Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
File: d7bcc124-bcd8-42ec-911f-1b551dceda68.roa (raw, json)
Hash identifier: IdlJxQ6g2mJ/PK6fA+i9HBrTdE2MStXoRRdmlkpm7H4=
Subject key identifier: 26:92:4B:6C:73:6F:1C:8F:C7:BD:B3:23:A8:59:B3:86:5A:F2:22:42
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E74D4CA8AA792FC3633C3EEBB4F51E682AFB5B1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:74:d4:ca:8a:a7:92:fc:36:33:c3:ee:bb:4f:51:e6:82:af:b5:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=e165049102fb4d588a2cb347bbd9365de7bffe246ad72c30a7247fe752bd94a6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:84:d1:9f:18:68:ce:2f:da:20:75:ae:59:90:
12:e1:02:9f:af:87:a0:7d:b8:a3:56:f2:17:a5:f8:
76:ea:27:b3:32:e4:79:2b:c6:7c:d0:44:9b:cb:20:
03:c4:d9:96:f8:cb:5f:29:b3:c5:20:ae:9a:26:7d:
b7:44:84:4a:6c:91:85:90:89:bb:fa:15:0b:9c:a0:
03:ea:56:70:e9:e1:ca:b0:3e:2d:c0:29:12:95:0f:
55:c2:85:b8:3a:b3:47:02:c0:87:cd:39:5f:4a:04:
d3:8a:d2:e8:5a:f1:d1:79:7c:ec:70:61:32:db:d6:
63:81:d1:d5:34:b6:00:c2:42:5c:d4:f3:90:3d:fb:
59:76:07:64:57:24:76:11:61:b9:6a:ae:a3:59:3d:
16:35:ab:7b:9d:78:ac:66:44:cd:55:07:eb:71:30:
d8:44:28:ae:e1:bc:4c:2e:d1:27:a4:da:9f:5a:99:
e0:2f:28:e8:8a:ed:31:a3:5e:75:6a:76:8c:49:6a:
bd:1a:54:13:8b:df:2f:04:05:08:3b:07:ea:be:2d:
85:b2:14:01:f7:03:37:ad:67:53:56:88:83:d9:93:
7d:bc:6a:d5:b7:d1:a6:ac:20:40:ef:e8:9a:aa:7d:
31:1d:de:60:e9:1e:64:87:c2:70:a5:cf:9b:a4:a9:
e4:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:92:4B:6C:73:6F:1C:8F:C7:BD:B3:23:A8:59:B3:86:5A:F2:22:42
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:e000::/40
Signature Algorithm: sha256WithRSAEncryption
17:5b:30:e9:e0:ff:63:9e:4e:d9:9c:61:60:85:a9:32:69:63:
b1:56:45:4e:bc:4a:96:f7:de:3f:00:34:8f:cc:53:ce:ea:0b:
04:87:10:ff:72:e3:15:bb:0b:8e:d6:d5:eb:14:b9:64:fb:76:
63:43:db:0f:20:3e:e7:a5:4e:f2:f1:64:80:29:ce:c5:30:a7:
2e:2e:7a:25:c4:07:98:94:a8:57:99:c7:e1:33:c1:99:a2:f3:
36:53:33:41:e1:ce:9d:a0:fc:a5:85:3b:bb:6f:15:12:cb:e3:
11:dd:26:14:64:e8:c7:6e:d4:77:8a:36:4e:9e:b3:63:fa:6d:
84:0e:0c:08:47:e0:11:50:98:78:a6:52:9b:6b:c4:64:88:2d:
b8:1f:5b:5c:81:80:59:44:d4:80:02:8a:40:a3:e2:a2:7a:e4:
77:57:7f:d7:02:ee:1a:0c:28:45:23:43:16:d1:af:9b:e3:95:
3f:1c:6d:46:de:8a:db:0b:b3:10:29:98:c0:d7:fa:6d:2d:8c:
51:61:24:33:b3:ba:20:30:1e:fc:e9:8d:ac:3b:71:56:f5:44:
6a:1f:19:6b:e8:fe:26:89:38:8c:5b:b5:ed:37:73:9e:58:41:
a2:cd:4c:b8:30:0c:df:40:a9:ea:6e:86:e5:87:41:fa:77:24:
a8:a1:9a:1e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfnTUyoqnkvw2M8Puu09R5oKvtbEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxNjUwNDkxMDJmYjRkNTg4YTJjYjM0N2JiZDkzNjVkZTdiZmZlMjQ2YWQ3
MmMzMGE3MjQ3ZmU3NTJiZDk0YTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+E0Z8YaM4v2iB1rlmQEuECn6+HoH24o1byF6X4duonszLkeSvGfNBEm8sg
A8TZlvjLXymzxSCumiZ9t0SESmyRhZCJu/oVC5ygA+pWcOnhyrA+LcApEpUPVcKF
uDqzRwLAh805X0oE04rS6Frx0Xl87HBhMtvWY4HR1TS2AMJCXNTzkD37WXYHZFck
dhFhuWquo1k9FjWre514rGZEzVUH63Ew2EQoruG8TC7RJ6Tan1qZ4C8o6IrtMaNe
dWp2jElqvRpUE4vfLwQFCDsH6r4thbIUAfcDN61nU1aIg9mTfbxq1bfRpqwgQO/o
mqp9MR3eYOkeZIfCcKXPm6Sp5PsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQmkkts
c28cj8e9syOoWbOGWvIiQjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdiY2MxMjQtYmNkOC00MmVjLTkxMWYtMWI1NTFkY2VkYTY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H7g
MA0GCSqGSIb3DQEBCwUAA4IBAQAXWzDp4P9jnk7ZnGFghakyaWOxVkVOvEqW994/
ADSPzFPO6gsEhxD/cuMVuwuO1tXrFLlk+3ZjQ9sPID7npU7y8WSAKc7FMKcuLnol
xAeYlKhXmcfhM8GZovM2UzNB4c6doPylhTu7bxUSy+MR3SYUZOjHbtR3ijZOnrNj
+m2EDgwIR+ARUJh4plKba8RkiC24H1tcgYBZRNSAAopAo+KieuR3V3/XAu4aDChF
I0MW0a+b45U/HG1G3orbC7MQKZjA1/ptLYxRYSQzs7ogMB786Y2sO3FW9URqHxlr
6P4miTiMW7XtN3OeWEGizUy4MAzfQKnqboblh0H6dySooZoe
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:46 2024 by rpki-client on console-ams.rpki-client.org