Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0dbf3e3-27cf-4059-abd9-b44b66e2bf22.roa
File: e0dbf3e3-27cf-4059-abd9-b44b66e2bf22.roa (raw, json)
Hash identifier: ylQQ5ehp2h7H0S9rlPfRpvT3efzdKpZ8zpGrk5TIAwo=
Subject key identifier: 04:2E:8E:08:64:BD:00:0C:26:79:38:18:49:86:DF:1A:55:29:9E:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7230C96687BD67CCF3F882B0056DE2B5FBC48EDC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0dbf3e3-27cf-4059-abd9-b44b66e2bf22.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:30:c9:66:87:bd:67:cc:f3:f8:82:b0:05:6d:e2:b5:fb:c4:8e:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=cc978178e2d33cb08f755e57c35bcf840fce9ddbe4647770c60939c57d6230cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:59:4f:f0:b8:f9:48:b5:66:78:d0:df:6b:dd:
14:94:ed:ec:1b:14:98:5b:05:2a:37:90:db:54:fc:
c8:c5:ed:ad:1e:90:a0:c9:bd:be:4a:68:dc:53:52:
43:59:e2:2d:b4:a2:fb:43:4e:88:f2:d7:7c:7e:38:
57:11:bc:0a:69:ae:77:93:a9:94:90:77:88:da:68:
4c:de:9c:c6:34:f9:b3:99:b0:c5:c7:4b:dc:c2:97:
fa:27:df:58:58:27:07:a0:34:84:60:51:2c:3c:59:
cf:8c:42:ea:2b:c0:3a:a9:a2:c0:59:67:f9:d3:74:
24:a7:23:fb:7b:5e:89:3b:1d:45:e3:1c:75:c7:35:
e7:c9:ca:77:f5:7b:30:2a:d8:4f:30:21:2d:45:76:
23:bd:ee:cf:4f:dc:5f:88:98:93:36:34:16:37:9a:
b8:b2:60:4f:d5:d7:7f:48:64:11:05:0b:86:cc:74:
b8:3e:5d:4d:9b:bd:64:6f:b2:be:de:37:ab:b7:94:
61:bb:ce:ce:ca:11:1d:62:d3:24:b1:5a:db:92:c6:
72:96:dc:d6:b9:75:1a:2a:e6:91:f9:3c:f1:ca:7d:
f7:92:6e:3c:29:8e:1e:0d:e2:3a:22:a0:88:ba:5b:
62:ce:98:36:0c:bb:26:d1:3a:5b:07:a8:b6:de:be:
d6:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:2E:8E:08:64:BD:00:0C:26:79:38:18:49:86:DF:1A:55:29:9E:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0dbf3e3-27cf-4059-abd9-b44b66e2bf22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:a000::/40
Signature Algorithm: sha256WithRSAEncryption
b0:fd:e6:fd:eb:81:b6:e2:a0:dd:f6:c8:14:d4:96:d9:41:b8:
71:99:c7:ff:56:a7:6a:20:5e:f4:15:9e:c2:62:ea:0f:88:d4:
5a:1b:d4:9a:49:32:11:1c:e6:b0:fd:ee:8d:ad:1f:b8:31:d2:
e6:a6:2f:a4:57:b1:c2:5f:45:77:8c:8e:08:db:f7:0e:82:1e:
d8:c9:16:10:09:da:92:b9:a4:6e:a8:73:4d:e9:c0:99:a8:17:
ca:a7:c9:6f:a4:78:24:7d:e1:e4:cb:e2:15:8f:ac:cb:3c:d9:
7c:49:51:ea:53:92:f3:51:68:04:ec:34:b0:1f:2a:11:1a:a4:
08:f4:ed:6b:82:8f:bc:99:d4:33:13:70:9a:59:44:14:22:25:
8a:60:ce:9e:86:b5:9f:73:e4:11:2b:d6:69:c1:d0:cc:7b:26:
1a:42:c6:8c:a4:4d:b6:a4:38:3a:5c:be:84:88:9c:38:e8:53:
8b:32:12:03:8e:aa:94:5b:2b:f0:e8:08:12:98:0f:a1:0e:c3:
3e:b4:d8:6a:49:60:a3:e7:3e:15:37:bf:8b:d8:36:dd:55:ba:
4f:08:6b:a7:37:f2:4d:0e:72:24:83:1e:15:44:c5:dc:52:31:
b5:c2:54:33:a3:47:8a:ee:63:fa:c4:89:26:08:4d:93:34:d1:
8f:61:35:24
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcjDJZoe9Z8zz+IKwBW3itfvEjtwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjOTc4MTc4ZTJkMzNjYjA4Zjc1NWU1N2MzNWJjZjg0MGZjZTlkZGJlNDY0
Nzc3MGM2MDkzOWM1N2Q2MjMwY2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANhZT/C4+Ui1ZnjQ32vdFJTt7BsUmFsFKjeQ21T8yMXtrR6QoMm9vkpo3FNS
Q1niLbSi+0NOiPLXfH44VxG8Cmmud5OplJB3iNpoTN6cxjT5s5mwxcdL3MKX+iff
WFgnB6A0hGBRLDxZz4xC6ivAOqmiwFln+dN0JKcj+3teiTsdReMcdcc158nKd/V7
MCrYTzAhLUV2I73uz0/cX4iYkzY0FjeauLJgT9XXf0hkEQULhsx0uD5dTZu9ZG+y
vt43q7eUYbvOzsoRHWLTJLFa25LGcpbc1rl1Girmkfk88cp995JuPCmOHg3iOiKg
iLpbYs6YNgy7JtE6Wweott6+1msCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQELo4I
ZL0ADCZ5OBhJht8aVSmeDjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTBkYmYzZTMtMjdjZi00MDU5LWFiZDktYjQ0YjY2ZTJiZjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DGg
MA0GCSqGSIb3DQEBCwUAA4IBAQCw/eb964G24qDd9sgU1JbZQbhxmcf/VqdqIF70
FZ7CYuoPiNRaG9SaSTIRHOaw/e6NrR+4MdLmpi+kV7HCX0V3jI4I2/cOgh7YyRYQ
CdqSuaRuqHNN6cCZqBfKp8lvpHgkfeHky+IVj6zLPNl8SVHqU5LzUWgE7DSwHyoR
GqQI9O1rgo+8mdQzE3CaWUQUIiWKYM6ehrWfc+QRK9ZpwdDMeyYaQsaMpE22pDg6
XL6EiJw46FOLMhIDjqqUWyvw6AgSmA+hDsM+tNhqSWCj5z4VN7+L2DbdVbpPCGun
N/JNDnIkgx4VRMXcUjG1wlQzo0eK7mP6xIkmCE2TNNGPYTUk
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:33 2024 by rpki-client on console-fra.rpki-client.org