Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f97778b4-85b1-4580-ac38-a4872d19261b.roa
File: f97778b4-85b1-4580-ac38-a4872d19261b.roa (raw, json)
Hash identifier: FtJKGdR53qKYDTdDQdIFIoqsRFZ1tnH9ySvzkSM67Mo=
Subject key identifier: 0B:C7:30:FF:ED:84:51:A4:B5:F1:2C:86:1B:3A:3D:3A:34:BB:70:4A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B032A0CEA946AB5354B3E42CD8EB41E34931F1A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f97778b4-85b1-4580-ac38-a4872d19261b.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:03:2a:0c:ea:94:6a:b5:35:4b:3e:42:cd:8e:b4:1e:34:93:1f:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=c3b3107bb1b861c7901dcaac02e281c43ef87545eda73ba1fc7c9d81fd22c840, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f9:29:1a:09:a9:b4:e7:d3:6d:b2:4b:be:91:
fc:31:0e:3c:11:b5:77:59:c8:6a:93:d8:e7:f3:0d:
c2:8c:d7:10:e0:46:45:10:0a:6c:74:f0:59:d4:b6:
72:dc:e3:85:30:6c:a7:b3:ba:df:2a:9b:8a:cf:1c:
bd:d4:12:dc:c8:bf:09:3c:55:ec:15:0c:3a:74:79:
e4:ae:ac:9f:49:67:4b:68:a2:12:cb:c9:1d:45:f5:
d0:d8:64:ba:91:f9:e3:23:4a:76:e6:07:2e:24:96:
f5:ac:43:7a:53:8c:ed:9f:bb:c4:c3:51:21:4e:82:
3f:10:bb:70:24:52:44:fa:1d:c9:a4:bc:27:eb:91:
e3:e1:c1:b1:ac:25:94:e1:f1:43:ce:36:04:c3:07:
95:d7:37:ad:43:e6:ac:e2:5a:61:aa:b3:57:d4:1c:
1f:ee:00:fc:4b:9c:d5:bc:42:7b:fb:55:a8:eb:f4:
f9:a3:6e:23:0f:f3:5a:74:b0:1d:a7:d4:06:3b:e5:
ff:8e:39:4f:cf:b1:2a:5b:c0:31:39:ef:75:88:7f:
60:cb:eb:87:65:40:e7:88:b4:08:61:6b:bb:ff:13:
3c:42:2d:6c:b3:82:4a:de:82:02:a0:84:d7:6f:df:
02:a1:eb:b7:62:98:dd:a6:27:45:13:69:3f:1d:2e:
3b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:C7:30:FF:ED:84:51:A4:B5:F1:2C:86:1B:3A:3D:3A:34:BB:70:4A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f97778b4-85b1-4580-ac38-a4872d19261b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:5000::/40
Signature Algorithm: sha256WithRSAEncryption
30:5f:ad:3b:92:d6:54:ac:37:aa:dd:1c:19:9c:64:fa:00:5b:
54:c2:3d:f6:27:ce:73:c0:77:c6:98:de:7a:d6:fc:24:bb:d2:
a0:94:0b:17:88:f8:10:d4:f2:a0:97:e2:dc:07:46:43:d0:d3:
01:a4:51:3a:0f:76:c5:17:a9:30:19:85:08:d4:65:4a:63:dc:
66:e3:3f:e5:2c:c1:6a:c3:b1:61:94:3d:56:bf:d1:ca:31:8c:
ea:d6:b4:95:91:80:49:61:89:a1:cd:2e:63:9d:62:b3:05:68:
89:34:c3:06:54:2e:ee:ff:50:e2:7d:8f:66:7a:54:00:7f:5d:
c9:6c:85:33:91:08:bb:19:22:bc:b7:eb:be:c1:11:00:0d:a8:
d6:06:de:01:d4:32:7e:d1:02:0b:12:96:5a:d5:10:50:f1:c4:
6a:6e:30:d1:ed:99:87:4d:60:7d:7c:e0:d4:c4:a8:44:86:8b:
4a:9f:9c:9c:96:17:60:40:9a:aa:a7:95:21:b6:90:a4:86:be:
a3:12:d0:6c:bb:1f:63:94:82:5b:0a:cb:b5:97:8b:bb:11:3f:
39:96:cf:11:92:f0:27:42:a5:c7:6a:9d:4e:35:78:ac:d2:c4:
b6:42:0e:2e:9e:37:ce:e5:d3:52:a1:ca:51:ab:63:68:0a:8f:
93:76:0e:1a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGwMqDOqUarU1Sz5CzY60HjSTHxowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGMzYjMxMDdiYjFiODYxYzc5MDFkY2FhYzAyZTI4MWM0M2VmODc1NDVlZGE3
M2JhMWZjN2M5ZDgxZmQyMmM4NDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJj5KRoJqbTn022yS76R/DEOPBG1d1nIapPY5/MNwozXEOBGRRAKbHTwWdS2
ctzjhTBsp7O63yqbis8cvdQS3Mi/CTxV7BUMOnR55K6sn0lnS2iiEsvJHUX10Nhk
upH54yNKduYHLiSW9axDelOM7Z+7xMNRIU6CPxC7cCRSRPodyaS8J+uR4+HBsawl
lOHxQ842BMMHldc3rUPmrOJaYaqzV9QcH+4A/Euc1bxCe/tVqOv0+aNuIw/zWnSw
HafUBjvl/445T8+xKlvAMTnvdYh/YMvrh2VA54i0CGFru/8TPEItbLOCSt6CAqCE
12/fAqHrt2KY3aYnRRNpPx0uO+8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQLxzD/
7YRRpLXxLIYbOj06NLtwSjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Zjk3Nzc4YjQtODViMS00NTgwLWFjMzgtYTQ4NzJkMTkyNjFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAwX607ktZUrDeq3RwZnGT6AFtUwj32J85zwHfG
mN561vwku9KglAsXiPgQ1PKgl+LcB0ZD0NMBpFE6D3bFF6kwGYUI1GVKY9xm4z/l
LMFqw7FhlD1Wv9HKMYzq1rSVkYBJYYmhzS5jnWKzBWiJNMMGVC7u/1DifY9melQA
f13JbIUzkQi7GSK8t+u+wREADajWBt4B1DJ+0QILEpZa1RBQ8cRqbjDR7ZmHTWB9
fODUxKhEhotKn5yclhdgQJqqp5UhtpCkhr6jEtBsux9jlIJbCsu1l4u7ET85ls8R
kvAnQqXHap1ONXis0sS2Qg4unjfO5dNSocpRq2NoCo+Tdg4a
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:31:27 2024 by rpki-client on console-fra.rpki-client.org