Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
File: d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa (raw, json)
Hash identifier: 07oTNZmaOt6z8DwiR5p47HY7WWrhKm0i4xbMxeyfmbk=
Subject key identifier: 85:3D:48:8A:FF:F3:44:35:92:62:87:F8:32:27:76:9B:DB:95:32:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6BD1A08BC07C1225EFCFE8DE8D9FAFE3435D09D5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d024::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:d1:a0:8b:c0:7c:12:25:ef:cf:e8:de:8d:9f:af:e3:43:5d:09:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=eae266bb3458065567bd63df9d4beff4c2ea967d44713e980a3072693f44471e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:66:b9:99:28:04:30:d2:91:69:00:6e:ae:40:
10:84:1d:46:d0:09:9c:96:56:bb:66:95:2c:6d:b1:
a0:ce:7f:b6:7d:7b:60:7f:3a:5e:18:2b:60:e5:ac:
cb:1c:2b:4b:54:ad:d7:fa:8c:1c:f3:96:8d:e6:2f:
47:b6:b6:41:fd:67:fe:67:0a:97:8c:cc:29:18:a4:
63:29:ef:af:10:94:a8:b8:55:eb:56:28:48:04:cf:
6d:9a:18:79:4a:63:ad:a0:cf:b2:e4:ae:88:28:c9:
8b:81:98:af:6b:a3:25:23:52:0f:88:ed:33:14:a4:
28:b7:f5:83:74:3f:61:a4:26:76:a7:42:da:19:2b:
09:19:e2:ca:a7:d5:41:43:56:c9:39:1e:78:3c:d0:
71:75:59:47:dc:b2:38:4f:02:9a:04:da:ad:8c:21:
2e:5a:1f:3d:22:20:86:22:32:d0:94:59:e6:d1:c5:
2b:7d:47:6c:f0:27:31:fd:2a:13:3d:69:18:b7:db:
03:20:e4:6e:29:00:9e:6d:4b:1d:27:06:1e:d0:92:
03:55:a8:1c:7b:f6:f8:ff:71:f2:3f:f4:6b:23:b0:
92:65:a0:b1:5a:38:fa:d6:5b:60:68:00:82:8b:10:
70:57:19:93:09:2e:57:2d:fc:4c:4c:3d:50:22:46:
0b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:3D:48:8A:FF:F3:44:35:92:62:87:F8:32:27:76:9B:DB:95:32:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d024::/36
Signature Algorithm: sha256WithRSAEncryption
27:62:8e:7f:12:d0:63:23:2f:ef:0f:df:97:be:18:6b:c1:90:
1e:08:24:69:50:2f:c2:9f:86:02:2d:0c:4b:60:87:89:17:5f:
e2:c8:c4:2c:11:df:b6:90:47:ca:73:80:55:1f:08:29:9b:cd:
52:96:db:a8:df:46:9d:9c:4f:1c:ab:f2:1a:21:90:52:23:99:
cb:0b:9e:8d:20:14:35:a9:1a:8c:cc:4e:c3:31:91:19:39:38:
e2:84:6a:d8:f9:8c:06:87:79:2b:c1:d1:5f:d3:1b:60:a9:d5:
19:23:ae:4c:a3:07:32:24:1c:a3:10:85:cc:a8:03:d1:4c:b7:
13:09:89:4f:7b:43:08:8c:c8:76:7a:70:23:6c:40:80:56:ed:
5f:34:c1:33:12:41:e4:23:31:f1:af:41:1e:83:b3:64:12:1f:
1b:67:bd:45:37:8b:55:6f:80:92:4e:51:72:c7:16:a6:13:eb:
89:69:37:9d:0b:ec:2c:e2:05:11:79:b6:29:98:92:4c:90:2c:
23:5b:9e:1a:c6:43:3a:c3:45:44:71:69:8f:bc:d2:7c:af:bf:
af:da:74:b8:5c:5d:c9:3e:76:c1:2f:93:4e:80:88:da:1b:68:
ad:80:bc:c2:f2:b9:ad:10:dc:53:4e:4f:36:02:7d:29:8c:aa:
5e:45:28:59
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUa9Ggi8B8EiXvz+jejZ+v40NdCdUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhZTI2NmJiMzQ1ODA2NTU2N2JkNjNkZjlkNGJlZmY0YzJlYTk2N2Q0NDcx
M2U5ODBhMzA3MjY5M2Y0NDQ3MWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKNmuZkoBDDSkWkAbq5AEIQdRtAJnJZWu2aVLG2xoM5/tn17YH86XhgrYOWs
yxwrS1St1/qMHPOWjeYvR7a2Qf1n/mcKl4zMKRikYynvrxCUqLhV61YoSATPbZoY
eUpjraDPsuSuiCjJi4GYr2ujJSNSD4jtMxSkKLf1g3Q/YaQmdqdC2hkrCRniyqfV
QUNWyTkeeDzQcXVZR9yyOE8CmgTarYwhLlofPSIghiIy0JRZ5tHFK31HbPAnMf0q
Ez1pGLfbAyDkbikAnm1LHScGHtCSA1WoHHv2+P9x8j/0ayOwkmWgsVo4+tZbYGgA
gosQcFcZkwkuVy38TEw9UCJGC5MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSFPUiK
//NENZJih/gyJ3ab25UytDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDhmZjcwMTMtMDhiNi00ZTM2LWFiODgtYzRmOGJkM2U3YTA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CQA
MA0GCSqGSIb3DQEBCwUAA4IBAQAnYo5/EtBjIy/vD9+XvhhrwZAeCCRpUC/Cn4YC
LQxLYIeJF1/iyMQsEd+2kEfKc4BVHwgpm81Sltuo30adnE8cq/IaIZBSI5nLC56N
IBQ1qRqMzE7DMZEZOTjihGrY+YwGh3krwdFf0xtgqdUZI65MowcyJByjEIXMqAPR
TLcTCYlPe0MIjMh2enAjbECAVu1fNMEzEkHkIzHxr0Eeg7NkEh8bZ71FN4tVb4CS
TlFyxxamE+uJaTedC+ws4gURebYpmJJMkCwjW54axkM6w0VEcWmPvNJ8r7+v2nS4
XF3JPnbBL5NOgIjaG2itgLzC8rmtENxTTk82An0pjKpeRShZ
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:58:41 2024 by rpki-client on console-fra.rpki-client.org