Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fffa4b9d-c694-4dd2-82e6-0ebe31095be3.roa
File: fffa4b9d-c694-4dd2-82e6-0ebe31095be3.roa (raw, json)
Hash identifier: 5sHHc4l3TpSI41VU8nSZ+iKfiexD+yOImrRd7s37Hz0=
Subject key identifier: C0:B6:95:E2:CA:3C:7D:87:5C:3E:A1:14:20:6A:7A:63:E7:5E:E7:58
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E76C7E56A5DCED38F2C4B02EDC76C84DA553344
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fffa4b9d-c694-4dd2-82e6-0ebe31095be3.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:76:c7:e5:6a:5d:ce:d3:8f:2c:4b:02:ed:c7:6c:84:da:55:33:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=88e20d3317f2280b6f92b47d09dabb4455add5cb36a52f95bdb5ecb9b2e07b24, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d1:79:d9:27:33:2e:8e:a6:23:ba:ca:9b:6b:
b2:5e:78:a8:f3:b8:82:87:1f:fc:be:5c:09:a8:46:
a9:40:b6:b4:0b:c5:cc:59:a2:42:47:b7:63:95:89:
74:e5:cb:3b:7e:ae:13:a8:70:b0:11:23:d8:56:f8:
65:85:db:4a:66:69:45:92:4d:65:49:33:b9:4c:c5:
c1:d0:48:35:db:24:c9:6c:c1:87:a6:55:f9:36:1b:
16:c9:45:c8:7f:0f:fe:b4:bd:6c:e7:8c:ef:9d:a3:
8f:bd:ed:ad:33:28:be:49:e7:d5:67:85:a5:e1:b6:
fd:c9:ad:88:31:f2:f4:eb:88:c1:49:86:01:4a:ba:
91:85:87:fa:55:09:eb:9a:bf:7e:6d:bb:b4:3b:08:
3d:d2:f2:22:f4:80:65:e0:d1:25:cb:f4:cc:5c:66:
83:ef:c7:e4:73:8e:82:30:d3:4d:8f:08:b4:1f:5a:
61:ab:43:76:e2:28:37:7a:93:c7:66:1a:50:9f:be:
f9:c8:b4:aa:85:ab:98:9e:a4:20:62:d9:bc:db:09:
69:d1:20:62:10:55:9c:1b:03:01:10:13:2c:46:47:
c8:e4:1c:70:ad:a2:ca:29:e6:91:0e:a4:87:e1:16:
f4:18:42:96:2f:8f:6a:96:ab:7d:ae:2a:63:dd:83:
56:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:B6:95:E2:CA:3C:7D:87:5C:3E:A1:14:20:6A:7A:63:E7:5E:E7:58
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fffa4b9d-c694-4dd2-82e6-0ebe31095be3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:1000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:be:38:34:4f:ec:93:df:fb:15:8a:f8:d6:ab:e0:9c:6c:76:
00:4e:72:04:26:24:10:7a:91:8f:c1:33:80:d7:a3:8a:8c:78:
93:5f:19:6b:2a:88:76:4f:74:54:be:dc:0e:f1:c4:c7:c1:3b:
42:fc:5c:0a:14:17:c6:5d:22:0c:3e:20:a0:1f:3c:07:d3:d1:
39:8d:2d:c5:07:d9:5d:47:26:ff:16:b5:ef:d8:8f:85:9b:10:
20:a8:01:5a:3c:3d:54:6e:fa:f6:be:43:ae:b2:b5:26:45:71:
a5:99:cf:0b:ad:b1:5f:3d:76:63:f6:e0:e1:4a:5b:8d:bd:b5:
d8:57:9e:84:05:9e:17:31:eb:c6:8a:de:88:32:8c:eb:8e:e2:
25:51:e1:21:47:15:30:10:97:38:a3:83:01:44:32:a7:c8:5f:
df:52:89:e4:39:4b:fe:35:3a:d2:de:45:83:76:93:4a:d5:90:
78:7d:36:7b:09:33:71:f4:7a:09:f0:bb:d2:85:70:95:8e:26:
99:98:19:d3:76:ae:21:a7:28:fe:ae:94:ab:f7:a4:be:16:3e:
81:39:f0:6c:5e:d4:0e:1a:94:78:d5:1a:ac:91:0c:03:0f:99:
6d:ac:b6:e7:72:49:18:e2:25:6a:85:99:c6:82:36:26:9a:bb:
8a:f3:b8:bf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbnbH5WpdztOPLEsC7cdshNpVM0QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4ZTIwZDMzMTdmMjI4MGI2ZjkyYjQ3ZDA5ZGFiYjQ0NTVhZGQ1Y2IzNmE1
MmY5NWJkYjVlY2I5YjJlMDdiMjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLRedknMy6OpiO6yptrsl54qPO4gocf/L5cCahGqUC2tAvFzFmiQke3Y5WJ
dOXLO36uE6hwsBEj2Fb4ZYXbSmZpRZJNZUkzuUzFwdBINdskyWzBh6ZV+TYbFslF
yH8P/rS9bOeM752jj73trTMovknn1WeFpeG2/cmtiDHy9OuIwUmGAUq6kYWH+lUJ
65q/fm27tDsIPdLyIvSAZeDRJcv0zFxmg+/H5HOOgjDTTY8ItB9aYatDduIoN3qT
x2YaUJ+++ci0qoWrmJ6kIGLZvNsJadEgYhBVnBsDARATLEZHyOQccK2iyinmkQ6k
h+EW9BhCli+Paparfa4qY92DVuMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTAtpXi
yjx9h1w+oRQganpj517nWDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmZmYTRiOWQtYzY5NC00ZGQyLTgyZTYtMGViZTMxMDk1YmUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HkQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDBvjg0T+yT3/sVivjWq+CcbHYATnIEJiQQepGP
wTOA16OKjHiTXxlrKoh2T3RUvtwO8cTHwTtC/FwKFBfGXSIMPiCgHzwH09E5jS3F
B9ldRyb/FrXv2I+FmxAgqAFaPD1Ubvr2vkOusrUmRXGlmc8LrbFfPXZj9uDhSluN
vbXYV56EBZ4XMevGit6IMozrjuIlUeEhRxUwEJc4o4MBRDKnyF/fUonkOUv+NTrS
3kWDdpNK1ZB4fTZ7CTNx9HoJ8LvShXCVjiaZmBnTdq4hpyj+rpSr96S+Fj6BOfBs
XtQOGpR41RqskQwDD5ltrLbnckkY4iVqhZnGgjYmmruK87i/
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:46 2024 by rpki-client on console-ams.rpki-client.org