Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb3ef4b9-e6f4-45f4-9ee4-61a9acabfb35.roa
File: eb3ef4b9-e6f4-45f4-9ee4-61a9acabfb35.roa (raw, json)
Hash identifier: idqreh28jVNqyfGKqi4Flgn2iWTUWxx9nyvwcgYaKik=
Subject key identifier: 88:D1:0F:19:25:94:FF:98:75:C0:77:ED:A9:E4:6B:B0:24:07:E3:27
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 29CBE50AA4D81A1C662FF7513F0AA802866EE241
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb3ef4b9-e6f4-45f4-9ee4-61a9acabfb35.roa
Signing time: Fri 22 Nov 2024 00:00:00 +0000
ROA not before: Fri 22 Nov 2024 00:00:00 +0000
ROA not after: Fri 27 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:cb:e5:0a:a4:d8:1a:1c:66:2f:f7:51:3f:0a:a8:02:86:6e:e2:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 22 00:00:00 2024 GMT
Not After : Dec 27 23:59:59 2024 GMT
Subject: serialNumber=83971c6080a78de0524f677990971bc983d2df70e9b7ae82ef2173df6d9287c0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4a:c0:0f:0b:65:b0:1c:15:eb:df:06:3c:e0:
e3:2b:d2:3b:6e:5d:a3:ea:14:1c:f1:a6:33:07:70:
31:df:92:38:c4:d8:0b:9a:3f:65:6e:f1:ba:98:aa:
8f:78:74:af:0d:10:30:de:92:43:c9:82:f1:a5:38:
5d:31:32:77:49:41:da:7c:79:b7:62:1a:f2:8d:d6:
47:48:b4:01:24:af:c7:da:79:64:8b:2d:81:66:b4:
64:2f:0d:d7:96:f0:b9:41:3a:ec:79:e8:3d:16:b9:
2c:c4:27:90:de:db:93:23:ef:4c:99:ae:86:5c:1d:
ce:4c:9c:9b:48:06:1c:aa:88:4f:15:5c:4d:44:2d:
6a:d4:29:8f:97:91:d0:c7:78:79:74:a8:59:6e:da:
06:3e:4b:ee:48:94:f2:0c:ef:4e:4b:f6:3b:fe:3f:
fe:b7:31:91:b0:5b:3a:82:b7:ec:8a:92:ca:78:7d:
ba:dc:89:15:f1:fa:27:75:2a:e4:d8:05:23:60:bb:
c2:2d:07:f0:5d:d1:f0:73:03:25:4e:a9:5c:e7:7a:
27:4d:5e:5b:72:9c:a0:7f:04:5d:11:31:4e:f8:02:
1a:99:5e:83:1c:6c:58:4a:f3:03:3d:a8:50:21:4e:
f6:30:4d:e3:db:73:d8:1b:98:d0:a6:a7:e6:9d:74:
e0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D1:0F:19:25:94:FF:98:75:C0:77:ED:A9:E4:6B:B0:24:07:E3:27
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb3ef4b9-e6f4-45f4-9ee4-61a9acabfb35.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:1000::/40
Signature Algorithm: sha256WithRSAEncryption
78:6f:3c:33:96:37:c1:df:87:ab:5f:ee:3e:b1:5d:6b:eb:78:
35:f7:c9:0a:74:79:3f:6c:83:00:4c:ff:47:4c:de:f0:fb:66:
0f:0f:89:d7:c3:fe:2a:0b:d5:15:29:92:b7:36:6d:76:7e:32:
be:27:84:0a:c1:8c:05:6d:b4:51:68:93:61:ea:cb:85:67:77:
22:c2:76:28:a0:bd:99:be:d1:37:1d:a2:96:0d:46:26:56:46:
66:b6:38:e9:3d:8a:64:87:05:48:4a:fd:be:45:53:72:2e:f2:
13:57:7a:3c:54:f9:96:64:77:6e:5e:a3:9f:c7:cd:6b:a3:0c:
06:a0:fb:70:18:9b:d7:58:40:ab:df:5a:01:c3:98:26:15:5d:
75:06:72:a3:c1:95:34:0c:86:a8:ac:07:f3:db:a1:45:0c:f4:
f7:8a:db:d0:60:4e:63:3d:e6:e5:98:8f:a6:e4:a6:2c:05:8f:
e3:a6:cc:7a:e5:ae:84:9b:96:32:6b:e6:a1:67:59:d3:30:62:
9c:62:41:1d:61:ca:f5:ba:ae:01:c5:bf:cf:d6:f8:4b:65:72:
54:55:6b:ee:80:88:b2:95:1f:58:01:18:d7:25:fd:1f:c3:13:
2d:47:9e:68:22:7b:87:e8:1a:a8:b3:21:b7:7d:77:c5:9d:a8:
71:10:bc:f6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKcvlCqTYGhxmL/dRPwqoAoZu4kEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMjIwMDAwMDBaFw0yNDEyMjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzOTcxYzYwODBhNzhkZTA1MjRmNjc3OTkwOTcxYmM5ODNkMmRmNzBlOWI3
YWU4MmVmMjE3M2RmNmQ5Mjg3YzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVKwA8LZbAcFevfBjzg4yvSO25do+oUHPGmMwdwMd+SOMTYC5o/ZW7xupiq
j3h0rw0QMN6SQ8mC8aU4XTEyd0lB2nx5t2Ia8o3WR0i0ASSvx9p5ZIstgWa0ZC8N
15bwuUE67HnoPRa5LMQnkN7bkyPvTJmuhlwdzkycm0gGHKqITxVcTUQtatQpj5eR
0Md4eXSoWW7aBj5L7kiU8gzvTkv2O/4//rcxkbBbOoK37IqSynh9utyJFfH6J3Uq
5NgFI2C7wi0H8F3R8HMDJU6pXOd6J01eW3KcoH8EXRExTvgCGplegxxsWErzAz2o
UCFO9jBN49tz2BuY0Kan5p104D8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSI0Q8Z
JZT/mHXAd+2p5GuwJAfjJzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWIzZWY0YjktZTZmNC00NWY0LTllZTQtNjFhOWFjYWJmYjM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB4bzwzljfB34erX+4+sV1r63g198kKdHk/bIMA
TP9HTN7w+2YPD4nXw/4qC9UVKZK3Nm12fjK+J4QKwYwFbbRRaJNh6suFZ3ciwnYo
oL2ZvtE3HaKWDUYmVkZmtjjpPYpkhwVISv2+RVNyLvITV3o8VPmWZHduXqOfx81r
owwGoPtwGJvXWECr31oBw5gmFV11BnKjwZU0DIaorAfz26FFDPT3itvQYE5jPebl
mI+m5KYsBY/jpsx65a6Em5Yya+ahZ1nTMGKcYkEdYcr1uq4Bxb/P1vhLZXJUVWvu
gIiylR9YARjXJf0fwxMtR55oInuH6BqosyG3fXfFnahxELz2
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:58:41 2024 by rpki-client on console-fra.rpki-client.org