Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbf8995d-72bc-4ff4-9613-29616c6d58dc.roa
File: dbf8995d-72bc-4ff4-9613-29616c6d58dc.roa (raw, json)
Hash identifier: AljeYK4zZkbplVwFqWLJTBIwPCOkcMH/69eM8CaKva0=
Subject key identifier: 3E:17:E5:2D:67:FB:D0:58:38:7A:88:CB:06:FE:F3:E4:FF:34:4C:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A07F503BD73C07FF013F960FA33844A28446A26
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbf8995d-72bc-4ff4-9613-29616c6d58dc.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:07:f5:03:bd:73:c0:7f:f0:13:f9:60:fa:33:84:4a:28:44:6a:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=fd1d3ea2d49a19b58710fbc2463ff178d7753d7442e7b0280c6ba5cef2ec3f71, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f7:a8:44:08:20:d3:94:0c:25:a2:5a:d0:f7:
8c:79:29:73:a8:ef:0b:cc:13:de:3d:e0:10:dc:8e:
a3:46:6e:16:cf:4a:13:17:03:bb:9b:08:b7:d4:5e:
47:35:39:7f:02:52:49:d6:1e:83:38:5a:ee:e6:81:
58:cc:4b:a0:c7:52:b5:23:ce:64:30:2a:14:09:d0:
b1:ed:7a:5b:3c:eb:8e:ef:b1:83:53:8d:68:2f:b4:
05:64:cb:e3:c7:80:42:4d:06:4f:da:2b:f9:f1:d8:
a3:10:b6:ca:bf:e7:37:68:7b:88:22:b2:7e:7f:ed:
32:00:5b:6a:ba:32:eb:34:2d:40:48:29:0e:3d:ba:
49:00:cd:b9:7f:aa:34:fe:1f:81:13:f5:83:f7:21:
6a:d4:73:a8:89:bd:fd:0a:ea:d8:b2:e4:be:08:6c:
89:74:67:06:05:13:c4:cc:36:a5:d7:b1:8b:ed:ad:
32:d3:f9:4d:0d:2e:a8:7f:79:1c:aa:e2:c1:2a:a0:
13:ef:2b:90:81:16:be:33:24:ae:fa:67:9f:ef:ee:
45:ad:44:fc:72:4a:66:02:0d:a4:be:cc:0b:dc:58:
8a:e4:67:16:20:6c:e6:71:a6:a3:75:f8:c5:47:29:
6f:c6:48:14:84:4f:d2:21:e4:a9:1e:07:32:8c:79:
9c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:17:E5:2D:67:FB:D0:58:38:7A:88:CB:06:FE:F3:E4:FF:34:4C:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbf8995d-72bc-4ff4-9613-29616c6d58dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c:a000::/40
Signature Algorithm: sha256WithRSAEncryption
a5:e2:f9:9e:b9:d9:9e:81:13:92:e9:48:7f:0b:32:a8:1e:f4:
4a:6a:23:4f:57:3f:0f:b9:25:7b:4d:8e:4f:9b:a5:6c:72:6c:
63:e5:2e:2a:6d:9e:5a:48:5b:f7:1d:c5:67:27:34:40:1b:61:
e2:8d:58:f9:f9:89:d3:47:98:a4:27:ac:8e:6e:70:6a:17:34:
20:55:d2:c5:ec:78:44:30:a6:f1:34:21:c7:42:d6:4a:01:7b:
92:a2:83:fe:d2:b0:b5:2d:53:2e:e5:36:dd:a7:31:73:b6:95:
51:90:2d:c3:cf:ef:cd:e8:16:c6:f1:99:93:d0:76:40:98:37:
fc:a2:00:4d:87:b6:ff:4d:5c:bb:a2:d3:a3:6a:03:34:d6:22:
76:b6:c4:1a:4f:90:a6:3d:ec:c0:92:53:cb:31:fb:50:39:b4:
23:d7:be:d8:60:55:c7:e6:83:10:5d:2f:98:01:71:cd:0c:19:
cb:62:06:d8:f6:d4:34:b7:c3:51:3a:ff:41:17:42:95:53:89:
e3:a9:ab:12:95:4f:36:18:d9:37:a4:98:2b:23:57:5e:be:6f:
4a:62:68:14:34:99:b1:84:64:6d:ff:1c:a9:9a:7b:cc:06:b0:
e8:a2:ef:b7:bb:d8:8e:4d:f4:a9:19:24:d4:8a:25:cc:e6:94:
0b:0f:fb:86
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGgf1A71zwH/wE/lg+jOESihEaiYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkMWQzZWEyZDQ5YTE5YjU4NzEwZmJjMjQ2M2ZmMTc4ZDc3NTNkNzQ0MmU3
YjAyODBjNmJhNWNlZjJlYzNmNzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMr3qEQIINOUDCWiWtD3jHkpc6jvC8wT3j3gENyOo0ZuFs9KExcDu5sIt9Re
RzU5fwJSSdYegzha7uaBWMxLoMdStSPOZDAqFAnQse16Wzzrju+xg1ONaC+0BWTL
48eAQk0GT9or+fHYoxC2yr/nN2h7iCKyfn/tMgBbaroy6zQtQEgpDj26SQDNuX+q
NP4fgRP1g/chatRzqIm9/Qrq2LLkvghsiXRnBgUTxMw2pdexi+2tMtP5TQ0uqH95
HKriwSqgE+8rkIEWvjMkrvpnn+/uRa1E/HJKZgINpL7MC9xYiuRnFiBs5nGmo3X4
xUcpb8ZIFIRP0iHkqR4HMox5nGsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ+F+Ut
Z/vQWDh6iMsG/vPk/zRMHjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGJmODk5NWQtNzJiYy00ZmY0LTk2MTMtMjk2MTZjNmQ1OGRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hyg
MA0GCSqGSIb3DQEBCwUAA4IBAQCl4vmeudmegROS6Uh/CzKoHvRKaiNPVz8PuSV7
TY5Pm6Vscmxj5S4qbZ5aSFv3HcVnJzRAG2HijVj5+YnTR5ikJ6yObnBqFzQgVdLF
7HhEMKbxNCHHQtZKAXuSooP+0rC1LVMu5TbdpzFztpVRkC3Dz+/N6BbG8ZmT0HZA
mDf8ogBNh7b/TVy7otOjagM01iJ2tsQaT5CmPezAklPLMftQObQj177YYFXH5oMQ
XS+YAXHNDBnLYgbY9tQ0t8NROv9BF0KVU4njqasSlU82GNk3pJgrI1devm9KYmgU
NJmxhGRt/xypmnvMBrDoou+3u9iOTfSpGSTUiiXM5pQLD/uG
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:02:32 2024 by rpki-client on console-fra.rpki-client.org