Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb2bc12c-4c4b-47f5-b021-712a27e69a0f.roa
File: eb2bc12c-4c4b-47f5-b021-712a27e69a0f.roa (raw, json)
Hash identifier: JzdKyHgetUG6Ud6naeX2Lt+GJFskVOEc754W6tFAxFw=
Subject key identifier: 69:E8:6B:1F:7D:8F:9F:FF:B0:E1:73:5E:1A:D2:2E:5F:6E:D6:9E:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69E2EEBE1A90008DBD2D3FA3BEFCE19B76E8875F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb2bc12c-4c4b-47f5-b021-712a27e69a0f.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:e2:ee:be:1a:90:00:8d:bd:2d:3f:a3:be:fc:e1:9b:76:e8:87:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=b150382a6b05a88729848b74c4f18241e5c8b4b455510448a716596ecde79d4e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8d:b4:0a:68:fc:a3:04:2f:58:4b:bc:d8:50:
0d:8f:ba:69:fb:6c:1d:c3:62:a1:32:6a:8d:de:44:
68:c1:08:89:b3:42:93:4f:de:7e:3b:62:48:44:40:
17:96:be:1e:b4:6d:d1:81:dd:bd:cd:10:31:80:2e:
f7:79:d8:5e:51:87:18:d1:f9:01:f1:01:bf:5d:fd:
42:b7:50:56:eb:6b:98:45:89:67:e2:2b:19:5e:b2:
50:a4:4a:a8:40:01:38:aa:45:61:f6:39:83:f5:a1:
15:de:de:02:25:64:2e:70:98:79:6b:17:d1:f2:b4:
d8:91:fb:2c:21:12:70:4b:5f:2f:77:0f:39:f6:a9:
c6:9d:66:29:ea:f8:de:ae:77:61:63:5f:64:c2:a6:
db:38:d8:f8:25:83:88:ad:78:d8:2c:ed:a0:2e:f9:
13:97:d8:d5:f3:bc:c7:fb:e9:cb:44:17:d6:b0:86:
51:95:02:32:4b:0e:79:a2:d3:ae:40:e9:f8:8f:ad:
ce:97:8b:56:69:4a:1d:ee:e6:b3:5f:32:dc:d6:51:
be:74:c7:48:e8:51:88:52:a8:1d:74:1a:73:e2:28:
55:f2:12:e5:f6:b1:38:44:4d:16:5a:bd:03:fc:60:
94:57:fe:d4:7a:9d:45:c3:14:23:d5:24:87:e5:11:
9f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:E8:6B:1F:7D:8F:9F:FF:B0:E1:73:5E:1A:D2:2E:5F:6E:D6:9E:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb2bc12c-4c4b-47f5-b021-712a27e69a0f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2000::/40
Signature Algorithm: sha256WithRSAEncryption
45:88:e1:34:6e:d1:4a:48:4a:31:dd:b9:e8:14:83:6f:62:b9:
dc:88:a2:e4:28:b9:3e:25:3a:43:ba:25:55:e2:7f:0c:95:06:
f7:47:b9:8a:fb:78:ff:96:bc:7d:d1:fd:c3:cd:36:0c:03:6a:
8c:b2:ee:f2:cb:93:11:36:0f:61:80:d1:77:e4:2e:73:e3:90:
7e:83:af:eb:85:43:ce:f6:97:cb:af:a7:99:7d:f1:38:9e:17:
eb:f0:17:e6:0d:cd:a4:17:4d:64:0e:cd:e6:b4:22:af:08:3b:
16:5b:5a:54:8a:21:df:98:4b:06:62:be:38:c6:34:1a:6d:38:
ad:fe:b6:af:05:70:7d:20:87:10:f8:d4:79:64:00:7c:cd:49:
e1:ff:bf:e1:bc:85:2b:fa:f5:a4:8e:00:e6:58:cf:12:6b:53:
2d:67:f7:69:f7:10:ba:cf:4d:11:a1:06:36:e2:50:0f:49:f0:
4c:59:6b:1b:ab:06:ff:ad:e2:84:58:58:a4:59:e3:fb:3b:6f:
49:a0:e2:ba:62:31:2a:86:b8:88:24:35:ce:fa:01:f8:30:81:
f9:2c:3f:3b:6c:51:9f:62:38:49:43:9d:aa:e5:19:c7:da:aa:
7f:bb:db:a3:b3:53:22:ff:d6:fc:d1:50:07:1d:a2:15:cc:d9:
df:49:6a:23
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaeLuvhqQAI29LT+jvvzhm3boh18wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxNTAzODJhNmIwNWE4ODcyOTg0OGI3NGM0ZjE4MjQxZTVjOGI0YjQ1NTUx
MDQ0OGE3MTY1OTZlY2RlNzlkNGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWNtApo/KMEL1hLvNhQDY+6aftsHcNioTJqjd5EaMEIibNCk0/efjtiSERA
F5a+HrRt0YHdvc0QMYAu93nYXlGHGNH5AfEBv139QrdQVutrmEWJZ+IrGV6yUKRK
qEABOKpFYfY5g/WhFd7eAiVkLnCYeWsX0fK02JH7LCEScEtfL3cPOfapxp1mKer4
3q53YWNfZMKm2zjY+CWDiK142CztoC75E5fY1fO8x/vpy0QX1rCGUZUCMksOeaLT
rkDp+I+tzpeLVmlKHe7ms18y3NZRvnTHSOhRiFKoHXQac+IoVfIS5faxOERNFlq9
A/xglFf+1HqdRcMUI9Ukh+URn40CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRp6Gsf
fY+f/7Dhc14a0i5fbtaeHTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWIyYmMxMmMtNGM0Yi00N2Y1LWIwMjEtNzEyYTI3ZTY5YTBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAg
MA0GCSqGSIb3DQEBCwUAA4IBAQBFiOE0btFKSEox3bnoFINvYrnciKLkKLk+JTpD
uiVV4n8MlQb3R7mK+3j/lrx90f3DzTYMA2qMsu7yy5MRNg9hgNF35C5z45B+g6/r
hUPO9pfLr6eZffE4nhfr8BfmDc2kF01kDs3mtCKvCDsWW1pUiiHfmEsGYr44xjQa
bTit/ravBXB9IIcQ+NR5ZAB8zUnh/7/hvIUr+vWkjgDmWM8Sa1MtZ/dp9xC6z00R
oQY24lAPSfBMWWsbqwb/reKEWFikWeP7O29JoOK6YjEqhriIJDXO+gH4MIH5LD87
bFGfYjhJQ52q5RnH2qp/u9ujs1Mi/9b80VAHHaIVzNnfSWoj
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:33 2024 by rpki-client on console-ams.rpki-client.org