Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e430b563-cec7-4a92-9415-c4dc64252edc.roa
File: e430b563-cec7-4a92-9415-c4dc64252edc.roa (raw, json)
Hash identifier: UOSUuLsqrw+JpdUAq3f52lkmgaE6/9UXDhrXzmaEOzc=
Subject key identifier: 68:60:3F:49:09:95:B6:55:7D:52:16:B5:A5:D2:27:5D:42:CC:9B:2B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74CDA23A9124905D59CF58075D3A2117D3466CDD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e430b563-cec7-4a92-9415-c4dc64252edc.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Dec 2024 16:33:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:cd:a2:3a:91:24:90:5d:59:cf:58:07:5d:3a:21:17:d3:46:6c:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=4ee21c3ff13f6bbd1b82bdb8a74e4adb6a1f0e412cec216cfa7165a6a8a513ef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:93:d6:ab:86:33:9b:5b:74:5c:93:de:f6:02:
f0:44:58:15:32:2b:ca:22:60:bc:54:b7:e1:09:b6:
d5:e4:bb:39:07:af:e4:04:7a:8f:84:6d:1c:0f:56:
e5:03:c6:50:7f:b3:20:fb:0f:f9:96:88:a8:88:06:
fa:2a:f7:72:5b:25:20:7d:7a:54:5f:60:9b:72:d7:
23:c8:8a:6f:96:58:ef:13:78:5c:1c:ee:f9:2d:82:
8c:11:0c:01:77:03:58:58:f0:95:a4:df:3d:84:7e:
71:77:60:fb:f3:2a:25:12:76:2b:f4:a1:47:1a:64:
a9:d8:94:7a:8d:48:9a:e8:9a:02:42:46:1e:9a:ee:
69:5e:e3:fb:62:72:cb:ca:59:db:c8:82:e7:d5:50:
f3:d5:7a:6f:a7:50:65:47:ee:cd:c1:dd:8e:d0:87:
3b:07:26:98:f0:b8:6a:5f:62:98:5f:e6:ee:fe:0d:
b5:b9:a2:f2:95:1f:30:62:f5:ee:5b:dc:26:30:a0:
32:51:8b:6d:1b:1a:73:22:db:64:4f:02:90:eb:1e:
0a:5d:9f:ee:84:82:20:3f:07:ea:c2:5f:9e:33:7b:
00:a1:8a:57:69:40:85:1e:e4:1a:81:1d:cf:b4:37:
4b:89:59:6f:6f:53:be:44:b8:e6:0c:ba:c0:fa:47:
0c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:60:3F:49:09:95:B6:55:7D:52:16:B5:A5:D2:27:5D:42:CC:9B:2B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e430b563-cec7-4a92-9415-c4dc64252edc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:a000::/40
Signature Algorithm: sha256WithRSAEncryption
59:41:c4:d3:48:e0:c8:3c:32:00:d6:14:3f:05:45:46:c5:71:
c4:08:44:e5:0e:a9:a1:90:92:25:25:01:a9:9c:3d:15:1a:63:
e4:70:b8:75:b6:62:c1:76:33:68:03:c9:7e:bf:c9:a6:30:2d:
34:4b:ef:2f:83:e0:e8:73:7e:b8:26:4c:72:4b:33:97:f4:39:
df:9b:89:4e:0b:5d:4d:1e:84:85:ce:c3:12:55:4d:5e:46:bf:
7f:d1:71:69:d8:11:0c:a3:a1:f0:05:f2:aa:01:f5:b4:7a:9f:
fa:34:43:56:54:38:88:7d:bc:c2:1a:00:b1:07:93:a6:d2:68:
b1:8a:fa:78:f6:a8:4b:39:44:12:a2:c5:e1:7a:0f:2b:8f:47:
5d:c3:fc:70:0d:4a:6f:d9:fd:94:00:3d:bd:e9:42:bc:8b:10:
e6:6d:72:0e:e1:75:f4:aa:53:d5:dd:e5:16:28:58:92:28:6f:
d5:5b:ab:9f:27:96:3f:33:02:10:c9:12:52:4d:c5:a8:0e:d6:
fb:08:4b:66:93:a4:ac:37:53:b8:0a:78:01:bb:95:3c:70:d5:
17:44:0e:cc:62:f9:cd:a9:e9:70:b2:27:5a:4c:21:bf:d9:f5:
e2:ad:27:23:41:04:53:67:64:75:d9:04:10:21:29:41:1d:bb:
7e:e2:aa:50
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdM2iOpEkkF1Zz1gHXTohF9NGbN0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlZTIxYzNmZjEzZjZiYmQxYjgyYmRiOGE3NGU0YWRiNmExZjBlNDEyY2Vj
MjE2Y2ZhNzE2NWE2YThhNTEzZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6T1quGM5tbdFyT3vYC8ERYFTIryiJgvFS34Qm21eS7OQev5AR6j4RtHA9W
5QPGUH+zIPsP+ZaIqIgG+ir3clslIH16VF9gm3LXI8iKb5ZY7xN4XBzu+S2CjBEM
AXcDWFjwlaTfPYR+cXdg+/MqJRJ2K/ShRxpkqdiUeo1ImuiaAkJGHpruaV7j+2Jy
y8pZ28iC59VQ89V6b6dQZUfuzcHdjtCHOwcmmPC4al9imF/m7v4Ntbmi8pUfMGL1
7lvcJjCgMlGLbRsacyLbZE8CkOseCl2f7oSCID8H6sJfnjN7AKGKV2lAhR7kGoEd
z7Q3S4lZb29TvkS45gy6wPpHDGkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRoYD9J
CZW2VX1SFrWl0iddQsybKzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTQzMGI1NjMtY2VjNy00YTkyLTk0MTUtYzRkYzY0MjUyZWRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hug
MA0GCSqGSIb3DQEBCwUAA4IBAQBZQcTTSODIPDIA1hQ/BUVGxXHECETlDqmhkJIl
JQGpnD0VGmPkcLh1tmLBdjNoA8l+v8mmMC00S+8vg+Doc364JkxySzOX9Dnfm4lO
C11NHoSFzsMSVU1eRr9/0XFp2BEMo6HwBfKqAfW0ep/6NENWVDiIfbzCGgCxB5Om
0mixivp49qhLOUQSosXheg8rj0ddw/xwDUpv2f2UAD296UK8ixDmbXIO4XX0qlPV
3eUWKFiSKG/VW6ufJ5Y/MwIQyRJSTcWoDtb7CEtmk6SsN1O4CngBu5U8cNUXRA7M
YvnNqelwsidaTCG/2fXirScjQQRTZ2R12QQQISlBHbt+4qpQ
-----END CERTIFICATE-----
Generated at Tue Dec 10 20:59:46 2024 by rpki-client on console-fra.rpki-client.org