Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f97778b4-85b1-4580-ac38-a4872d19261b.roa
File: f97778b4-85b1-4580-ac38-a4872d19261b.roa (raw, json)
Hash identifier: o+iWUvvjk53tPK2L3bG0XfbA/QuHnlUjPYd89rDnc9U=
Subject key identifier: 53:01:07:EF:3D:54:41:EE:62:67:A0:82:A5:D8:88:9B:6C:A7:F7:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E914064DB147B2EE305ECFAD3000F25DBAD9023
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f97778b4-85b1-4580-ac38-a4872d19261b.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:91:40:64:db:14:7b:2e:e3:05:ec:fa:d3:00:0f:25:db:ad:90:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=2d4c0347eaac3dc997f5767df59f9b56874eee99c51b5b079e594aa477584d96, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6e:39:f5:92:2d:3c:41:5c:6c:e0:7c:29:b2:
2f:32:02:45:3f:79:e5:75:16:b4:d9:34:66:e6:da:
98:69:0c:0e:65:bb:c3:e8:74:49:4f:84:25:17:be:
25:53:79:44:78:33:fe:95:a0:09:2a:4d:89:40:12:
f0:f3:68:8a:a3:c1:00:6c:7f:03:99:bb:fb:60:8d:
91:3c:fa:20:01:9a:0f:96:e5:f9:59:29:00:72:d4:
7f:a0:95:d2:bb:99:12:56:2e:cb:96:8f:c6:7a:da:
e3:15:db:fd:0c:d9:18:5f:4d:f1:df:14:20:f5:06:
17:0c:e2:5e:f7:cb:30:d9:18:30:8c:3a:56:5c:35:
72:6d:22:83:39:05:54:35:11:4b:66:53:ae:ef:dd:
33:4d:fe:99:b6:b7:1e:2a:54:98:3e:af:0a:3a:03:
04:1e:da:f1:86:46:f7:96:7b:8e:f9:3a:d8:80:83:
62:f7:20:21:ca:b4:48:91:d1:3b:ee:1f:d0:b5:9c:
de:d1:cd:31:06:28:8e:c8:c9:82:48:9b:dc:7c:de:
c5:a7:27:21:70:b9:09:3e:4f:2b:01:03:d4:6c:fa:
31:bc:28:12:9b:2c:86:02:c4:77:1b:cc:6a:8e:ba:
a4:66:37:02:9b:97:ee:63:c1:31:ab:e8:a2:1f:5b:
94:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:01:07:EF:3D:54:41:EE:62:67:A0:82:A5:D8:88:9B:6C:A7:F7:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f97778b4-85b1-4580-ac38-a4872d19261b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:5000::/40
Signature Algorithm: sha256WithRSAEncryption
28:b9:d6:05:4a:89:5c:03:91:24:86:c0:c5:9d:5f:de:7d:99:
eb:cb:5b:42:21:06:f3:53:57:81:b2:36:82:ad:56:de:90:4a:
bf:c1:94:17:07:ca:9f:31:42:a5:cb:22:25:ff:15:34:d4:05:
b6:05:6e:b4:98:ee:a0:ca:f4:64:48:37:f0:39:dd:0d:f3:01:
7d:d8:a7:fc:03:39:0d:4f:d7:b1:f4:37:a8:2b:8e:53:00:ab:
5d:9c:e8:01:8f:9d:16:04:12:87:1c:eb:23:c5:70:1f:5a:88:
77:a7:b5:3c:0c:b6:a8:53:d4:47:02:89:76:47:a7:1f:e5:ba:
5e:ce:50:60:bc:5a:5e:08:65:25:d5:de:d5:4b:8c:d5:bf:b6:
1f:90:48:04:83:af:bf:3f:cd:5f:63:58:f1:f2:8c:8d:d1:18:
6e:23:04:2a:79:a7:f4:46:ce:62:e8:ce:60:62:c1:e6:2f:d0:
00:8a:75:f9:68:6c:56:9d:e6:0f:f6:82:e2:45:71:62:ad:66:
6c:6a:fb:85:e8:a9:a5:cd:98:4d:a4:8d:19:08:f4:fa:d7:3e:
1b:5a:15:f9:17:7b:79:1d:bd:fd:07:82:94:d8:cc:22:6b:d1:
ef:b6:46:da:47:a4:54:6f:ae:f5:c4:80:b5:47:71:96:6f:bf:
2d:bb:d6:e9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbpFAZNsUey7jBez60wAPJdutkCMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkNGMwMzQ3ZWFhYzNkYzk5N2Y1NzY3ZGY1OWY5YjU2ODc0ZWVlOTljNTFi
NWIwNzllNTk0YWE0Nzc1ODRkOTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJluOfWSLTxBXGzgfCmyLzICRT955XUWtNk0ZubamGkMDmW7w+h0SU+EJRe+
JVN5RHgz/pWgCSpNiUAS8PNoiqPBAGx/A5m7+2CNkTz6IAGaD5bl+VkpAHLUf6CV
0ruZElYuy5aPxnra4xXb/QzZGF9N8d8UIPUGFwziXvfLMNkYMIw6Vlw1cm0igzkF
VDURS2ZTru/dM03+mba3HipUmD6vCjoDBB7a8YZG95Z7jvk62ICDYvcgIcq0SJHR
O+4f0LWc3tHNMQYojsjJgkib3HzexacnIXC5CT5PKwED1Gz6MbwoEpsshgLEdxvM
ao66pGY3ApuX7mPBMavooh9blP8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRTAQfv
PVRB7mJnoIKl2IibbKf3kDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Zjk3Nzc4YjQtODViMS00NTgwLWFjMzgtYTQ4NzJkMTkyNjFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAoudYFSolcA5EkhsDFnV/efZnry1tCIQbzU1eB
sjaCrVbekEq/wZQXB8qfMUKlyyIl/xU01AW2BW60mO6gyvRkSDfwOd0N8wF92Kf8
AzkNT9ex9DeoK45TAKtdnOgBj50WBBKHHOsjxXAfWoh3p7U8DLaoU9RHAol2R6cf
5bpezlBgvFpeCGUl1d7VS4zVv7YfkEgEg6+/P81fY1jx8oyN0RhuIwQqeaf0Rs5i
6M5gYsHmL9AAinX5aGxWneYP9oLiRXFirWZsavuF6KmlzZhNpI0ZCPT61z4bWhX5
F3t5Hb39B4KU2Mwia9HvtkbaR6RUb671xIC1R3GWb78tu9bp
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:33 2024 by rpki-client on console-fra.rpki-client.org