Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fa621245-a4af-4257-a86f-6350f3d9095c.roa
File: fa621245-a4af-4257-a86f-6350f3d9095c.roa (raw, json)
Hash identifier: rXqj4ekeIvAYcJWmZClWNGBht3dC6kUXTQq2IJN18k8=
Subject key identifier: 52:50:6A:8C:15:1B:E3:68:00:BC:CD:E6:1C:55:AF:D0:6D:41:D2:34
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F4C0C4DBA7B924481E41CBFBF8EADE8F76AF2DE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fa621245-a4af-4257-a86f-6350f3d9095c.roa
Signing time: Mon 08 Apr 2024 00:00:00 +0000
ROA not before: Mon 08 Apr 2024 00:00:00 +0000
ROA not after: Mon 13 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:4c:0c:4d:ba:7b:92:44:81:e4:1c:bf:bf:8e:ad:e8:f7:6a:f2:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 8 00:00:00 2024 GMT
Not After : May 13 23:59:59 2024 GMT
Subject: serialNumber=4c6a3c9842c3bedf1667105a25f9a3aa5811cf4b125ccb937f3adbb578169c7c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:51:d0:4a:70:dc:d3:af:bf:03:fd:40:4e:5c:
7a:89:d8:8e:94:d4:f1:9f:13:56:34:61:1e:bd:bd:
bb:db:11:e7:bd:81:a2:93:5b:12:c8:c1:5d:aa:4b:
99:68:b6:eb:1a:e4:b0:87:b0:40:42:2a:fc:2d:53:
dc:98:37:e6:14:de:e5:51:3f:32:e9:f9:56:bb:4c:
5a:85:17:84:04:e5:10:e2:bb:4f:2d:33:e6:2c:8b:
15:0d:be:cb:65:31:8c:36:12:16:fc:df:2a:b6:d7:
2b:d0:b3:ee:f3:fe:aa:21:c0:b2:f0:dc:1f:72:04:
82:f1:58:0d:45:f6:eb:40:43:0d:9e:97:2b:00:df:
fb:5c:e2:3b:c3:f9:3c:25:a7:eb:83:f4:c5:00:39:
91:4b:2d:3a:b7:e9:68:6c:da:07:e0:45:c7:7c:a2:
1d:b7:68:4f:3b:3e:8c:db:3d:56:46:58:71:c3:6b:
04:bd:b3:18:fe:0b:dd:38:a4:db:cd:dd:0e:25:88:
56:4b:7d:2c:45:79:4b:42:01:40:8a:c9:d8:09:f2:
a9:94:b3:e8:ca:4a:f1:b0:68:52:5f:81:d4:a1:56:
aa:d0:4f:86:73:68:68:67:54:83:58:ce:29:ba:74:
27:18:a4:da:d9:e9:d2:4b:dc:46:91:d7:40:93:b4:
3e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:50:6A:8C:15:1B:E3:68:00:BC:CD:E6:1C:55:AF:D0:6D:41:D2:34
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fa621245-a4af-4257-a86f-6350f3d9095c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d::/36
Signature Algorithm: sha256WithRSAEncryption
be:23:e1:13:9d:b4:1e:e9:40:c5:48:de:a0:03:8b:82:72:58:
8b:c9:a5:2e:fd:91:1c:6f:53:2a:8d:15:df:7e:13:ac:8b:6b:
0b:a8:ab:e8:49:ba:9b:1b:79:f4:4e:b2:26:16:73:ac:68:7e:
5b:dc:5c:6c:08:50:c8:18:89:fd:15:ef:7e:2c:e9:51:18:f6:
9e:21:c1:b1:ec:7b:1e:52:da:03:80:47:e0:93:83:fa:7d:16:
e8:02:14:cc:aa:05:e4:09:41:5c:cb:96:fe:96:54:0d:2e:e9:
1c:1d:42:49:da:cc:81:9a:7c:49:58:80:c9:bc:5b:6e:b7:5d:
d9:fc:9d:51:97:1c:e1:9a:35:34:56:8d:db:b2:10:4f:b6:58:
5e:e2:99:43:35:8b:74:b5:34:18:f8:5b:24:e2:41:4f:2e:c5:
e2:e8:2c:17:99:e2:9d:c9:4d:c3:25:00:60:9d:d6:9a:e1:af:
f1:aa:b2:1f:58:d9:89:a4:44:45:51:a5:27:8c:c1:9e:55:28:
78:53:f1:e9:ec:cb:da:30:b4:cc:5d:79:9e:dc:d8:74:1d:04:
7a:cb:64:12:15:4c:2f:a1:f0:7b:b0:89:a8:c9:ed:e9:98:fb:
e9:b3:4a:92:24:ac:18:2a:97:50:1e:8c:a4:bf:7b:b9:19:56:
65:93:13:bf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUb0wMTbp7kkSB5By/v46t6Pdq8t4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDgwMDAwMDBaFw0yNDA1MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjNmEzYzk4NDJjM2JlZGYxNjY3MTA1YTI1ZjlhM2FhNTgxMWNmNGIxMjVj
Y2I5MzdmM2FkYmI1NzgxNjljN2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJhR0Epw3NOvvwP9QE5ceonYjpTU8Z8TVjRhHr29u9sR572BopNbEsjBXapL
mWi26xrksIewQEIq/C1T3Jg35hTe5VE/Mun5VrtMWoUXhATlEOK7Ty0z5iyLFQ2+
y2UxjDYSFvzfKrbXK9Cz7vP+qiHAsvDcH3IEgvFYDUX260BDDZ6XKwDf+1ziO8P5
PCWn64P0xQA5kUstOrfpaGzaB+BFx3yiHbdoTzs+jNs9VkZYccNrBL2zGP4L3Tik
283dDiWIVkt9LEV5S0IBQIrJ2AnyqZSz6MpK8bBoUl+B1KFWqtBPhnNoaGdUg1jO
Kbp0Jxik2tnp0kvcRpHXQJO0Pm8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRSUGqM
FRvjaAC8zeYcVa/QbUHSNDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmE2MjEyNDUtYTRhZi00MjU3LWE4NmYtNjM1MGYzZDkwOTVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0B0A
MA0GCSqGSIb3DQEBCwUAA4IBAQC+I+ETnbQe6UDFSN6gA4uCcliLyaUu/ZEcb1Mq
jRXffhOsi2sLqKvoSbqbG3n0TrImFnOsaH5b3FxsCFDIGIn9Fe9+LOlRGPaeIcGx
7HseUtoDgEfgk4P6fRboAhTMqgXkCUFcy5b+llQNLukcHUJJ2syBmnxJWIDJvFtu
t13Z/J1RlxzhmjU0Vo3bshBPtlhe4plDNYt0tTQY+Fsk4kFPLsXi6CwXmeKdyU3D
JQBgndaa4a/xqrIfWNmJpERFUaUnjMGeVSh4U/Hp7MvaMLTMXXme3Nh0HQR6y2QS
FUwvofB7sImoye3pmPvps0qSJKwYKpdQHoykv3u5GVZlkxO/
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:11 2024 by rpki-client on console-fra.rpki-client.org