Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ff27e9d1-ceb1-4c3f-b870-67bf9b6b52aa.roa
File: ff27e9d1-ceb1-4c3f-b870-67bf9b6b52aa.roa (raw, json)
Hash identifier: /GVutmTM/APmXNK1CRuCF4wxmEBR3JJzNkkK8GhViFA=
Subject key identifier: AB:A9:19:7D:64:1D:77:B3:05:8C:1D:94:58:C6:0D:CD:4A:2F:B0:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47223D4FE18E4595A1444F729646628C565CE6A3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ff27e9d1-ceb1-4c3f-b870-67bf9b6b52aa.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:22:3d:4f:e1:8e:45:95:a1:44:4f:72:96:46:62:8c:56:5c:e6:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=61a14619c1b2414ec079102b7d098df49f594b0ad8e5b954f538085ae8180d06, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:eb:b8:42:cf:2b:e2:05:72:6c:3e:04:f3:a1:
9d:b2:2d:6a:a9:3f:ad:1e:81:92:7b:5c:83:a3:6f:
8b:54:54:75:1f:da:92:e5:f8:ad:90:fa:f7:d9:29:
03:2c:80:30:77:78:3e:da:1b:c4:0e:13:1c:1d:bd:
6b:b1:43:e9:44:49:01:c4:38:46:01:1a:3a:4c:1b:
c0:f3:38:0c:1f:03:58:b5:85:69:dc:75:c6:3a:da:
8f:70:b6:ca:ef:92:ad:94:b5:b7:82:d5:7a:d9:0d:
9a:20:c6:0d:7a:32:d9:67:02:51:e7:30:0f:5f:62:
44:8c:c9:7b:4f:8c:ce:7b:4c:f7:99:98:19:f9:b2:
69:35:66:ef:cf:1e:0a:6f:88:84:f6:f8:be:a7:e0:
15:4d:fc:ae:0c:65:b3:ed:9c:79:d6:a6:b3:d8:8b:
30:b8:2b:04:63:f0:b6:ea:af:6a:2c:77:81:95:d8:
51:83:ca:36:4c:bb:be:97:3f:05:36:5c:52:e7:f6:
a6:db:79:6f:e7:65:1f:72:e4:d1:4a:3c:e6:92:64:
40:ba:fd:98:5a:c0:0d:51:a4:52:89:f3:d7:1c:15:
66:38:44:ce:7f:c7:bc:98:23:69:12:a5:08:12:19:
9e:f9:9b:e8:e6:d8:3f:30:ba:97:bb:14:d6:9e:6a:
6b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:A9:19:7D:64:1D:77:B3:05:8C:1D:94:58:C6:0D:CD:4A:2F:B0:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ff27e9d1-ceb1-4c3f-b870-67bf9b6b52aa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:b000::/40
Signature Algorithm: sha256WithRSAEncryption
be:4c:a4:95:c8:d9:a0:6f:b5:d0:32:b9:2e:6e:54:62:ff:67:
67:29:00:e1:a2:b1:a2:d0:c3:48:9d:8b:2a:3c:5c:ac:1f:c6:
e2:2a:d5:25:a8:8a:d2:c3:02:8d:ff:d5:0c:0e:07:db:54:8c:
1a:a1:d1:69:64:d1:9b:bb:b5:60:21:d6:06:86:0a:9b:de:0e:
a5:da:74:53:2d:0d:a4:7e:c3:6f:12:b5:2d:55:40:64:d7:4d:
06:e0:6f:e0:2c:37:f0:25:a9:16:5c:98:47:24:ed:99:83:05:
b4:8b:37:0f:2f:9d:f3:4c:14:70:ab:17:8e:b4:90:b2:46:d0:
ba:00:a4:39:92:36:c7:3a:33:1b:56:55:0f:2f:74:7f:6d:ad:
9f:37:ce:ac:38:76:4a:45:76:83:84:27:0f:f5:50:ec:5f:07:
60:b6:29:eb:7e:8f:57:11:9c:4b:7a:5e:95:22:20:a1:07:c9:
5e:92:0d:ee:24:38:a7:bf:1e:df:f0:00:61:3f:7e:68:84:bb:
fd:be:c8:08:8b:85:50:59:75:29:57:f3:00:44:a6:e0:e5:36:
48:27:4e:45:a3:7f:c1:de:e3:ed:a9:0a:78:09:84:ea:a6:19:
ed:10:20:cb:00:2c:73:d7:b6:92:08:b0:1c:7c:f5:69:d3:89:
29:07:85:4e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURyI9T+GORZWhRE9ylkZijFZc5qMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxYTE0NjE5YzFiMjQxNGVjMDc5MTAyYjdkMDk4ZGY0OWY1OTRiMGFkOGU1
Yjk1NGY1MzgwODVhZTgxODBkMDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbruELPK+IFcmw+BPOhnbItaqk/rR6Bkntcg6Nvi1RUdR/akuX4rZD699kp
AyyAMHd4PtobxA4THB29a7FD6URJAcQ4RgEaOkwbwPM4DB8DWLWFadx1xjraj3C2
yu+SrZS1t4LVetkNmiDGDXoy2WcCUecwD19iRIzJe0+MzntM95mYGfmyaTVm788e
Cm+IhPb4vqfgFU38rgxls+2cedams9iLMLgrBGPwtuqvaix3gZXYUYPKNky7vpc/
BTZcUuf2ptt5b+dlH3Lk0Uo85pJkQLr9mFrADVGkUonz1xwVZjhEzn/HvJgjaRKl
CBIZnvmb6ObYPzC6l7sU1p5qa+ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSrqRl9
ZB13swWMHZRYxg3NSi+wjzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmYyN2U5ZDEtY2ViMS00YzNmLWI4NzAtNjdiZjliNmI1MmFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKw
MA0GCSqGSIb3DQEBCwUAA4IBAQC+TKSVyNmgb7XQMrkublRi/2dnKQDhorGi0MNI
nYsqPFysH8biKtUlqIrSwwKN/9UMDgfbVIwaodFpZNGbu7VgIdYGhgqb3g6l2nRT
LQ2kfsNvErUtVUBk100G4G/gLDfwJakWXJhHJO2ZgwW0izcPL53zTBRwqxeOtJCy
RtC6AKQ5kjbHOjMbVlUPL3R/ba2fN86sOHZKRXaDhCcP9VDsXwdgtinrfo9XEZxL
el6VIiChB8lekg3uJDinvx7f8ABhP35ohLv9vsgIi4VQWXUpV/MARKbg5TZIJ05F
o3/B3uPtqQp4CYTqphntECDLACxz17aSCLAcfPVp04kpB4VO
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:33 2024 by rpki-client on console-fra.rpki-client.org