Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e937d1d6-ce02-43b8-8306-022b3b0fff00.roa
File: e937d1d6-ce02-43b8-8306-022b3b0fff00.roa (raw, json)
Hash identifier: 7OwAsASn0J0ZvTqYopp+ISnZhYGp/rJ0xLp+CLXgiGQ=
Subject key identifier: 6D:27:AA:DF:DE:B3:F3:57:3E:E3:C9:C0:7C:B5:F5:E2:B9:20:D2:46
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6295FB8A7437ED29B54394A40A6FDFA4C992B504
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e937d1d6-ce02-43b8-8306-022b3b0fff00.roa
Signing time: Mon 04 Mar 2024 00:00:00 +0000
ROA not before: Mon 04 Mar 2024 00:00:00 +0000
ROA not after: Mon 08 Apr 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Mar 2024 18:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:95:fb:8a:74:37:ed:29:b5:43:94:a4:0a:6f:df:a4:c9:92:b5:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 4 00:00:00 2024 GMT
Not After : Apr 8 23:59:59 2024 GMT
Subject: serialNumber=e3359460b3749d5f0a3f6b1f1e03d7c2d26cca6a5c31122e1cecb33f733c411d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:3d:39:26:16:00:a7:76:8f:b0:f0:e5:3f:a5:
0d:36:df:ad:96:1c:59:28:a0:e5:9b:e2:07:bc:42:
dd:f7:95:a7:de:8c:1d:e4:57:3e:12:97:a9:c9:43:
76:a1:2e:01:07:2a:9c:b9:d0:12:06:92:ca:59:ce:
63:9d:7b:22:42:0a:60:47:30:c1:2e:40:33:15:cb:
6b:0c:27:0e:25:e8:96:66:08:f7:13:5c:98:d6:2f:
48:e9:e2:ef:a1:ad:22:04:98:ac:fb:86:4c:c0:fe:
5c:d3:c8:c8:e9:6e:85:ee:63:60:8a:20:19:05:9e:
d0:a6:b8:20:e9:83:83:84:b2:b3:c6:03:45:c7:c5:
72:de:69:d5:b7:ac:ce:ad:f7:6a:9e:46:b9:6e:37:
66:ec:3b:0d:5d:18:20:7c:81:77:fa:0e:6f:93:78:
a4:7a:91:32:6d:d1:b9:47:2f:6a:3f:8b:0a:3f:85:
a6:03:1c:fb:81:07:da:61:97:43:99:88:cb:af:aa:
0d:84:98:09:cd:8a:a7:72:8c:04:5e:9e:78:58:4f:
f7:b8:d8:ab:97:d5:8f:0e:9b:47:af:2f:b1:a4:53:
b4:08:9a:ed:9b:0f:9f:13:2a:38:88:e6:7e:0c:fe:
c6:8b:14:2d:4e:43:9f:69:71:bc:70:41:8a:19:5b:
28:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:27:AA:DF:DE:B3:F3:57:3E:E3:C9:C0:7C:B5:F5:E2:B9:20:D2:46
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e937d1d6-ce02-43b8-8306-022b3b0fff00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:c000::/40
Signature Algorithm: sha256WithRSAEncryption
36:cb:e9:ab:d6:3e:30:0f:bb:e2:f6:16:a7:9e:e1:b5:6d:3c:
55:d6:a1:c5:11:5f:b2:e8:6a:2d:c0:e2:49:1c:ca:54:ef:04:
0d:ce:98:29:98:c4:64:dd:45:62:c7:12:3c:cb:84:92:58:1c:
4b:10:9b:5c:bb:2f:6d:0f:0e:a7:78:c6:78:4a:bc:08:88:70:
11:d8:05:b4:c6:83:15:fb:71:c9:08:23:36:86:26:37:cb:5d:
e3:a3:88:b4:32:67:a4:54:bf:d1:12:9a:92:86:43:93:aa:b5:
e3:7d:db:1e:f5:5c:9f:0b:78:01:bc:61:60:ce:37:67:7b:24:
d8:cc:2e:33:5c:7b:27:f8:65:7f:62:4a:cb:70:18:2f:9e:f7:
db:82:34:03:74:0d:45:db:a5:2c:8f:ab:91:a6:ba:f3:15:47:
83:57:6f:14:b8:43:2a:6d:d0:04:7d:b9:e9:72:ea:12:70:94:
d6:70:75:34:a8:8b:46:4b:f7:24:d0:05:ba:17:87:73:d8:5c:
12:81:1f:ab:ec:64:aa:5b:2e:b6:c5:6a:7f:85:27:7c:ab:d2:
de:46:e9:b7:1a:7c:eb:e8:c7:c4:c1:b5:32:05:cb:89:98:48:
78:6e:ac:f1:0d:1e:a4:d9:66:28:dd:9d:19:99:dc:47:94:2d:
88:9e:c8:64
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYpX7inQ37Sm1Q5SkCm/fpMmStQQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDAzMDQwMDAwMDBaFw0yNDA0MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzMzU5NDYwYjM3NDlkNWYwYTNmNmIxZjFlMDNkN2MyZDI2Y2NhNmE1YzMx
MTIyZTFjZWNiMzNmNzMzYzQxMWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANM9OSYWAKd2j7Dw5T+lDTbfrZYcWSig5ZviB7xC3feVp96MHeRXPhKXqclD
dqEuAQcqnLnQEgaSylnOY517IkIKYEcwwS5AMxXLawwnDiXolmYI9xNcmNYvSOni
76GtIgSYrPuGTMD+XNPIyOluhe5jYIogGQWe0Ka4IOmDg4Sys8YDRcfFct5p1bes
zq33ap5GuW43Zuw7DV0YIHyBd/oOb5N4pHqRMm3RuUcvaj+LCj+FpgMc+4EH2mGX
Q5mIy6+qDYSYCc2Kp3KMBF6eeFhP97jYq5fVjw6bR68vsaRTtAia7ZsPnxMqOIjm
fgz+xosULU5Dn2lxvHBBihlbKGsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRtJ6rf
3rPzVz7jycB8tfXiuSDSRjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTkzN2QxZDYtY2UwMi00M2I4LTgzMDYtMDIyYjNiMGZmZjAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DXA
MA0GCSqGSIb3DQEBCwUAA4IBAQA2y+mr1j4wD7vi9hannuG1bTxV1qHFEV+y6Got
wOJJHMpU7wQNzpgpmMRk3UVixxI8y4SSWBxLEJtcuy9tDw6neMZ4SrwIiHAR2AW0
xoMV+3HJCCM2hiY3y13jo4i0MmekVL/REpqShkOTqrXjfdse9VyfC3gBvGFgzjdn
eyTYzC4zXHsn+GV/YkrLcBgvnvfbgjQDdA1F26Usj6uRprrzFUeDV28UuEMqbdAE
fbnpcuoScJTWcHU0qItGS/ck0AW6F4dz2FwSgR+r7GSqWy62xWp/hSd8q9LeRum3
Gnzr6MfEwbUyBcuJmEh4bqzxDR6k2WYo3Z0ZmdxHlC2Inshk
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:01:26 2024 by rpki-client on console-fra.rpki-client.org