Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f348777b-416b-4956-a955-39de7f330be9.roa
File: f348777b-416b-4956-a955-39de7f330be9.roa (raw, json)
Hash identifier: 0t2dsR0dExsGjcFoqnEQ0Gkv8qxqQ/4Tuvmgy2sxaME=
Subject key identifier: 7F:B0:D3:C5:65:8B:29:AD:50:AC:9F:ED:95:50:E4:28:3F:33:B8:7D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1AED822C604B697FFCBA88D34098FCA783295F63
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f348777b-416b-4956-a955-39de7f330be9.roa
Signing time: Tue 01 Oct 2024 00:00:00 +0000
ROA not before: Tue 01 Oct 2024 00:00:00 +0000
ROA not after: Tue 05 Nov 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d040:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Oct 2024 16:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:ed:82:2c:60:4b:69:7f:fc:ba:88:d3:40:98:fc:a7:83:29:5f:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 1 00:00:00 2024 GMT
Not After : Nov 5 23:59:59 2024 GMT
Subject: serialNumber=8150957e8db43d9e5480d87bfbf42254403b2c366ab86c5e2203dc7d36ede11e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:e9:95:5f:46:77:b4:f5:3a:8a:f5:ae:a0:9d:
4a:e8:cd:45:30:52:01:a9:e3:25:7f:f4:60:4a:2b:
de:78:70:33:b0:00:13:c4:85:b0:4f:25:33:1f:25:
4e:3e:85:be:c7:8f:fc:75:94:c3:d6:f4:76:77:6d:
ff:aa:ea:56:e9:a3:85:4a:d3:0d:0d:78:3c:b7:ba:
03:72:24:be:09:64:8a:fb:2d:40:09:78:c6:40:6a:
64:b3:e8:70:8c:10:5c:4d:df:da:96:41:c3:ae:63:
94:a3:bc:e8:eb:36:4f:9b:9f:88:96:24:5c:f1:cd:
5d:2a:4a:67:5a:85:ed:36:dd:0e:58:25:98:36:6e:
e9:25:33:bc:e5:73:81:5a:ef:e8:8a:c6:e6:07:d5:
d9:1a:e8:c1:f7:60:2f:0a:df:dc:79:2c:8f:73:c1:
b7:4f:fe:92:b6:cd:1e:f6:7e:8e:bd:29:21:38:06:
e6:58:d2:c8:a6:99:08:a9:97:51:a8:8d:db:b7:70:
46:6f:46:f9:da:05:7c:d6:fc:7c:1e:58:84:ee:7d:
b7:29:4f:06:68:b1:d3:8c:ca:54:9f:2c:64:a8:76:
cb:15:ec:35:e2:de:40:32:97:72:bb:a8:28:b6:2e:
ea:be:aa:94:43:4a:eb:2d:36:b5:81:ee:ef:31:28:
57:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:B0:D3:C5:65:8B:29:AD:50:AC:9F:ED:95:50:E4:28:3F:33:B8:7D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f348777b-416b-4956-a955-39de7f330be9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040:5000::/40
Signature Algorithm: sha256WithRSAEncryption
ca:08:52:ed:a2:6e:30:e2:bd:31:6f:f8:6f:ac:37:3b:e9:a7:
15:75:22:b9:99:7a:78:a3:15:ef:b3:35:84:c2:85:5b:39:33:
2d:fc:d0:28:19:0e:eb:8b:91:2d:14:cc:70:2b:0d:16:1d:fb:
61:c0:05:e0:7d:b4:2c:63:e4:e0:0b:c2:9b:31:d2:67:e4:2b:
80:ee:a1:bf:a8:94:b2:a7:ac:c5:63:c7:df:f8:ba:48:9e:38:
41:ae:33:cb:30:e4:da:3c:10:26:e1:f5:a0:09:15:a1:13:a1:
e4:57:d5:e4:a9:cf:a9:74:fe:84:cd:f9:2e:16:80:35:e7:e1:
7e:11:3c:85:5e:6e:81:44:91:98:52:eb:7a:3b:e3:ad:00:00:
06:dd:61:21:4e:a6:48:bb:9f:5d:2f:6a:f2:7a:44:78:3f:46:
80:86:87:2c:21:bb:c8:54:9a:59:82:56:15:f7:e5:01:53:0c:
6d:76:f2:bb:7e:59:6a:0a:85:82:ac:5c:8b:d3:3e:9d:4a:ba:
0a:f3:92:db:bf:38:9e:cd:73:11:db:1e:1a:ee:0a:c2:e4:ab:
7a:e2:d6:7b:2c:04:f0:33:4c:17:87:5e:4c:c4:c4:9f:38:3b:
73:af:f1:aa:c2:f5:9f:87:00:df:72:77:66:a8:d3:86:68:8c:
cb:22:e6:02
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGu2CLGBLaX/8uojTQJj8p4MpX2MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEwMDEwMDAwMDBaFw0yNDExMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxNTA5NTdlOGRiNDNkOWU1NDgwZDg3YmZiZjQyMjU0NDAzYjJjMzY2YWI4
NmM1ZTIyMDNkYzdkMzZlZGUxMWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOPplV9Gd7T1Oor1rqCdSujNRTBSAanjJX/0YEor3nhwM7AAE8SFsE8lMx8l
Tj6FvseP/HWUw9b0dndt/6rqVumjhUrTDQ14PLe6A3IkvglkivstQAl4xkBqZLPo
cIwQXE3f2pZBw65jlKO86Os2T5ufiJYkXPHNXSpKZ1qF7TbdDlglmDZu6SUzvOVz
gVrv6IrG5gfV2RrowfdgLwrf3Hksj3PBt0/+krbNHvZ+jr0pITgG5ljSyKaZCKmX
UaiN27dwRm9G+doFfNb8fB5YhO59tylPBmix04zKVJ8sZKh2yxXsNeLeQDKXcruo
KLYu6r6qlENK6y02tYHu7zEoV8MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR/sNPF
ZYsprVCsn+2VUOQoPzO4fTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjM0ODc3N2ItNDE2Yi00OTU2LWE5NTUtMzlkZTdmMzMwYmU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0EBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDKCFLtom4w4r0xb/hvrDc76acVdSK5mXp4oxXv
szWEwoVbOTMt/NAoGQ7ri5EtFMxwKw0WHfthwAXgfbQsY+TgC8KbMdJn5CuA7qG/
qJSyp6zFY8ff+LpInjhBrjPLMOTaPBAm4fWgCRWhE6HkV9Xkqc+pdP6EzfkuFoA1
5+F+ETyFXm6BRJGYUut6O+OtAAAG3WEhTqZIu59dL2ryekR4P0aAhocsIbvIVJpZ
glYV9+UBUwxtdvK7fllqCoWCrFyL0z6dSroK85LbvziezXMR2x4a7grC5Kt64tZ7
LATwM0wXh15MxMSfODtzr/GqwvWfhwDfcndmqNOGaIzLIuYC
-----END CERTIFICATE-----
Generated at Fri Oct 18 01:39:03 2024 by rpki-client on console-fra.rpki-client.org