Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
File: eb69b216-60d5-4f56-b2b8-3401f331f31e.roa (raw, json)
Hash identifier: DiVOxTrB+fS5lNwic/ppB2NmricmwtK+ceeOAZNZXGw=
Subject key identifier: B8:8E:9F:03:11:AC:ED:84:1D:E0:0D:BE:C6:D0:EC:37:F7:B7:04:25
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45C27D58D9EFDC981CEA49F92842E51EF6A4ABB6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:c2:7d:58:d9:ef:dc:98:1c:ea:49:f9:28:42:e5:1e:f6:a4:ab:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=cf6eaa77b851f26cd44d45f09a38c733d62bec1d37c62fb46a65bc21f2ca7bd1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:64:73:06:08:39:af:68:f7:ad:eb:aa:a7:3a:
41:dd:4e:19:b7:d8:33:87:60:19:ce:f4:79:91:0e:
e5:9f:ad:93:b9:b9:2d:ba:30:43:4f:38:19:ae:9c:
30:64:21:c2:9c:e3:ba:07:9d:5d:fd:38:af:4f:97:
3c:a4:ec:73:ec:d2:1a:ce:11:f2:24:62:3e:74:94:
8b:bd:e8:17:9a:8c:16:6c:aa:e9:da:63:7d:c4:c7:
78:18:a1:a5:60:94:20:ee:65:69:91:92:94:87:ba:
4a:a9:0f:d5:7b:10:1f:94:82:07:c8:f6:6f:cf:ba:
78:0f:de:0a:2d:71:db:87:a8:6d:09:e9:a2:a1:9d:
7c:cd:30:3d:0e:5c:37:24:16:e5:69:8d:f2:55:60:
31:12:1c:d9:99:10:46:ca:b7:42:ff:9d:1a:2e:91:
47:a6:71:56:0c:a2:5f:74:df:a0:e9:8f:fd:08:1a:
dd:3b:92:ec:41:6f:c4:a0:bb:d7:35:5f:c2:de:c5:
9f:03:0e:d4:21:9b:07:75:27:5b:ae:23:43:3c:99:
37:8e:52:0a:93:d7:0b:41:8d:81:09:8e:0f:51:14:
96:f3:ee:9b:71:d9:a4:2b:06:72:20:d3:7e:01:d9:
57:31:7d:54:4a:95:ec:81:2e:b8:96:71:a7:ac:d9:
0f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:8E:9F:03:11:AC:ED:84:1D:E0:0D:BE:C6:D0:EC:37:F7:B7:04:25
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:4000::/40
Signature Algorithm: sha256WithRSAEncryption
46:02:c3:90:48:e6:af:6b:76:7b:14:d5:3c:a6:f3:e4:a7:e0:
d6:51:13:6b:75:dd:8f:8c:f5:fc:18:4a:83:4e:a5:bc:a9:1f:
ee:fc:d1:45:08:4e:bc:76:d6:3a:47:d1:12:3a:6c:33:78:07:
5f:f8:92:e4:5f:a3:2b:40:bb:64:29:1c:2b:0b:99:8b:2e:3a:
df:10:9f:a7:c2:a9:f4:59:09:4f:32:d0:a4:e1:5a:e2:79:b6:
f6:1f:aa:3f:1d:ad:b1:0d:36:b5:6f:af:c6:40:a7:03:41:4e:
33:77:4d:f5:0a:54:21:70:18:46:f1:d2:2a:c3:6e:fe:63:5f:
fe:bc:74:a4:43:f1:19:4a:68:77:3e:32:60:ea:33:be:f2:a4:
79:c2:8d:00:09:02:3f:33:9a:06:18:41:91:dc:b1:28:9b:41:
00:7d:de:a8:ab:e1:35:b3:e6:95:76:be:5d:82:3e:c1:22:22:
69:3e:d9:12:aa:30:a8:dd:ab:23:3e:46:eb:c4:3f:ea:9b:30:
29:5f:e3:6f:e2:20:3d:f3:b0:8c:97:8b:7a:53:22:b9:4d:1d:
c9:44:bb:9d:d5:3c:b1:2d:a4:90:90:d5:a7:7f:f8:1f:84:ad:
64:99:e5:70:e9:56:94:28:94:44:89:69:e2:77:73:0a:fc:64:
1c:6f:f2:a9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURcJ9WNnv3Jgc6kn5KELlHvakq7YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmNmVhYTc3Yjg1MWYyNmNkNDRkNDVmMDlhMzhjNzMzZDYyYmVjMWQzN2M2
MmZiNDZhNjViYzIxZjJjYTdiZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1kcwYIOa9o963rqqc6Qd1OGbfYM4dgGc70eZEO5Z+tk7m5LbowQ084Ga6c
MGQhwpzjugedXf04r0+XPKTsc+zSGs4R8iRiPnSUi73oF5qMFmyq6dpjfcTHeBih
pWCUIO5laZGSlIe6SqkP1XsQH5SCB8j2b8+6eA/eCi1x24eobQnpoqGdfM0wPQ5c
NyQW5WmN8lVgMRIc2ZkQRsq3Qv+dGi6RR6ZxVgyiX3TfoOmP/Qga3TuS7EFvxKC7
1zVfwt7FnwMO1CGbB3UnW64jQzyZN45SCpPXC0GNgQmOD1EUlvPum3HZpCsGciDT
fgHZVzF9VEqV7IEuuJZxp6zZDz8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS4jp8D
EazthB3gDb7G0Ow397cEJTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWI2OWIyMTYtNjBkNS00ZjU2LWIyYjgtMzQwMWYzMzFmMzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HpA
MA0GCSqGSIb3DQEBCwUAA4IBAQBGAsOQSOava3Z7FNU8pvPkp+DWURNrdd2PjPX8
GEqDTqW8qR/u/NFFCE68dtY6R9ESOmwzeAdf+JLkX6MrQLtkKRwrC5mLLjrfEJ+n
wqn0WQlPMtCk4Vriebb2H6o/Ha2xDTa1b6/GQKcDQU4zd031ClQhcBhG8dIqw27+
Y1/+vHSkQ/EZSmh3PjJg6jO+8qR5wo0ACQI/M5oGGEGR3LEom0EAfd6oq+E1s+aV
dr5dgj7BIiJpPtkSqjCo3asjPkbrxD/qmzApX+Nv4iA987CMl4t6UyK5TR3JRLud
1TyxLaSQkNWnf/gfhK1kmeVw6VaUKJREiWnid3MK/GQcb/Kp
-----END CERTIFICATE-----
Generated at Fri Apr 19 01:44:16 2024 by rpki-client on console-ams.rpki-client.org