Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e8fedb09-473e-4b00-a883-7b7a8b1245ba.roa
File: e8fedb09-473e-4b00-a883-7b7a8b1245ba.roa (raw, json)
Hash identifier: z0hndDtPReN6vQ9rqNxAbhZkUhOQckaIcuInm1vgIOM=
Subject key identifier: 24:8B:A3:E0:EE:B7:62:B5:34:05:7F:B0:94:D0:31:EE:BB:2E:ED:60
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50CCDFF4AC60A6C568E3D76C2F9302A3661AFAD5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e8fedb09-473e-4b00-a883-7b7a8b1245ba.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:cc:df:f4:ac:60:a6:c5:68:e3:d7:6c:2f:93:02:a3:66:1a:fa:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=c272be4ee233726b17d9f1d744484f4555b492f6a646884acc05e80272f52852, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:27:c4:9b:65:e2:d9:d9:cf:6d:f9:fa:58:c0:
1a:3a:22:75:04:ee:d2:e7:c0:2e:05:d7:25:2d:3e:
a4:50:f2:df:54:df:e3:a6:90:61:e8:b7:1f:cf:4f:
82:7b:08:19:d8:d9:7b:54:81:80:ad:74:9b:a4:b9:
6b:a0:78:b2:e3:61:6c:2c:32:4e:a7:df:a1:a3:e2:
42:f1:84:f9:72:5a:4b:0e:b1:37:c7:19:ab:e7:55:
70:55:8c:80:41:22:72:f8:0a:72:e7:41:63:d1:53:
18:f3:c3:01:a4:4d:ad:e1:e6:3a:4e:d5:47:4e:eb:
79:ce:a9:bc:b1:ce:13:d4:9b:ad:d0:26:e6:05:ba:
dd:a0:99:ce:54:42:18:ab:83:5b:d8:cc:ef:f4:47:
56:20:8a:a9:ec:99:e1:3c:3a:f9:1c:67:4e:64:ed:
af:a8:e9:31:ec:aa:b3:83:8f:0a:d0:bb:4d:25:4e:
4f:8a:87:82:fd:63:14:41:43:f9:26:4c:8e:9c:df:
30:56:25:17:18:ba:47:ca:f9:08:8c:75:79:09:48:
eb:19:8b:83:47:59:3f:e2:3a:0e:58:b5:68:dd:0b:
d8:4c:5f:d2:e6:9b:7a:b0:28:47:ea:64:9e:b2:85:
5d:21:16:06:a8:94:d3:fc:82:51:92:19:84:a0:66:
e8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:8B:A3:E0:EE:B7:62:B5:34:05:7F:B0:94:D0:31:EE:BB:2E:ED:60
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e8fedb09-473e-4b00-a883-7b7a8b1245ba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e::/36
Signature Algorithm: sha256WithRSAEncryption
92:6b:3c:44:49:14:d3:b4:2f:80:25:e9:a2:e3:fc:ba:d5:42:
ea:33:53:ce:b8:d9:eb:6d:bb:40:e9:5a:02:03:7b:34:0d:31:
45:5c:74:d4:df:3c:24:08:f0:36:f9:eb:cb:5c:2f:2b:ac:b6:
01:e7:b7:34:2f:5d:90:fa:42:94:8a:4f:33:fd:26:84:d6:16:
02:f6:56:c2:05:ed:ae:b7:59:10:86:95:9e:8c:0b:0d:06:90:
85:8e:d7:82:c8:0f:17:90:d4:c0:c1:b6:ce:5b:b5:bf:74:9e:
b8:5c:55:4b:f1:e2:ff:56:4a:13:3f:88:20:e9:db:3f:d5:9f:
df:15:ae:01:35:68:6c:5c:4d:86:d4:ab:f4:64:a0:75:53:dc:
f0:af:2b:fd:22:cf:9d:42:7d:cb:95:ef:2b:21:00:d5:19:79:
d6:08:0e:78:5b:26:93:d0:b5:c3:8e:b1:7f:aa:d6:e5:c4:74:
09:63:9e:db:90:0d:e8:3d:a5:5f:06:41:ef:a3:44:88:f0:1d:
cd:22:77:ec:f8:91:d1:64:e3:4c:8d:d4:c3:24:ef:29:2a:92:
3a:2b:f6:68:4f:7c:97:a3:d5:6d:ad:10:b0:87:d3:68:4b:f3:
32:1e:fe:89:29:8c:ad:f1:81:86:ce:19:92:1a:08:f3:5c:75:
4a:64:a1:46
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUMzf9KxgpsVo49dsL5MCo2Ya+tUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyNzJiZTRlZTIzMzcyNmIxN2Q5ZjFkNzQ0NDg0ZjQ1NTViNDkyZjZhNjQ2
ODg0YWNjMDVlODAyNzJmNTI4NTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMcnxJtl4tnZz235+ljAGjoidQTu0ufALgXXJS0+pFDy31Tf46aQYei3H89P
gnsIGdjZe1SBgK10m6S5a6B4suNhbCwyTqffoaPiQvGE+XJaSw6xN8cZq+dVcFWM
gEEicvgKcudBY9FTGPPDAaRNreHmOk7VR07rec6pvLHOE9SbrdAm5gW63aCZzlRC
GKuDW9jM7/RHViCKqeyZ4Tw6+RxnTmTtr6jpMeyqs4OPCtC7TSVOT4qHgv1jFEFD
+SZMjpzfMFYlFxi6R8r5CIx1eQlI6xmLg0dZP+I6Dli1aN0L2Exf0uaberAoR+pk
nrKFXSEWBqiU0/yCUZIZhKBm6IsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQki6Pg
7rditTQFf7CU0DHuuy7tYDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZThmZWRiMDktNDczZS00YjAwLWE4ODMtN2I3YThiMTI0NWJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0B4A
MA0GCSqGSIb3DQEBCwUAA4IBAQCSazxESRTTtC+AJemi4/y61ULqM1POuNnrbbtA
6VoCA3s0DTFFXHTU3zwkCPA2+evLXC8rrLYB57c0L12Q+kKUik8z/SaE1hYC9lbC
Be2ut1kQhpWejAsNBpCFjteCyA8XkNTAwbbOW7W/dJ64XFVL8eL/VkoTP4gg6ds/
1Z/fFa4BNWhsXE2G1Kv0ZKB1U9zwryv9Is+dQn3Lle8rIQDVGXnWCA54WyaT0LXD
jrF/qtblxHQJY57bkA3oPaVfBkHvo0SI8B3NInfs+JHRZONMjdTDJO8pKpI6K/Zo
T3yXo9VtrRCwh9NoS/MyHv6JKYyt8YGGzhmSGgjzXHVKZKFG
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:17:14 2024 by rpki-client on console-fra.rpki-client.org