Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
File: ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa (raw, json)
Hash identifier: 4yqY/p2OcI6e0ydlC6rWhRQ9x0gnCk6Gyv25eHkytkI=
Subject key identifier: CB:3C:5E:E2:76:C4:69:2E:DF:53:62:A5:BF:88:B9:1B:74:4B:04:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D070565B70327D7B11E813B088FECA60008979F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:07:05:65:b7:03:27:d7:b1:1e:81:3b:08:8f:ec:a6:00:08:97:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=599193ad85c60e8be863e464640127e694a85df675c14aed761e922cb6cc4aa9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:1c:25:d1:84:86:8d:69:1d:d0:9d:ef:4a:42:
4b:99:99:61:14:c5:03:c5:4f:cf:a1:1e:44:f7:bb:
70:26:d8:ce:55:8c:f8:c6:c9:30:72:28:4f:ab:8b:
3c:3c:4f:f2:41:41:12:a4:4b:60:a5:66:96:3d:b6:
c1:dd:63:78:0e:51:9f:54:bd:87:51:bb:d8:23:be:
81:54:2d:2c:e4:ea:3d:64:dc:ed:db:8f:30:10:00:
50:73:35:15:e5:6f:6e:bc:47:d0:12:b5:5b:1b:8f:
ab:8b:fb:5b:91:8f:7c:b4:66:11:f1:95:c6:be:98:
4a:ca:7b:85:4b:0b:df:d1:02:c6:29:ff:ba:c4:1d:
43:54:67:00:51:e2:11:69:f2:15:27:8b:e0:37:34:
2b:55:f2:1c:90:a9:e6:5c:85:05:fe:92:b4:d4:ca:
d2:e3:d5:df:64:2a:80:aa:df:24:40:54:51:83:82:
17:d0:50:65:5b:64:15:73:94:32:b9:73:4e:bf:ab:
09:21:de:8e:8f:1c:f0:ee:2a:1f:2a:60:86:24:11:
d1:a8:5a:61:6e:38:70:bf:21:05:76:5c:03:7f:36:
52:b7:8a:a1:81:2d:46:f6:37:47:9f:68:97:34:f0:
36:4c:16:b1:d8:db:15:dc:4d:50:3a:cb:4f:1a:f6:
ab:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:3C:5E:E2:76:C4:69:2E:DF:53:62:A5:BF:88:B9:1B:74:4B:04:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:4000::/40
Signature Algorithm: sha256WithRSAEncryption
bc:db:84:75:65:80:5a:e6:96:e0:a0:cc:3a:84:17:9b:5f:f3:
d4:6f:29:36:63:0e:fe:3e:20:4d:dd:27:d1:7b:0f:ea:07:24:
59:de:4d:46:24:b7:4c:08:9f:85:27:28:a6:08:0a:cb:be:c4:
83:d7:17:87:70:98:04:6f:d4:7f:06:d5:36:74:b9:e3:70:dc:
bd:75:af:40:1c:82:24:88:82:a9:3b:7d:40:93:a8:8d:35:0e:
d5:a1:20:42:f5:1f:98:4c:86:21:bf:5a:08:79:df:19:3a:20:
78:ea:c5:5e:dd:42:2e:73:f0:10:ca:0e:20:bd:bc:95:23:f6:
51:4c:f4:34:40:16:5a:42:62:19:0b:1f:36:ba:54:27:67:83:
4d:d7:1f:33:e4:b3:36:69:af:3a:7e:2f:c3:26:de:f5:b0:8f:
90:e6:5d:52:ea:aa:4d:94:7f:5f:f5:95:4a:fe:ee:e7:ed:2c:
45:69:b1:25:c1:76:3c:04:83:fa:62:77:ab:77:87:50:ac:21:
a2:6c:cc:1f:c1:41:49:17:a1:8b:c2:e9:25:2d:6b:23:44:18:
38:f8:71:15:89:90:e9:d0:ca:95:1c:57:04:c9:ac:db:e3:45:
66:42:6b:18:f3:b2:01:29:19:c4:05:b7:a0:9b:fa:d4:48:0a:
ff:d9:37:87
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHQcFZbcDJ9exHoE7CI/spgAIl58wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5OTE5M2FkODVjNjBlOGJlODYzZTQ2NDY0MDEyN2U2OTRhODVkZjY3NWMx
NGFlZDc2MWU5MjJjYjZjYzRhYTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMscJdGEho1pHdCd70pCS5mZYRTFA8VPz6EeRPe7cCbYzlWM+MbJMHIoT6uL
PDxP8kFBEqRLYKVmlj22wd1jeA5Rn1S9h1G72CO+gVQtLOTqPWTc7duPMBAAUHM1
FeVvbrxH0BK1WxuPq4v7W5GPfLRmEfGVxr6YSsp7hUsL39ECxin/usQdQ1RnAFHi
EWnyFSeL4Dc0K1XyHJCp5lyFBf6StNTK0uPV32QqgKrfJEBUUYOCF9BQZVtkFXOU
MrlzTr+rCSHejo8c8O4qHypghiQR0ahaYW44cL8hBXZcA382UreKoYEtRvY3R59o
lzTwNkwWsdjbFdxNUDrLTxr2q8sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTLPF7i
dsRpLt9TYqW/iLkbdEsEgDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWRlNTIwMGUtNTVjOC00YTg5LTljY2YtY2Y0NjVjNmRkYjUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJA
MA0GCSqGSIb3DQEBCwUAA4IBAQC824R1ZYBa5pbgoMw6hBebX/PUbyk2Yw7+PiBN
3SfRew/qByRZ3k1GJLdMCJ+FJyimCArLvsSD1xeHcJgEb9R/BtU2dLnjcNy9da9A
HIIkiIKpO31Ak6iNNQ7VoSBC9R+YTIYhv1oIed8ZOiB46sVe3UIuc/AQyg4gvbyV
I/ZRTPQ0QBZaQmIZCx82ulQnZ4NN1x8z5LM2aa86fi/DJt71sI+Q5l1S6qpNlH9f
9ZVK/u7n7SxFabElwXY8BIP6Ynerd4dQrCGibMwfwUFJF6GLwuklLWsjRBg4+HEV
iZDp0MqVHFcEyazb40VmQmsY87IBKRnEBbegm/rUSAr/2TeH
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:33 2024 by rpki-client on console-fra.rpki-client.org