Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9e6230a-2e23-47ba-a3dd-770575785f82.roa
File: f9e6230a-2e23-47ba-a3dd-770575785f82.roa (raw, json)
Hash identifier: MUnZg043GGbW2vskY10Zxk2v4BUbebFJgC6LuLXg5OI=
Subject key identifier: B7:BF:F9:BD:D5:12:74:40:0B:E5:88:06:41:57:0C:7E:4F:57:2F:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 56CDCC221C315C8C64A9ED7FA8987EAE5ADB9272
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9e6230a-2e23-47ba-a3dd-770575785f82.roa
Signing time: Mon 15 Jul 2024 00:00:00 +0000
ROA not before: Mon 15 Jul 2024 00:00:00 +0000
ROA not after: Mon 19 Aug 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Jul 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:cd:cc:22:1c:31:5c:8c:64:a9:ed:7f:a8:98:7e:ae:5a:db:92:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 15 00:00:00 2024 GMT
Not After : Aug 19 23:59:59 2024 GMT
Subject: serialNumber=3d5d8ba1f9bb0b11e6abae4624b58a69d7f478a30a589ef1172c3dbc2f4b86cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:8a:03:d4:d0:58:81:9f:81:b3:1e:0d:d0:19:
59:b1:47:33:c7:56:f4:66:c6:64:c9:ad:6e:c0:f4:
55:27:f5:ac:e0:34:78:c2:6a:b0:6d:a9:2a:cf:4b:
65:e4:06:d3:15:78:1a:d2:6d:81:aa:f7:d9:84:39:
69:47:71:25:26:75:30:10:68:fb:f9:45:63:a3:4c:
f8:b5:e6:9c:dd:33:e1:9b:2a:4d:70:49:0e:fe:51:
48:b4:23:8d:72:e8:fe:d0:d9:43:6a:ec:42:7e:54:
b4:6d:c1:71:e4:94:8e:fa:82:c1:be:97:0c:33:c6:
70:c4:39:7e:c0:d8:1c:79:ba:0b:53:ae:50:38:16:
e0:5e:86:96:3f:83:13:19:8d:28:1c:35:65:13:00:
c0:b7:b5:6a:81:bd:65:1e:36:12:da:fb:7a:c5:c7:
0f:7c:2f:18:43:06:86:4f:09:fe:f3:47:d2:76:fc:
53:50:d6:19:39:ad:a6:c7:ea:e6:f4:cc:27:10:f0:
ae:b9:8c:c5:77:c6:85:09:13:c4:fc:b8:12:ca:8e:
b8:08:d6:09:8e:7e:73:25:70:0d:e9:00:b6:88:fe:
cd:c9:e1:14:c1:4d:e6:9c:ec:fb:1a:94:b4:e8:fc:
2b:4c:b0:e3:96:ea:61:4c:2c:89:a1:b4:6c:5d:97:
47:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:BF:F9:BD:D5:12:74:40:0B:E5:88:06:41:57:0C:7E:4F:57:2F:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9e6230a-2e23-47ba-a3dd-770575785f82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:9000::/40
Signature Algorithm: sha256WithRSAEncryption
aa:b3:c2:bd:53:c9:d5:c1:8a:3f:55:5e:eb:00:fb:bd:c4:2e:
71:8b:94:cd:2b:ca:5f:8c:31:59:84:50:77:f8:e7:2c:73:ce:
08:95:aa:bb:8b:ca:11:ce:f1:22:fe:9a:b5:b2:50:57:aa:c9:
71:f3:d2:0b:8b:f7:fa:a8:d9:38:67:1e:d5:8d:df:3c:f6:4a:
90:be:0c:39:86:98:9a:96:43:39:49:7c:09:e4:b4:cd:c2:62:
27:1f:3f:45:bf:8f:09:0e:bd:02:af:e4:43:d6:67:32:cf:02:
ae:25:97:c3:32:b3:aa:cb:53:a4:bd:e0:d2:de:db:7b:e4:16:
48:6f:a5:d1:19:b7:a9:71:38:02:e6:5f:0d:a9:34:fd:73:0d:
aa:2b:24:cd:d9:ef:52:f2:2a:5e:3a:5a:7b:ee:e4:07:d1:f7:
0b:55:b7:70:5b:aa:14:9e:0c:22:0f:ae:61:89:23:e9:e6:2a:
ea:a4:f2:3c:07:a2:28:65:a2:a2:47:79:a9:23:ba:04:3c:7f:
4f:07:da:bb:95:a8:3c:02:a8:d3:91:98:57:52:33:6d:56:b7:
71:d1:53:91:c2:49:03:33:75:46:96:15:73:fd:89:35:4c:78:
de:09:5a:61:0a:f9:20:cb:32:cb:52:34:c0:f3:51:b3:0f:16:
f0:e7:ea:8e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVs3MIhwxXIxkqe1/qJh+rlrbknIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA3MTUwMDAwMDBaFw0yNDA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkNWQ4YmExZjliYjBiMTFlNmFiYWU0NjI0YjU4YTY5ZDdmNDc4YTMwYTU4
OWVmMTE3MmMzZGJjMmY0Yjg2Y2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANWKA9TQWIGfgbMeDdAZWbFHM8dW9GbGZMmtbsD0VSf1rOA0eMJqsG2pKs9L
ZeQG0xV4GtJtgar32YQ5aUdxJSZ1MBBo+/lFY6NM+LXmnN0z4ZsqTXBJDv5RSLQj
jXLo/tDZQ2rsQn5UtG3BceSUjvqCwb6XDDPGcMQ5fsDYHHm6C1OuUDgW4F6Glj+D
ExmNKBw1ZRMAwLe1aoG9ZR42Etr7esXHD3wvGEMGhk8J/vNH0nb8U1DWGTmtpsfq
5vTMJxDwrrmMxXfGhQkTxPy4EsqOuAjWCY5+cyVwDekAtoj+zcnhFMFN5pzs+xqU
tOj8K0yw45bqYUwsiaG0bF2XR78CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS3v/m9
1RJ0QAvliAZBVwx+T1cvtDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjllNjIzMGEtMmUyMy00N2JhLWEzZGQtNzcwNTc1Nzg1ZjgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCqs8K9U8nVwYo/VV7rAPu9xC5xi5TNK8pfjDFZ
hFB3+Ocsc84Ilaq7i8oRzvEi/pq1slBXqslx89ILi/f6qNk4Zx7Vjd889kqQvgw5
hpialkM5SXwJ5LTNwmInHz9Fv48JDr0Cr+RD1mcyzwKuJZfDMrOqy1OkveDS3tt7
5BZIb6XRGbepcTgC5l8NqTT9cw2qKyTN2e9S8ipeOlp77uQH0fcLVbdwW6oUngwi
D65hiSPp5irqpPI8B6IoZaKiR3mpI7oEPH9PB9q7lag8AqjTkZhXUjNtVrdx0VOR
wkkDM3VGlhVz/Yk1THjeCVphCvkgyzLLUjTA81GzDxbw5+qO
-----END CERTIFICATE-----
Generated at Fri Jul 26 17:47:22 2024 by rpki-client on console-fra.rpki-client.org