Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb2bc12c-4c4b-47f5-b021-712a27e69a0f.roa
File: eb2bc12c-4c4b-47f5-b021-712a27e69a0f.roa (raw, json)
Hash identifier: 6h3t/e5uZ16NMXkCjdPExbuDxmkxXO0QNVm46kYa2pw=
Subject key identifier: 48:66:A0:A4:3A:D6:07:BC:00:0F:92:AF:8B:D6:A4:FE:8C:14:1C:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 61C9DF5E399D584006BC4D43CBAB08DBD9A93D31
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb2bc12c-4c4b-47f5-b021-712a27e69a0f.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 08:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:c9:df:5e:39:9d:58:40:06:bc:4d:43:cb:ab:08:db:d9:a9:3d:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=c823365cae0a7d61b372296b42c71794777e52b4c20fe35ac5e9ab0fc4681757, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:eb:4b:c0:64:e4:7c:76:1f:c2:50:a5:6a:c8:
8e:ee:6f:af:0b:62:2a:1c:4f:bb:91:04:d0:ee:bf:
1e:35:4b:8d:55:95:99:18:80:0d:90:9c:42:50:ab:
7f:5b:2d:bd:40:55:fd:a4:78:92:77:a2:43:c3:0e:
cc:fb:6d:67:38:47:0f:37:98:1d:9f:43:f0:ed:b8:
bc:7a:3f:64:98:fb:ca:0c:1a:83:7e:4e:f8:57:41:
65:df:31:3c:14:71:b8:e0:5d:fc:80:c9:c0:ed:fc:
da:96:13:1b:78:31:72:9b:5d:2a:04:3f:8f:12:80:
e8:d0:2c:3c:0a:c8:d0:71:84:0a:d6:47:76:71:fb:
82:c9:c8:2e:41:db:8f:25:cf:07:7a:68:10:26:b2:
5a:47:d4:81:47:42:26:f7:d6:1e:23:f3:21:c0:6a:
34:71:e1:81:5b:69:09:de:98:13:7c:5f:a8:f2:39:
f7:2f:91:e8:4d:83:a5:92:a1:c9:14:fc:50:dd:ac:
cb:f3:09:03:7c:ab:cc:d9:54:dc:12:56:f0:73:5b:
60:f6:0c:c6:e5:ab:fe:7f:89:03:48:51:9c:5f:d8:
a0:ee:2f:2b:9f:54:bc:fa:c1:c8:57:86:ba:43:c2:
0f:c2:24:76:23:c8:75:74:eb:50:31:f7:fc:dc:af:
67:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:66:A0:A4:3A:D6:07:BC:00:0F:92:AF:8B:D6:A4:FE:8C:14:1C:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb2bc12c-4c4b-47f5-b021-712a27e69a0f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2000::/40
Signature Algorithm: sha256WithRSAEncryption
1a:e0:0e:df:58:b2:7a:bd:ca:de:17:0d:80:59:fd:b3:00:ac:
70:95:62:bb:f1:ea:87:bc:85:b5:9d:c2:ab:3b:e5:d1:16:14:
3c:3b:66:d6:5c:7d:4e:e7:f0:4f:7d:fc:1c:44:bf:18:c8:39:
d6:72:cd:a5:15:82:fd:d2:ed:d7:fa:bc:ed:c6:75:dd:91:89:
86:cf:d6:fe:0d:94:26:4a:59:07:25:85:4d:ea:55:5e:c4:04:
bd:c2:85:a8:e4:7b:3a:4a:63:c5:e5:47:dc:a0:b0:c2:7a:92:
c8:51:c7:2c:d6:dd:8e:e5:d3:99:02:0e:41:76:f3:a6:a7:36:
b7:9e:61:39:f7:c3:61:6a:a7:cd:78:db:58:3a:66:a8:73:e4:
64:be:bd:df:b9:90:ee:f8:90:51:98:80:36:2f:e5:93:94:c4:
f6:fc:2a:20:51:00:f0:55:ce:87:2c:66:3b:20:f0:c9:33:7c:
01:7a:08:5e:04:f7:37:58:33:8c:e4:d4:21:fc:5c:de:9a:98:
0e:fa:04:11:c0:3f:ec:c3:70:a3:ca:2e:b2:fb:8a:94:9a:e4:
11:0e:52:08:43:aa:11:a3:a6:bf:97:18:bd:62:23:d6:89:24:
4d:0c:15:1f:89:86:02:62:61:e8:08:fc:b5:5b:81:b7:a2:62:
90:cc:81:13
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYcnfXjmdWEAGvE1Dy6sI29mpPTEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4MjMzNjVjYWUwYTdkNjFiMzcyMjk2YjQyYzcxNzk0Nzc3ZTUyYjRjMjBm
ZTM1YWM1ZTlhYjBmYzQ2ODE3NTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMnrS8Bk5Hx2H8JQpWrIju5vrwtiKhxPu5EE0O6/HjVLjVWVmRiADZCcQlCr
f1stvUBV/aR4kneiQ8MOzPttZzhHDzeYHZ9D8O24vHo/ZJj7ygwag35O+FdBZd8x
PBRxuOBd/IDJwO382pYTG3gxcptdKgQ/jxKA6NAsPArI0HGECtZHdnH7gsnILkHb
jyXPB3poECayWkfUgUdCJvfWHiPzIcBqNHHhgVtpCd6YE3xfqPI59y+R6E2DpZKh
yRT8UN2sy/MJA3yrzNlU3BJW8HNbYPYMxuWr/n+JA0hRnF/YoO4vK59UvPrByFeG
ukPCD8IkdiPIdXTrUDH3/NyvZ/kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRIZqCk
OtYHvAAPkq+L1qT+jBQcezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWIyYmMxMmMtNGM0Yi00N2Y1LWIwMjEtNzEyYTI3ZTY5YTBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAg
MA0GCSqGSIb3DQEBCwUAA4IBAQAa4A7fWLJ6vcreFw2AWf2zAKxwlWK78eqHvIW1
ncKrO+XRFhQ8O2bWXH1O5/BPffwcRL8YyDnWcs2lFYL90u3X+rztxnXdkYmGz9b+
DZQmSlkHJYVN6lVexAS9woWo5Hs6SmPF5UfcoLDCepLIUccs1t2O5dOZAg5BdvOm
pza3nmE598NhaqfNeNtYOmaoc+Rkvr3fuZDu+JBRmIA2L+WTlMT2/CogUQDwVc6H
LGY7IPDJM3wBegheBPc3WDOM5NQh/FzempgO+gQRwD/sw3Cjyi6y+4qUmuQRDlII
Q6oRo6a/lxi9YiPWiSRNDBUfiYYCYmHoCPy1W4G3omKQzIET
-----END CERTIFICATE-----
Generated at Fri Apr 26 13:36:05 2024 by rpki-client on console-ams.rpki-client.org