Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e937d1d6-ce02-43b8-8306-022b3b0fff00.roa
File: e937d1d6-ce02-43b8-8306-022b3b0fff00.roa (raw, json)
Hash identifier: 1oKHW34ZnY7gr6tlfLw1Hu8glx14DaMOOJ6p8j3ZljY=
Subject key identifier: AE:35:F3:3D:6F:1A:78:6B:78:40:AC:A6:13:6A:45:2E:1A:2D:C9:A8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4C8014FF931D1239807F0103528A38E2EB95744B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e937d1d6-ce02-43b8-8306-022b3b0fff00.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:80:14:ff:93:1d:12:39:80:7f:01:03:52:8a:38:e2:eb:95:74:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=99f1764a13845112fcc7d644825e265cddb989c0ac71c3c5d68285a296c8dc4a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f9:88:b9:38:6f:84:ed:6c:e5:ec:36:7a:ee:
78:ff:c1:e6:b7:eb:09:44:7c:bc:96:37:0f:84:57:
34:d4:a2:ec:78:82:47:46:5e:b2:3c:15:a6:94:6f:
f1:7e:f9:1b:35:54:51:f1:fb:00:83:7b:67:93:fc:
6e:63:a2:0f:6f:42:19:0b:43:79:13:2f:8d:e0:95:
ab:32:8b:5f:e4:23:a6:fd:2f:35:ca:6d:8e:f6:85:
46:bc:5c:d5:f2:37:d6:3e:88:5a:4c:1f:97:1e:ab:
b2:28:91:c5:a4:3f:67:8c:b0:e0:34:15:c7:53:a5:
7c:b0:63:16:c8:c8:e9:a8:78:87:f1:db:bf:d8:c8:
da:8d:75:6c:6c:51:44:12:16:b9:61:5e:8a:5d:88:
94:15:e1:b7:fe:26:30:13:d1:cb:e2:f5:3e:14:e0:
a3:2c:5e:f7:91:a9:b2:f7:1b:eb:ec:ba:35:ff:d8:
e6:a8:bb:60:09:12:5b:07:14:6b:04:1a:86:60:c1:
4f:32:8c:d5:70:95:54:f7:78:28:76:c1:15:18:c5:
4d:33:c8:a0:2c:f2:38:d4:f0:56:bb:41:f6:e5:1c:
cf:ca:00:f3:44:bb:00:26:f3:39:9e:d8:0e:e5:6d:
3a:74:8a:86:88:8c:1f:fa:1a:a1:45:c4:b5:69:49:
70:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:35:F3:3D:6F:1A:78:6B:78:40:AC:A6:13:6A:45:2E:1A:2D:C9:A8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e937d1d6-ce02-43b8-8306-022b3b0fff00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:c000::/40
Signature Algorithm: sha256WithRSAEncryption
b1:79:cd:4c:ff:c6:49:65:df:59:8a:dd:97:63:6f:02:fb:55:
02:cd:41:ce:37:60:be:fc:89:f2:c2:21:bc:0b:e0:5a:85:42:
ce:62:c3:27:35:6d:5a:be:c0:6d:15:76:1a:35:29:a4:a1:9d:
52:da:9f:af:93:53:97:12:ba:2e:20:d8:e7:4e:4e:b8:cb:4a:
0c:4e:c0:08:af:61:db:30:3a:2f:2d:db:43:f3:21:1f:4a:c8:
70:dd:d1:27:2a:f9:c1:48:8b:c4:4f:98:86:19:c9:80:bb:db:
8b:75:c4:7d:1f:4b:df:ca:8f:71:b3:a8:d8:4a:b9:a0:41:1e:
20:c7:5e:4b:b1:19:81:16:85:35:30:86:e2:4c:16:56:20:e6:
bb:7b:a0:93:30:e0:33:3a:3a:89:5f:f9:7a:54:ae:2d:de:8e:
5a:9e:a7:96:4a:ce:6e:d6:05:06:6e:55:fd:67:dc:24:63:4a:
d3:c8:02:d7:61:f3:44:2f:70:95:c8:12:27:f4:d4:e0:61:b0:
9a:df:86:b9:e5:9c:f8:26:7d:e7:ed:f2:f3:2e:5a:1a:9b:45:
ad:98:07:20:af:8c:a6:4c:53:d4:79:e6:2e:56:6d:60:76:8a:
3d:cd:61:97:44:69:98:ce:56:e2:a4:de:ef:08:8e:0c:0c:2e:
e6:f7:43:f3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTIAU/5MdEjmAfwEDUoo44uuVdEswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5ZjE3NjRhMTM4NDUxMTJmY2M3ZDY0NDgyNWUyNjVjZGRiOTg5YzBhYzcx
YzNjNWQ2ODI4NWEyOTZjOGRjNGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/5iLk4b4TtbOXsNnrueP/B5rfrCUR8vJY3D4RXNNSi7HiCR0ZesjwVppRv
8X75GzVUUfH7AIN7Z5P8bmOiD29CGQtDeRMvjeCVqzKLX+Qjpv0vNcptjvaFRrxc
1fI31j6IWkwflx6rsiiRxaQ/Z4yw4DQVx1OlfLBjFsjI6ah4h/Hbv9jI2o11bGxR
RBIWuWFeil2IlBXht/4mMBPRy+L1PhTgoyxe95Gpsvcb6+y6Nf/Y5qi7YAkSWwcU
awQahmDBTzKM1XCVVPd4KHbBFRjFTTPIoCzyONTwVrtB9uUcz8oA80S7ACbzOZ7Y
DuVtOnSKhoiMH/oaoUXEtWlJcH8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSuNfM9
bxp4a3hArKYTakUuGi3JqDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTkzN2QxZDYtY2UwMi00M2I4LTgzMDYtMDIyYjNiMGZmZjAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DXA
MA0GCSqGSIb3DQEBCwUAA4IBAQCxec1M/8ZJZd9Zit2XY28C+1UCzUHON2C+/Iny
wiG8C+BahULOYsMnNW1avsBtFXYaNSmkoZ1S2p+vk1OXErouINjnTk64y0oMTsAI
r2HbMDovLdtD8yEfSshw3dEnKvnBSIvET5iGGcmAu9uLdcR9H0vfyo9xs6jYSrmg
QR4gx15LsRmBFoU1MIbiTBZWIOa7e6CTMOAzOjqJX/l6VK4t3o5anqeWSs5u1gUG
blX9Z9wkY0rTyALXYfNEL3CVyBIn9NTgYbCa34a55Zz4Jn3n7fLzLloam0WtmAcg
r4ymTFPUeeYuVm1gdoo9zWGXRGmYzlbipN7vCI4MDC7m90Pz
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:58:41 2024 by rpki-client on console-fra.rpki-client.org