Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
File: 11f67075-d744-49be-809b-fca0d72c41e0.roa (raw, json)
Hash identifier: Jnwqhjc1/2nf4c11Xf+OQjy0sq/lrusLWMs2yBoTI90=
Subject key identifier: 5A:52:A1:64:EF:E2:78:8B:CB:C9:7E:47:ED:FF:4C:52:1C:3A:C8:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4947B00AD6C681E0167676595AB445FDC19AD4DD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:47:b0:0a:d6:c6:81:e0:16:76:76:59:5a:b4:45:fd:c1:9a:d4:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=ae8149d6ccd0c961a4a1958e1b6d2569c25f2f69e1ba665a88a746dc8076ab30, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:25:e4:08:1f:9d:f0:9b:6e:bd:e7:61:11:45:
e8:93:b7:82:6f:62:5d:5f:9c:4b:07:b6:88:e9:73:
6f:92:24:d2:ee:1e:92:0b:31:18:92:88:9d:df:95:
c4:4e:4a:8f:53:5d:25:23:7c:2f:65:f2:d0:12:3b:
f3:4d:e1:33:8c:5c:c2:72:7a:ed:d8:4a:31:41:ba:
20:e6:67:ea:09:e3:aa:02:92:d4:40:dd:8c:80:f9:
12:89:8f:fa:05:02:9d:bc:f7:35:bf:bb:82:55:7f:
16:1c:59:b3:6f:d9:33:d3:5d:1c:cf:48:c2:33:a8:
d6:09:d6:66:24:f5:c0:37:17:57:17:d4:ec:cd:5c:
da:6f:76:89:e0:73:34:af:d7:1c:30:9b:e9:ff:4c:
97:53:96:e6:36:15:27:46:44:63:94:6a:9a:c6:e5:
3c:86:f7:12:e5:c6:fb:fa:7d:89:7c:a4:a3:14:13:
a1:c5:b3:a0:cb:21:78:27:16:bc:de:5e:20:aa:74:
bc:b4:82:d9:83:ae:2f:33:51:c5:3b:00:77:91:34:
db:cf:0d:ee:99:0a:6f:64:37:80:46:30:07:60:b2:
0e:bf:4c:68:bd:56:fb:1f:02:eb:2b:d7:42:10:52:
22:2d:fd:fc:19:c3:15:a8:c5:31:17:ca:10:c1:a9:
9c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:52:A1:64:EF:E2:78:8B:CB:C9:7E:47:ED:FF:4C:52:1C:3A:C8:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:2000::/40
Signature Algorithm: sha256WithRSAEncryption
4f:c4:60:40:93:64:36:0b:71:a1:a7:0f:f4:af:7b:1b:c2:1a:
da:4f:66:d3:2a:89:5d:75:e5:3f:1e:74:df:73:78:26:1a:a1:
e6:c9:f0:06:c8:ef:9d:03:f4:00:c1:7d:32:f7:8e:b9:08:ec:
3c:b8:07:ec:11:6f:8a:2a:6d:31:85:7a:db:98:5d:52:cf:15:
23:ab:04:5f:64:68:f2:e8:6d:10:72:50:d8:fa:4a:57:e8:34:
40:24:44:55:92:66:0e:26:e7:49:3f:52:49:a8:22:97:81:56:
81:0f:67:f7:59:79:cf:79:b0:25:cc:5c:3e:a9:f0:38:e3:42:
8d:23:87:4c:bc:9b:3b:8c:81:92:26:a9:97:0a:b9:0d:64:22:
27:cd:8c:8c:f2:f2:b0:9a:53:06:17:8a:15:eb:cc:11:5c:71:
71:f4:5d:bb:71:d3:d0:6a:a0:b4:2c:a1:bc:07:58:d9:d7:2f:
d9:f4:ae:1d:ca:18:db:63:7a:d9:1e:fc:1d:46:40:1b:e4:42:
e5:13:5e:f3:70:6c:87:8d:ad:8f:b0:60:b7:be:87:a4:99:75:
22:88:5f:56:18:b9:ad:1c:d5:9e:09:5e:9a:55:3b:da:ca:6c:
93:de:c5:a2:68:98:cf:8f:0a:2a:1c:39:e3:22:0d:e6:d2:ef:
92:bb:a6:46
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSUewCtbGgeAWdnZZWrRF/cGa1N0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlODE0OWQ2Y2NkMGM5NjFhNGExOTU4ZTFiNmQyNTY5YzI1ZjJmNjllMWJh
NjY1YTg4YTc0NmRjODA3NmFiMzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANQl5AgfnfCbbr3nYRFF6JO3gm9iXV+cSwe2iOlzb5Ik0u4ekgsxGJKInd+V
xE5Kj1NdJSN8L2Xy0BI7803hM4xcwnJ67dhKMUG6IOZn6gnjqgKS1EDdjID5EomP
+gUCnbz3Nb+7glV/FhxZs2/ZM9NdHM9IwjOo1gnWZiT1wDcXVxfU7M1c2m92ieBz
NK/XHDCb6f9Ml1OW5jYVJ0ZEY5RqmsblPIb3EuXG+/p9iXykoxQTocWzoMsheCcW
vN5eIKp0vLSC2YOuLzNRxTsAd5E0288N7pkKb2Q3gEYwB2CyDr9MaL1W+x8C6yvX
QhBSIi39/BnDFajFMRfKEMGpnJkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRaUqFk
7+J4i8vJfkft/0xSHDrIMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTFmNjcwNzUtZDc0NC00OWJlLTgwOWItZmNhMGQ3MmM0MWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hgg
MA0GCSqGSIb3DQEBCwUAA4IBAQBPxGBAk2Q2C3Ghpw/0r3sbwhraT2bTKolddeU/
HnTfc3gmGqHmyfAGyO+dA/QAwX0y9465COw8uAfsEW+KKm0xhXrbmF1SzxUjqwRf
ZGjy6G0QclDY+kpX6DRAJERVkmYOJudJP1JJqCKXgVaBD2f3WXnPebAlzFw+qfA4
40KNI4dMvJs7jIGSJqmXCrkNZCInzYyM8vKwmlMGF4oV68wRXHFx9F27cdPQaqC0
LKG8B1jZ1y/Z9K4dyhjbY3rZHvwdRkAb5ELlE17zcGyHja2PsGC3voekmXUiiF9W
GLmtHNWeCV6aVTvaymyT3sWiaJjPjwoqHDnjIg3m0u+Su6ZG
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:29 2023 by rpki-client on console-fra.rpki-client.org