Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e6ac0def-833f-4e1b-a75d-2d1fb3b8c3d6.roa
File: e6ac0def-833f-4e1b-a75d-2d1fb3b8c3d6.roa (raw, json)
Hash identifier: fc3y2igJY43RhymPZv+6FhZLaKuz3zJXG55EbO9drTk=
Subject key identifier: 16:83:A4:C5:C2:05:79:D4:5B:F9:DD:5C:93:21:3D:3C:71:BD:C1:A5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5AC232073877A40C8301E21ECC823B34926FB5E7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e6ac0def-833f-4e1b-a75d-2d1fb3b8c3d6.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:c2:32:07:38:77:a4:0c:83:01:e2:1e:cc:82:3b:34:92:6f:b5:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=89cc7844f4c0315921a34930f0b49e6f8c616ca1dcc69a18f251ea8526a9b7ec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d2:40:8b:06:10:8d:78:c8:0d:c3:05:f8:63:
8c:45:e7:4b:1a:1c:4e:06:b4:b2:70:d1:39:4b:4f:
60:db:cb:f2:ac:cc:c3:8d:16:f3:9d:9b:33:76:d0:
6c:9a:ab:56:c9:5e:0f:e1:a9:4e:9d:e7:e4:ed:02:
a9:45:92:bd:c8:2b:15:22:7b:54:1b:04:48:cc:3e:
4f:7d:56:b1:97:06:e8:a0:2e:76:73:94:8a:01:d3:
a6:89:c4:a4:58:50:e9:8e:6c:01:d9:1d:50:5d:a7:
f4:0b:ee:28:56:2b:5e:4c:87:d3:41:60:05:2f:6f:
77:03:ff:bb:35:aa:ee:aa:88:51:fb:b5:68:5e:33:
a6:c6:93:51:42:7a:fe:dc:63:a7:d8:03:31:9c:32:
93:57:79:c7:4b:b2:24:28:9b:c1:d6:b4:08:98:10:
0f:c5:7d:35:69:94:f4:bb:6a:16:3c:c9:7b:12:67:
4f:4a:3b:1b:4a:4e:02:a9:7c:0f:ad:59:cb:ee:b3:
57:ca:24:a1:6e:9b:2e:dd:23:71:2d:65:f6:fc:56:
ca:19:a4:22:88:2d:12:37:d6:c0:3c:a1:85:89:4e:
31:05:46:99:56:87:91:18:ca:a1:f9:c2:72:d3:48:
d1:dd:93:16:75:7a:81:e0:b2:84:17:18:ba:3c:df:
54:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:83:A4:C5:C2:05:79:D4:5B:F9:DD:5C:93:21:3D:3C:71:BD:C1:A5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e6ac0def-833f-4e1b-a75d-2d1fb3b8c3d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:c000::/40
Signature Algorithm: sha256WithRSAEncryption
16:22:28:eb:b7:1c:7d:38:03:0b:c6:da:53:28:69:39:1c:01:
7e:fa:bb:f6:37:5b:07:09:4f:fb:6b:15:da:0c:e9:b0:9f:d1:
9d:09:99:fc:a1:1b:0d:ed:65:5f:5b:74:83:14:88:58:43:68:
50:68:01:c4:42:04:57:f8:bf:fa:13:79:ec:cd:72:23:4d:3b:
06:43:f2:5e:76:e7:6a:f5:48:cf:e0:1b:8d:45:09:9b:39:64:
87:19:88:81:fa:e6:22:17:7a:3d:18:7e:35:e4:10:4c:ff:78:
ad:01:96:68:09:72:b5:95:35:8d:6b:90:75:9b:84:e2:94:7e:
ed:ee:77:1c:05:48:71:ab:3d:96:1b:5d:d8:90:54:7f:c3:4d:
64:35:38:dd:b5:38:50:60:47:92:4d:05:05:b4:08:b9:3f:d4:
63:78:c7:79:9c:8a:48:63:09:76:57:a8:bd:07:e2:80:df:0e:
84:d1:c8:db:c1:40:ee:47:bd:1e:23:f6:d9:5a:38:4d:05:93:
2a:d2:87:81:54:7f:41:91:76:a8:32:da:47:e3:f1:6f:86:67:
59:e4:42:6c:d1:fa:47:62:2a:54:fc:89:41:c2:ee:3c:0a:4f:
b3:9a:28:3c:36:fb:b8:7a:00:39:f3:d3:c7:8b:9e:6a:93:1d:
95:04:31:cd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWsIyBzh3pAyDAeIezII7NJJvtecwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5Y2M3ODQ0ZjRjMDMxNTkyMWEzNDkzMGYwYjQ5ZTZmOGM2MTZjYTFkY2M2
OWExOGYyNTFlYTg1MjZhOWI3ZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/SQIsGEI14yA3DBfhjjEXnSxocTga0snDROUtPYNvL8qzMw40W852bM3bQ
bJqrVsleD+GpTp3n5O0CqUWSvcgrFSJ7VBsESMw+T31WsZcG6KAudnOUigHTponE
pFhQ6Y5sAdkdUF2n9AvuKFYrXkyH00FgBS9vdwP/uzWq7qqIUfu1aF4zpsaTUUJ6
/txjp9gDMZwyk1d5x0uyJCibwda0CJgQD8V9NWmU9LtqFjzJexJnT0o7G0pOAql8
D61Zy+6zV8okoW6bLt0jcS1l9vxWyhmkIogtEjfWwDyhhYlOMQVGmVaHkRjKofnC
ctNI0d2TFnV6geCyhBcYujzfVI8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQWg6TF
wgV51Fv53VyTIT08cb3BpTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTZhYzBkZWYtODMzZi00ZTFiLWE3NWQtMmQxZmIzYjhjM2Q2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H7A
MA0GCSqGSIb3DQEBCwUAA4IBAQAWIijrtxx9OAMLxtpTKGk5HAF++rv2N1sHCU/7
axXaDOmwn9GdCZn8oRsN7WVfW3SDFIhYQ2hQaAHEQgRX+L/6E3nszXIjTTsGQ/Je
dudq9UjP4BuNRQmbOWSHGYiB+uYiF3o9GH415BBM/3itAZZoCXK1lTWNa5B1m4Ti
lH7t7nccBUhxqz2WG13YkFR/w01kNTjdtThQYEeSTQUFtAi5P9RjeMd5nIpIYwl2
V6i9B+KA3w6E0cjbwUDuR70eI/bZWjhNBZMq0oeBVH9BkXaoMtpH4/FvhmdZ5EJs
0fpHYipU/IlBwu48Ck+zmig8Nvu4egA589PHi55qkx2VBDHN
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:02:32 2024 by rpki-client on console-fra.rpki-client.org