Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ecb3878-2618-4a84-8b0d-b24f8a80bcfe.roa
File: 0ecb3878-2618-4a84-8b0d-b24f8a80bcfe.roa (raw, json)
Hash identifier: 3qYLR1PLkP9pkHB2Y5R1YWorrwR2lHigypnbsqTTMXc=
Subject key identifier: C9:07:36:AC:C8:68:3C:CC:C5:2B:A9:0F:A0:BA:B9:9D:79:53:A5:04
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 73F8F819496BFD84DD8C013E95BC74A1FA6E54B4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ecb3878-2618-4a84-8b0d-b24f8a80bcfe.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:f8:f8:19:49:6b:fd:84:dd:8c:01:3e:95:bc:74:a1:fa:6e:54:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=f1d449cf20fcc1af8407f1785904bfc4c5d4f75f9bec59d52d3709cedd49fd33, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c1:3b:d5:e3:40:24:51:61:9b:97:76:15:a4:
6f:d7:d2:66:71:1f:cc:ed:eb:35:1d:e6:76:5a:9e:
04:43:94:32:b4:9c:f6:db:9c:ca:e2:b5:48:19:1d:
4d:3b:d7:8e:9d:c5:4c:40:ca:d8:5a:55:a5:79:6c:
82:fb:35:32:fb:b2:fb:a1:17:cf:ce:5a:56:01:f1:
42:93:be:43:da:69:88:57:38:a0:43:eb:ef:54:b8:
a0:85:46:68:70:71:c2:6e:89:1f:67:66:e8:35:38:
4f:8c:df:cb:d4:f9:fe:ba:db:25:d9:50:ca:86:ff:
e9:32:2e:d7:17:f1:f0:13:1c:63:c5:a3:e9:9f:44:
f6:36:6f:fa:e4:3a:cb:59:0f:0f:da:c8:23:58:5e:
d2:6f:7f:67:e1:e6:5f:fa:16:65:4c:3e:74:b4:bc:
9d:11:c0:6f:39:e1:ed:31:f7:39:26:1b:6a:b3:f6:
57:84:49:e7:8b:25:52:ba:b4:86:f8:78:9f:43:77:
7e:5c:01:75:23:a9:37:fe:52:55:c8:87:fe:e0:8f:
cc:68:71:ba:d2:59:cd:9e:12:52:1c:f6:46:d0:36:
3e:dc:9d:ce:89:fa:24:b6:ee:16:80:b9:9b:59:04:
7f:e3:8c:08:21:52:aa:be:82:c0:56:a9:54:0a:6a:
9c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:07:36:AC:C8:68:3C:CC:C5:2B:A9:0F:A0:BA:B9:9D:79:53:A5:04
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ecb3878-2618-4a84-8b0d-b24f8a80bcfe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:2000::/40
Signature Algorithm: sha256WithRSAEncryption
0d:26:98:b2:45:cc:28:b9:45:80:fb:83:46:2e:c4:ae:c8:96:
57:fe:2a:7d:c7:6d:06:76:09:e5:13:79:80:c6:05:5d:b8:7c:
61:a3:46:0c:b1:cf:0d:72:15:5c:b3:45:9a:cc:56:02:11:35:
10:06:71:5f:57:f2:ac:ca:ac:c9:7f:49:54:c7:eb:76:7c:0b:
45:b6:f9:6d:45:c8:0d:7e:73:46:1d:3d:cb:ee:40:f3:7a:7e:
71:00:eb:87:b7:fa:c7:6a:3d:44:56:d2:91:f8:55:90:2e:42:
d1:62:ae:0a:6a:49:87:a9:35:ba:b0:5b:89:78:44:57:27:1a:
13:37:b8:fb:1b:3a:cf:d9:02:0f:03:cd:5d:bd:bd:30:bd:b4:
cf:6d:9c:3f:6f:5f:84:ec:69:77:3d:08:44:0b:79:7f:dc:99:
7f:a4:04:9d:04:6f:27:81:16:74:36:34:c9:2d:e3:13:f6:02:
bb:0b:bb:2e:38:c7:26:2a:be:3d:07:02:36:6d:0c:06:12:ac:
f5:f8:4e:04:16:91:1a:d6:6f:a3:5f:a0:3f:04:77:f2:24:33:
cb:0b:43:0f:ea:ff:12:41:26:d9:fa:7a:c9:ee:53:07:e6:3c:
8c:b9:b8:33:e1:35:ea:9a:35:c9:87:ec:6a:79:9d:e4:4b:1e:
2f:83:2c:85
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc/j4GUlr/YTdjAE+lbx0ofpuVLQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxZDQ0OWNmMjBmY2MxYWY4NDA3ZjE3ODU5MDRiZmM0YzVkNGY3NWY5YmVj
NTlkNTJkMzcwOWNlZGQ0OWZkMzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANzBO9XjQCRRYZuXdhWkb9fSZnEfzO3rNR3mdlqeBEOUMrSc9tucyuK1SBkd
TTvXjp3FTEDK2FpVpXlsgvs1Mvuy+6EXz85aVgHxQpO+Q9ppiFc4oEPr71S4oIVG
aHBxwm6JH2dm6DU4T4zfy9T5/rrbJdlQyob/6TIu1xfx8BMcY8Wj6Z9E9jZv+uQ6
y1kPD9rII1he0m9/Z+HmX/oWZUw+dLS8nRHAbznh7TH3OSYbarP2V4RJ54slUrq0
hvh4n0N3flwBdSOpN/5SVciH/uCPzGhxutJZzZ4SUhz2RtA2Ptydzon6JLbuFoC5
m1kEf+OMCCFSqr6CwFapVApqnGECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTJBzas
yGg8zMUrqQ+gurmdeVOlBDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGVjYjM4NzgtMjYxOC00YTg0LThiMGQtYjI0ZjhhODBiY2ZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hsg
MA0GCSqGSIb3DQEBCwUAA4IBAQANJpiyRcwouUWA+4NGLsSuyJZX/ip9x20Gdgnl
E3mAxgVduHxho0YMsc8NchVcs0WazFYCETUQBnFfV/KsyqzJf0lUx+t2fAtFtvlt
RcgNfnNGHT3L7kDzen5xAOuHt/rHaj1EVtKR+FWQLkLRYq4KakmHqTW6sFuJeERX
JxoTN7j7GzrP2QIPA81dvb0wvbTPbZw/b1+E7Gl3PQhEC3l/3Jl/pASdBG8ngRZ0
NjTJLeMT9gK7C7suOMcmKr49BwI2bQwGEqz1+E4EFpEa1m+jX6A/BHfyJDPLC0MP
6v8SQSbZ+nrJ7lMH5jyMubgz4TXqmjXJh+xqeZ3kSx4vgyyF
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:29 2023 by rpki-client on console-fra.rpki-client.org