Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f563251-1efa-4b6d-afe9-3e7f014bbba1.roa
File: 0f563251-1efa-4b6d-afe9-3e7f014bbba1.roa (raw, json)
Hash identifier: tzYW8fVIT6BYfGb49mJfJmTS/6Hd03CafYHaSiIqm4A=
Subject key identifier: 79:37:F1:F6:E2:1F:B2:44:CF:56:9C:9F:84:2C:93:C9:47:C7:63:CC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68818E1CF4FC8DBD99691D551AC853C809149C1F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f563251-1efa-4b6d-afe9-3e7f014bbba1.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:81:8e:1c:f4:fc:8d:bd:99:69:1d:55:1a:c8:53:c8:09:14:9c:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=09810c3e6231127949e404383a3a158b069c3911247b2818b49c80d7252db3d0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:09:63:f0:ba:42:76:28:a5:2b:ca:63:8c:e0:
28:ea:b1:01:62:27:3d:33:07:8d:6a:a6:da:f4:90:
9f:46:8a:a6:9b:1c:7c:4d:cf:eb:f1:97:eb:e7:18:
fb:d0:7f:a2:2e:47:8b:37:a1:16:91:1a:e3:8b:75:
c3:06:da:5a:41:25:89:70:29:e2:3f:1a:2a:39:41:
b6:9e:44:d4:e6:82:f1:a9:51:a8:b4:d1:ba:e6:c0:
cb:88:03:57:83:0b:86:24:1f:4a:bd:a6:a1:bf:7a:
bc:79:24:1e:8c:ac:e2:ea:3a:ba:cb:08:6f:f4:ab:
c2:02:b8:47:04:18:e2:95:7a:27:ab:ec:97:5e:f7:
d9:de:6e:7c:76:83:e2:97:d3:7b:05:cc:22:90:66:
f1:f6:ef:f8:14:8e:99:e8:08:87:02:82:8a:e0:f4:
aa:2d:71:10:1b:16:13:df:27:94:e6:91:e0:80:60:
d8:4f:9b:98:92:99:f7:d7:54:7a:ce:64:0a:ea:4d:
72:4a:5b:83:84:9c:2c:57:12:bc:19:3b:1f:b3:b9:
81:57:1f:ea:11:22:a7:15:cf:3e:98:1a:29:7b:9e:
b6:ee:8b:df:e6:f5:da:31:c6:8f:02:e3:9c:f0:c9:
2b:bf:f4:76:9e:e2:5d:e2:23:03:b2:3e:33:41:2b:
2e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:37:F1:F6:E2:1F:B2:44:CF:56:9C:9F:84:2C:93:C9:47:C7:63:CC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f563251-1efa-4b6d-afe9-3e7f014bbba1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6000::/40
Signature Algorithm: sha256WithRSAEncryption
68:47:a4:93:e8:0c:11:25:e5:cf:c1:f6:0c:a4:fe:49:98:37:
1d:8e:8c:4a:15:97:f7:ff:48:03:6f:f7:92:37:24:fb:2c:ef:
09:83:ff:4c:45:69:ce:76:3f:bb:4a:06:9e:68:76:50:4a:64:
41:c6:42:59:da:20:dc:cb:82:0d:a4:0e:16:75:c7:78:fd:87:
7f:2b:d0:07:0f:48:4e:a4:c2:87:33:1b:9b:f5:b8:50:3a:b7:
e0:01:c6:95:f8:44:4b:c5:c9:bc:1d:3c:a9:3a:d5:5c:05:4b:
38:1a:d8:56:cc:23:34:32:5f:21:50:c8:d6:c5:a3:64:91:b0:
bd:48:fe:17:a1:b4:7d:5f:5c:ea:ac:86:d4:92:3e:f8:61:8c:
08:23:c7:19:9b:bc:d8:71:a9:a1:08:24:2b:8e:10:fe:7a:2d:
f3:59:55:a1:79:d5:c1:db:13:f5:43:26:f8:6d:e5:eb:01:1e:
8b:31:e1:9f:ae:b2:79:9f:76:3c:12:70:7f:7b:23:a9:88:5e:
9f:79:6a:3a:1d:00:e6:52:84:52:30:1a:b9:24:5a:8a:76:f4:
c7:1f:ba:6b:94:f3:92:08:ad:33:5a:3a:87:07:74:a0:7d:3d:
1d:51:ef:05:30:2a:f5:29:2f:b4:4a:9a:f7:e3:4a:82:79:bd:
24:af:26:84
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaIGOHPT8jb2ZaR1VGshTyAkUnB8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5ODEwYzNlNjIzMTEyNzk0OWU0MDQzODNhM2ExNThiMDY5YzM5MTEyNDdi
MjgxOGI0OWM4MGQ3MjUyZGIzZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKwJY/C6QnYopSvKY4zgKOqxAWInPTMHjWqm2vSQn0aKppscfE3P6/GX6+cY
+9B/oi5HizehFpEa44t1wwbaWkEliXAp4j8aKjlBtp5E1OaC8alRqLTRuubAy4gD
V4MLhiQfSr2mob96vHkkHoys4uo6ussIb/SrwgK4RwQY4pV6J6vsl1732d5ufHaD
4pfTewXMIpBm8fbv+BSOmegIhwKCiuD0qi1xEBsWE98nlOaR4IBg2E+bmJKZ99dU
es5kCupNckpbg4ScLFcSvBk7H7O5gVcf6hEipxXPPpgaKXuetu6L3+b12jHGjwLj
nPDJK7/0dp7iXeIjA7I+M0ErLpcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR5N/H2
4h+yRM9WnJ+ELJPJR8djzDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGY1NjMyNTEtMWVmYS00YjZkLWFmZTktM2U3ZjAxNGJiYmExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJg
MA0GCSqGSIb3DQEBCwUAA4IBAQBoR6ST6AwRJeXPwfYMpP5JmDcdjoxKFZf3/0gD
b/eSNyT7LO8Jg/9MRWnOdj+7SgaeaHZQSmRBxkJZ2iDcy4INpA4Wdcd4/Yd/K9AH
D0hOpMKHMxub9bhQOrfgAcaV+ERLxcm8HTypOtVcBUs4GthWzCM0Ml8hUMjWxaNk
kbC9SP4XobR9X1zqrIbUkj74YYwII8cZm7zYcamhCCQrjhD+ei3zWVWhedXB2xP1
Qyb4beXrAR6LMeGfrrJ5n3Y8EnB/eyOpiF6feWo6HQDmUoRSMBq5JFqKdvTHH7pr
lPOSCK0zWjqHB3SgfT0dUe8FMCr1KS+0Spr340qCeb0kryaE
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:29 2023 by rpki-client on console-fra.rpki-client.org