Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d87254b0-b4eb-4fa7-903a-4d7122b9c6b4.roa
File: d87254b0-b4eb-4fa7-903a-4d7122b9c6b4.roa (raw, json)
Hash identifier: ehndD45ruiPDowcNTgOtzxfqHQQUFrbph7/BOHvRKiM=
Subject key identifier: E0:85:05:58:6E:1C:B7:89:6D:90:17:07:33:95:04:60:30:F3:65:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74D1DCAF6EFF9A97B1554DF1642741F935C246C2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d87254b0-b4eb-4fa7-903a-4d7122b9c6b4.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d070:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:d1:dc:af:6e:ff:9a:97:b1:55:4d:f1:64:27:41:f9:35:c2:46:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=82b3f82a3821c759da1b061f9d72bee2e9920383e561a729ecafae4c0dcf287e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fa:af:77:84:cd:6c:1e:6a:fd:d6:e2:fa:d0:
a9:c4:88:e7:73:ad:21:ce:12:41:38:bc:68:9f:2a:
82:f7:da:5c:76:a4:df:82:49:72:f6:c1:36:8d:bc:
48:0b:cf:01:16:aa:24:ab:47:e1:d7:3f:d9:ff:53:
a9:7f:3f:94:84:b1:34:63:36:dc:2c:d0:4b:43:53:
56:bf:2a:3b:ab:2f:36:3b:25:83:e0:b5:9d:2a:bc:
57:86:e8:a3:5e:1e:d0:bc:a3:67:f3:8a:d9:11:de:
a9:2c:b3:df:7c:fb:d8:6e:04:a3:a3:76:d9:5c:b8:
91:77:e3:48:01:8e:70:99:28:23:dc:24:22:1e:d7:
56:89:98:d1:76:46:60:19:f2:79:50:af:97:84:9e:
fb:48:34:4d:83:25:ca:20:f3:44:be:53:4d:be:fb:
19:29:3f:7c:d7:1b:e4:f4:be:3c:6f:64:df:9b:18:
de:e6:ca:fb:4a:17:be:df:4d:15:18:81:c7:fa:62:
6f:43:1e:17:3d:31:0e:fe:98:65:6f:0c:c7:63:8c:
e3:a9:8b:d3:94:0f:43:a6:fe:70:a8:08:85:b5:4d:
3a:98:1d:f0:43:f4:7e:35:bd:9c:33:44:72:d5:31:
8c:7c:3a:23:c5:f7:e9:05:45:16:1f:ac:a6:ef:21:
bd:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:85:05:58:6E:1C:B7:89:6D:90:17:07:33:95:04:60:30:F3:65:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d87254b0-b4eb-4fa7-903a-4d7122b9c6b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d070:5000::/40
Signature Algorithm: sha256WithRSAEncryption
7e:65:4c:a1:45:63:f7:74:6d:5b:3e:0b:de:b6:bf:8c:6e:8e:
54:9c:7a:06:b4:0b:a8:03:40:d5:ab:24:f0:27:03:dc:f3:85:
fe:54:7a:c6:06:46:ae:fc:0c:86:ff:f3:6d:04:87:5c:59:1a:
e5:c8:4a:75:c7:91:13:73:af:d5:22:43:00:47:0d:06:50:90:
22:a1:9a:ce:8a:dd:b8:4c:3e:12:07:9f:58:2e:c3:c3:03:ce:
d7:e1:47:2b:93:db:42:35:f6:6a:75:32:ea:a2:72:d5:85:27:
4d:5d:90:1a:76:3f:f3:40:f1:48:e2:44:48:37:3e:7b:e3:5d:
79:a8:18:72:8a:eb:ee:d2:01:ca:4d:a9:d2:fc:88:22:87:8f:
93:2c:70:a5:b4:cd:e1:f5:08:7f:89:cc:84:7d:46:30:91:55:
74:56:c7:55:19:5d:48:e3:e4:c9:28:6d:ae:ea:aa:fa:de:13:
17:f3:66:9a:ad:ae:8e:6f:fe:4d:69:bc:c1:96:a3:c1:ef:0f:
9c:fd:60:89:e8:7b:f1:99:46:e1:fb:d4:76:49:81:6d:83:93:
4d:fc:06:13:12:b2:03:04:76:ff:88:4e:de:26:c3:ca:a7:2b:
ff:6e:e7:29:a3:78:d4:77:4c:ae:1b:c8:87:85:3c:44:1b:8f:
f0:a0:00:0c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdNHcr27/mpexVU3xZCdB+TXCRsIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyYjNmODJhMzgyMWM3NTlkYTFiMDYxZjlkNzJiZWUyZTk5MjAzODNlNTYx
YTcyOWVjYWZhZTRjMGRjZjI4N2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALX6r3eEzWweav3W4vrQqcSI53OtIc4SQTi8aJ8qgvfaXHak34JJcvbBNo28
SAvPARaqJKtH4dc/2f9TqX8/lISxNGM23CzQS0NTVr8qO6svNjslg+C1nSq8V4bo
o14e0LyjZ/OK2RHeqSyz33z72G4Eo6N22Vy4kXfjSAGOcJkoI9wkIh7XVomY0XZG
YBnyeVCvl4Se+0g0TYMlyiDzRL5TTb77GSk/fNcb5PS+PG9k35sY3ubK+0oXvt9N
FRiBx/pib0MeFz0xDv6YZW8Mx2OM46mL05QPQ6b+cKgIhbVNOpgd8EP0fjW9nDNE
ctUxjHw6I8X36QVFFh+spu8hvSUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTghQVY
bhy3iW2QFwczlQRgMPNl6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDg3MjU0YjAtYjRlYi00ZmE3LTkwM2EtNGQ3MTIyYjljNmI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB+ZUyhRWP3dG1bPgvetr+Mbo5UnHoGtAuoA0DV
qyTwJwPc84X+VHrGBkau/AyG//NtBIdcWRrlyEp1x5ETc6/VIkMARw0GUJAioZrO
it24TD4SB59YLsPDA87X4Ucrk9tCNfZqdTLqonLVhSdNXZAadj/zQPFI4kRINz57
4115qBhyiuvu0gHKTanS/Igih4+TLHCltM3h9Qh/icyEfUYwkVV0VsdVGV1I4+TJ
KG2u6qr63hMX82aara6Ob/5NabzBlqPB7w+c/WCJ6HvxmUbh+9R2SYFtg5NN/AYT
ErIDBHb/iE7eJsPKpyv/bucpo3jUd0yuG8iHhTxEG4/woAAM
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:33 2024 by rpki-client on console-ams.rpki-client.org