Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dac78198-f4cc-4437-840d-17db5bc1e05f.roa
File: dac78198-f4cc-4437-840d-17db5bc1e05f.roa (raw, json)
Hash identifier: 9xrZxzawKUVKdRHHs/xn44ttmr6eHcTsmtYCQVWYH3E=
Subject key identifier: A1:62:5A:D6:5D:AD:47:24:DF:57:35:CB:A5:A9:BA:7A:36:F6:F3:4F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45CFDA846787D89D34E819015E52BD8AB0FE18F5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dac78198-f4cc-4437-840d-17db5bc1e05f.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d013::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:cf:da:84:67:87:d8:9d:34:e8:19:01:5e:52:bd:8a:b0:fe:18:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=6c85f9fac83643512164cd4a042ab2cd4a1c176dacc4b9db0db74f3bdc48eec5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ad:a9:4e:ee:67:d4:93:12:b0:84:bc:21:9f:
4f:65:9a:3c:47:1a:d6:67:da:8e:35:ba:b4:62:e8:
75:c4:3b:91:dd:67:2d:97:f2:6a:05:c7:72:f6:13:
db:ff:7a:d0:b5:c3:1b:65:09:b9:35:13:a9:33:fd:
2e:db:37:5a:9a:eb:25:d4:07:73:c2:31:75:5f:eb:
77:d3:91:59:68:99:9d:f2:06:f1:de:8a:74:ff:52:
cc:d3:c0:df:c1:b4:8f:ae:ff:5f:95:9f:ac:ad:8f:
b0:d1:12:5a:50:94:87:59:10:e8:c9:a9:ab:75:ec:
96:f1:9f:f8:29:12:22:41:79:3b:2f:b8:5b:69:20:
93:13:70:e7:91:cb:80:48:1d:de:07:9b:3f:4b:53:
52:d3:48:bd:15:34:0f:e1:39:66:83:ec:07:e9:15:
38:0f:99:09:86:d6:1e:b3:6d:a2:86:6d:9c:61:f9:
c0:8b:99:c9:c3:75:6c:c2:b7:cf:45:41:fe:71:69:
01:77:3e:83:91:63:6e:17:d7:3e:8a:e2:87:ed:ca:
1a:44:f4:21:dc:4d:1f:9b:0d:2a:16:d8:3f:08:f2:
dd:7c:ca:f9:4e:7a:b5:1a:af:14:06:13:b0:38:d7:
fc:d5:ff:2d:88:8a:bb:3b:1f:e6:f9:1e:ea:4e:49:
69:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:62:5A:D6:5D:AD:47:24:DF:57:35:CB:A5:A9:BA:7A:36:F6:F3:4F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dac78198-f4cc-4437-840d-17db5bc1e05f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d013::/36
Signature Algorithm: sha256WithRSAEncryption
65:81:e3:9a:35:a2:e3:50:f9:90:a0:69:25:7b:1b:b8:70:79:
1c:1f:22:85:c0:d1:d6:96:af:cc:5e:51:8d:53:02:fb:74:4f:
97:33:5e:c0:1a:d0:73:67:8b:11:d4:f4:e3:f5:dc:eb:a3:0f:
9e:5e:9e:8d:54:2f:cd:84:d0:62:8f:3e:0e:56:dc:2b:94:06:
e4:32:fb:93:d6:31:3d:57:67:37:b5:c1:55:5e:84:2e:70:01:
05:ab:0d:b4:ef:a7:eb:af:fd:1f:61:13:c7:7a:8e:bd:2b:ed:
9e:8e:f1:21:37:6b:91:0b:a0:b5:85:eb:d7:f7:d6:ee:b7:c7:
53:06:f3:1a:95:b4:7c:44:aa:eb:79:31:05:ae:d2:01:e7:41:
06:2b:79:c3:a8:56:81:8c:24:e8:9b:88:98:47:3d:76:48:eb:
15:9d:c4:0b:f0:cc:da:6a:d7:18:d4:57:3d:2a:b9:b4:d7:5b:
4a:92:bd:b1:3b:7f:8f:56:43:97:be:92:d7:c3:8f:3f:db:f9:
70:cb:f5:bc:c3:42:30:ff:b6:d7:2f:84:3e:17:19:e9:a5:fc:
bb:1c:a3:ec:b0:b3:26:80:b0:8f:72:fd:13:92:8c:b5:33:16:
ef:8a:9e:a9:43:38:65:ae:3f:3b:a3:07:6e:52:69:14:a5:5b:
95:b2:40:41
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURc/ahGeH2J006BkBXlK9irD+GPUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjODVmOWZhYzgzNjQzNTEyMTY0Y2Q0YTA0MmFiMmNkNGExYzE3NmRhY2M0
YjlkYjBkYjc0ZjNiZGM0OGVlYzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2tqU7uZ9STErCEvCGfT2WaPEca1mfajjW6tGLodcQ7kd1nLZfyagXHcvYT
2/960LXDG2UJuTUTqTP9Lts3WprrJdQHc8IxdV/rd9ORWWiZnfIG8d6KdP9SzNPA
38G0j67/X5WfrK2PsNESWlCUh1kQ6Mmpq3XslvGf+CkSIkF5Oy+4W2kgkxNw55HL
gEgd3gebP0tTUtNIvRU0D+E5ZoPsB+kVOA+ZCYbWHrNtooZtnGH5wIuZycN1bMK3
z0VB/nFpAXc+g5FjbhfXPorih+3KGkT0IdxNH5sNKhbYPwjy3XzK+U56tRqvFAYT
sDjX/NX/LYiKuzsf5vke6k5JacUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBShYlrW
Xa1HJN9XNculqbp6NvbzTzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGFjNzgxOTgtZjRjYy00NDM3LTg0MGQtMTdkYjViYzFlMDVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BMA
MA0GCSqGSIb3DQEBCwUAA4IBAQBlgeOaNaLjUPmQoGklexu4cHkcHyKFwNHWlq/M
XlGNUwL7dE+XM17AGtBzZ4sR1PTj9dzrow+eXp6NVC/NhNBijz4OVtwrlAbkMvuT
1jE9V2c3tcFVXoQucAEFqw2076frr/0fYRPHeo69K+2ejvEhN2uRC6C1hevX99bu
t8dTBvMalbR8RKrreTEFrtIB50EGK3nDqFaBjCTom4iYRz12SOsVncQL8MzaatcY
1Fc9Krm011tKkr2xO3+PVkOXvpLXw48/2/lwy/W8w0Iw/7bXL4Q+Fxnppfy7HKPs
sLMmgLCPcv0Tkoy1Mxbvip6pQzhlrj87owduUmkUpVuVskBB
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:58:41 2024 by rpki-client on console-fra.rpki-client.org