Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbf8995d-72bc-4ff4-9613-29616c6d58dc.roa
File: dbf8995d-72bc-4ff4-9613-29616c6d58dc.roa (raw, json)
Hash identifier: 2e/c9vzf83/FFbS1vRezjldJv26a4e1LxPhd7z1PNZE=
Subject key identifier: 36:04:C8:01:47:FC:9E:B2:AA:76:67:50:F0:9A:F3:3F:D9:A9:1D:0C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4DB39CD2354B142D6F7B4F0B3CE09F2146FA98F3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbf8995d-72bc-4ff4-9613-29616c6d58dc.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:b3:9c:d2:35:4b:14:2d:6f:7b:4f:0b:3c:e0:9f:21:46:fa:98:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=80c4c6b6189c01f87c7b189ba30b9fb2255368890a6d0ea42e3e3cd61a875bae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:37:35:1d:70:04:37:ba:df:31:39:3b:6d:0c:
bd:80:96:11:60:1e:43:f8:57:e0:f9:ac:3d:91:ac:
1e:4a:74:d2:72:6f:43:a3:c9:d1:c3:45:f1:95:80:
fb:db:88:50:09:e4:6b:3b:2e:f4:8d:b4:71:9f:53:
74:bb:ba:21:c9:ec:4d:95:ee:08:bd:4e:9d:9a:27:
c7:59:0a:18:e2:ae:07:25:1b:c2:6c:03:db:d5:b7:
65:ae:90:e6:d5:0f:3d:d7:85:d3:36:2e:b9:43:85:
d3:51:0a:0d:3e:b0:5a:73:4a:60:32:59:a5:04:4e:
25:bd:75:ee:a0:cb:ef:56:77:66:8a:f7:93:11:7b:
58:fa:a5:cf:b3:ab:2e:41:22:48:ef:6a:7e:06:89:
7e:53:1a:f0:1c:c0:d0:3e:c3:46:b0:56:e6:08:e9:
9e:b1:58:a6:ec:ad:06:fe:2f:38:e6:90:02:3e:5a:
f2:bc:00:02:bb:13:0f:4e:57:66:08:04:98:c5:a2:
27:67:a8:62:2b:e4:9a:a0:bf:04:24:54:a2:04:40:
88:d7:20:f0:88:23:9c:37:a5:5a:ff:81:1c:3f:a0:
64:7a:08:a8:c0:62:6b:73:97:a7:f4:8a:47:cf:14:
d3:9e:c9:d1:f9:29:7a:45:d7:c6:80:61:dc:50:26:
8d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:04:C8:01:47:FC:9E:B2:AA:76:67:50:F0:9A:F3:3F:D9:A9:1D:0C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbf8995d-72bc-4ff4-9613-29616c6d58dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c:a000::/40
Signature Algorithm: sha256WithRSAEncryption
a9:f5:7a:90:1f:57:3f:46:11:a9:df:fe:45:63:bd:d0:c9:15:
20:d3:18:7e:7b:8f:ec:a5:64:8c:db:59:97:b7:65:51:ef:1b:
6d:b1:9a:cc:e2:64:74:13:00:ef:7a:85:af:fa:3f:51:af:47:
a2:57:eb:19:52:70:67:4e:50:ed:df:51:bf:af:4c:99:ef:3c:
bc:9e:2f:8b:a6:8d:fd:9f:0b:0f:50:22:3c:4b:76:ae:7f:4e:
21:44:26:36:a6:84:23:e3:13:3a:8f:3d:c7:08:47:f5:b2:9f:
7e:64:43:7d:aa:c6:f8:c5:e6:ec:55:e0:83:a9:e4:68:0b:9b:
b3:49:3b:0c:cd:74:f2:55:63:16:22:f3:32:ed:dd:a0:26:04:
ac:ec:d3:e0:51:38:19:b2:4f:78:b4:06:70:a7:78:b9:29:5b:
8c:dc:05:4d:d1:a9:17:a7:fa:b6:16:2e:80:3f:3f:11:72:90:
bc:5f:44:40:71:57:d2:ea:3a:65:1a:43:3b:fc:b0:59:6a:59:
1d:f5:58:3b:77:19:29:a6:e1:f8:07:8b:6b:1b:59:0c:29:70:
24:78:b6:ec:43:e0:43:ae:12:0e:28:71:31:1a:6d:4b:0b:de:
09:9f:d0:52:12:3e:66:c3:cf:67:76:a8:7e:57:1e:4f:cd:5a:
17:2c:41:c9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTbOc0jVLFC1ve08LPOCfIUb6mPMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwYzRjNmI2MTg5YzAxZjg3YzdiMTg5YmEzMGI5ZmIyMjU1MzY4ODkwYTZk
MGVhNDJlM2UzY2Q2MWE4NzViYWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALE3NR1wBDe63zE5O20MvYCWEWAeQ/hX4PmsPZGsHkp00nJvQ6PJ0cNF8ZWA
+9uIUAnkazsu9I20cZ9TdLu6IcnsTZXuCL1OnZonx1kKGOKuByUbwmwD29W3Za6Q
5tUPPdeF0zYuuUOF01EKDT6wWnNKYDJZpQROJb117qDL71Z3Zor3kxF7WPqlz7Or
LkEiSO9qfgaJflMa8BzA0D7DRrBW5gjpnrFYpuytBv4vOOaQAj5a8rwAArsTD05X
ZggEmMWiJ2eoYivkmqC/BCRUogRAiNcg8IgjnDelWv+BHD+gZHoIqMBia3OXp/SK
R88U057J0fkpekXXxoBh3FAmjd8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ2BMgB
R/yesqp2Z1DwmvM/2akdDDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGJmODk5NWQtNzJiYy00ZmY0LTk2MTMtMjk2MTZjNmQ1OGRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hyg
MA0GCSqGSIb3DQEBCwUAA4IBAQCp9XqQH1c/RhGp3/5FY73QyRUg0xh+e4/spWSM
21mXt2VR7xttsZrM4mR0EwDveoWv+j9Rr0eiV+sZUnBnTlDt31G/r0yZ7zy8ni+L
po39nwsPUCI8S3auf04hRCY2poQj4xM6jz3HCEf1sp9+ZEN9qsb4xebsVeCDqeRo
C5uzSTsMzXTyVWMWIvMy7d2gJgSs7NPgUTgZsk94tAZwp3i5KVuM3AVN0akXp/q2
Fi6APz8RcpC8X0RAcVfS6jplGkM7/LBZalkd9Vg7dxkppuH4B4trG1kMKXAkeLbs
Q+BDrhIOKHExGm1LC94Jn9BSEj5mw89ndqh+Vx5PzVoXLEHJ
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:33 2024 by rpki-client on console-fra.rpki-client.org