuuRTDcbYV0b9
et6Mec4tiYyUYUWjMhOu7KiVo/QCKi7Ed68/zOhsqTiu2ZWMvdtielpewjHA/p/3
IWrMvG8o0cEUnGPKYiQvFY8UjsQ6VWu/Fi784S/h0bWmbG6OxoCet01Pc8m4VJ6y
LqKzOVBGbeFmZWNU8JEVlFaLpiiD5vpOXQggt+stgYmuX/sStDJYlaeLVsExwgcP
Tk+C5M7cEt0ISAKNqOk3VtI2TVsNexRbFkr8P+OHemIFTZdY
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:46 2024 by rpki-client on console-ams.rpki-client.org