Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f3fbd71-85b4-48a7-8479-e942c9578262.roa
File: 0f3fbd71-85b4-48a7-8479-e942c9578262.roa (raw, json)
Hash identifier: sH0QoNZ5IMb008ZZY8wqniUrjJqDd7cBpWuqQk3Hitw=
Subject key identifier: 76:E2:D8:5B:5B:95:94:0F:46:71:C6:15:1F:26:2C:5A:DB:C6:D5:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5D5D03753FF80CDA5B96FC4548DC2E42DFF30C1B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f3fbd71-85b4-48a7-8479-e942c9578262.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:5d:03:75:3f:f8:0c:da:5b:96:fc:45:48:dc:2e:42:df:f3:0c:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=688c9005d39d4864b12e81fa28f598005f9b513099d165e678227a06c9dadbab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:07:ed:c4:c4:6b:d5:43:47:f1:b1:40:01:c9:
eb:6e:97:77:97:82:2e:92:a6:1d:13:1c:c1:44:5b:
62:c2:9e:7b:d4:b8:8b:38:f2:85:fa:b0:d8:14:ac:
cc:e5:cb:88:03:bf:99:76:7f:59:f3:29:ae:62:95:
4b:4c:36:78:09:ee:72:9e:f8:de:d6:d7:7e:e5:a3:
63:28:73:fa:18:14:b4:6f:e8:62:61:f7:d6:ac:ec:
19:de:a2:c0:74:60:1c:a6:e9:b2:1b:fa:9e:40:3e:
f7:6d:ac:bb:54:3c:00:80:01:c9:17:8c:02:82:5e:
53:66:a6:06:3d:e0:93:26:b5:ee:cf:3a:45:ba:c9:
98:da:64:04:24:f2:0e:f2:9d:c6:07:c0:6a:9c:78:
7b:80:99:54:24:e4:47:35:37:8c:05:7c:87:48:fe:
a9:26:b6:7f:12:30:02:fc:8c:ff:8e:95:49:cc:81:
e5:bd:7b:0d:fd:2d:82:3e:38:c5:f1:ab:dc:bd:8c:
08:f2:b2:f1:82:96:be:5d:97:d7:42:fe:d8:ba:99:
d7:05:0b:ec:87:33:c5:24:ac:16:49:99:05:b7:6c:
dc:de:59:77:a1:c4:e5:bb:40:68:8b:49:e0:4e:6d:
6e:ef:de:8a:08:fb:90:95:72:4c:1a:e7:59:a9:01:
89:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E2:D8:5B:5B:95:94:0F:46:71:C6:15:1F:26:2C:5A:DB:C6:D5:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f3fbd71-85b4-48a7-8479-e942c9578262.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:1000::/40
Signature Algorithm: sha256WithRSAEncryption
06:03:aa:8e:32:5e:30:b0:c2:65:d1:d7:1f:fd:79:8c:a8:5c:
38:79:06:f6:8b:c9:eb:94:6a:d0:7a:0b:a3:50:88:52:08:7f:
c3:8f:d0:15:cb:a2:6c:cc:63:2e:58:50:d8:74:2a:80:f2:aa:
e0:ea:54:4e:5a:74:fb:2f:80:a8:1f:19:a4:a8:1b:5c:cf:76:
52:1a:44:75:80:9a:d5:67:3a:30:ff:b7:15:8f:dc:91:b3:6d:
3f:78:b2:d3:b4:da:61:e0:67:6c:cf:b0:34:c3:74:0b:7a:6d:
9c:50:74:68:3b:17:93:f1:14:00:90:8a:77:0c:b5:89:30:6f:
3a:ab:0e:6d:d0:60:76:78:ea:d5:5c:3e:e0:82:e4:03:96:e2:
2b:66:9e:b0:23:13:68:9e:0d:15:2f:13:4c:e2:fd:b2:74:d1:
ff:5f:a0:8d:0c:df:c6:94:fa:85:9f:62:c1:b4:bf:11:26:ff:
2f:0f:95:fe:24:e8:b0:81:ef:b6:65:ea:8c:f5:35:8d:1d:6d:
96:0e:d9:36:fe:b6:c0:79:28:8b:50:43:2b:c1:4f:a0:d0:3a:
b3:0c:0d:36:f1:df:95:84:8e:27:a4:87:a9:1c:b0:29:c3:b4:
01:01:57:5c:e1:f7:e6:01:7c:ee:0f:4b:9b:63:af:c8:c3:62:
aa:ba:f6:69
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXV0DdT/4DNpblvxFSNwuQt/zDBswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4OGM5MDA1ZDM5ZDQ4NjRiMTJlODFmYTI4ZjU5ODAwNWY5YjUxMzA5OWQx
NjVlNjc4MjI3YTA2YzlkYWRiYWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPQH7cTEa9VDR/GxQAHJ626Xd5eCLpKmHRMcwURbYsKee9S4izjyhfqw2BSs
zOXLiAO/mXZ/WfMprmKVS0w2eAnucp743tbXfuWjYyhz+hgUtG/oYmH31qzsGd6i
wHRgHKbpshv6nkA+922su1Q8AIAByReMAoJeU2amBj3gkya17s86RbrJmNpkBCTy
DvKdxgfAapx4e4CZVCTkRzU3jAV8h0j+qSa2fxIwAvyM/46VScyB5b17Df0tgj44
xfGr3L2MCPKy8YKWvl2X10L+2LqZ1wUL7IczxSSsFkmZBbds3N5Zd6HE5btAaItJ
4E5tbu/eigj7kJVyTBrnWakBiScCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR24thb
W5WUD0ZxxhUfJixa28bVaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGYzZmJkNzEtODViNC00OGE3LTg0NzktZTk0MmM5NTc4MjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HEQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAGA6qOMl4wsMJl0dcf/XmMqFw4eQb2i8nrlGrQ
egujUIhSCH/Dj9AVy6JszGMuWFDYdCqA8qrg6lROWnT7L4CoHxmkqBtcz3ZSGkR1
gJrVZzow/7cVj9yRs20/eLLTtNph4Gdsz7A0w3QLem2cUHRoOxeT8RQAkIp3DLWJ
MG86qw5t0GB2eOrVXD7gguQDluIrZp6wIxNong0VLxNM4v2ydNH/X6CNDN/GlPqF
n2LBtL8RJv8vD5X+JOiwge+2ZeqM9TWNHW2WDtk2/rbAeSiLUEMrwU+g0DqzDA02
8d+VhI4npIepHLApw7QBAVdc4ffmAXzuD0ubY6/Iw2KquvZp
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org