Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1b5e6f71-4060-48b0-9837-ac3b3d259906.roa
File: 1b5e6f71-4060-48b0-9837-ac3b3d259906.roa (raw, json)
Hash identifier: G15SVfRKOO3xV6NdNySmaVdSimmCwNuLlCdAvJI7XjU=
Subject key identifier: DC:AF:0D:E0:4C:E4:40:F3:38:D4:E8:16:43:53:84:2D:3B:4A:11:9B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 15197282C1E1C2FEFF7E03CCBDBBE00226614D2D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1b5e6f71-4060-48b0-9837-ac3b3d259906.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:19:72:82:c1:e1:c2:fe:ff:7e:03:cc:bd:bb:e0:02:26:61:4d:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=24188e54f6edc184975112045ed62f29ba84cae1436767e802a04e596d77cfb9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9f:e5:b3:2e:53:08:96:b5:9c:8b:b9:e9:4b:
9e:3b:96:3c:13:a4:59:5b:54:85:f5:3d:82:a9:88:
30:7a:87:32:18:43:4f:a8:54:81:2d:00:ec:bc:80:
c4:0f:56:a8:60:e6:f2:f8:ec:0b:e2:3a:d3:60:cf:
db:a0:90:f9:12:3f:33:cd:52:02:3b:e9:a2:4a:bc:
2e:21:d5:e2:86:36:be:fd:71:bf:fd:b1:37:5a:f3:
8d:7a:1f:e1:97:86:c7:e6:27:59:91:72:62:61:0c:
a0:df:ad:23:07:c6:2c:05:dd:c8:59:2a:2a:ca:7d:
10:e0:87:fa:cb:cb:c5:d8:e1:fe:81:89:8c:7e:39:
27:fa:9e:f8:f4:83:d4:a4:ab:f0:dd:9a:c0:19:f7:
fb:58:a6:93:93:4d:de:66:0a:01:a1:55:5c:14:ee:
18:4c:d5:23:cb:41:9e:c9:a9:27:67:81:7c:7c:fe:
f0:38:eb:19:bc:8f:10:76:42:7b:af:e1:d1:b1:05:
1a:a0:68:da:75:0f:c7:53:24:63:60:88:dd:6a:ff:
1b:66:34:84:d4:4b:dc:8d:95:db:8f:80:89:9e:7f:
02:5f:75:20:46:48:1a:0f:ce:be:dc:38:c5:bb:86:
e5:85:a5:0a:eb:f1:b6:e6:cf:1c:ce:14:57:b6:5b:
88:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:AF:0D:E0:4C:E4:40:F3:38:D4:E8:16:43:53:84:2D:3B:4A:11:9B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1b5e6f71-4060-48b0-9837-ac3b3d259906.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:4c:12:b3:ff:c9:a7:85:ad:1f:14:99:4e:1e:84:3b:d0:ad:
58:f1:9d:45:9f:46:46:78:ee:d3:54:8c:d4:3c:60:e2:af:a7:
8e:d8:3d:85:20:ee:58:af:58:1d:b1:e8:ba:1d:a9:54:75:99:
1c:b1:d8:2d:a2:b7:24:ab:f7:03:48:de:57:0c:9b:24:1e:b0:
99:d2:cd:2b:11:c0:60:3a:55:6f:66:90:30:b4:2e:65:0c:dd:
6f:5d:44:c5:35:d3:df:04:c5:8e:5f:f9:c6:35:58:c9:ed:3a:
0c:b8:ab:30:9c:15:ab:c3:99:c1:20:39:ee:8a:47:7a:c0:c7:
6e:df:c0:db:95:e6:17:74:98:cd:25:4c:bb:14:09:02:1b:76:
26:a8:37:d8:d5:ab:5a:0c:dc:ad:fe:04:80:53:e6:05:a3:c2:
c3:f9:2a:53:ac:77:d2:03:be:3f:e5:6a:58:63:6d:3e:67:9b:
2a:aa:9b:04:0f:a6:73:99:c7:7d:6b:3b:89:1f:8a:52:57:d2:
b6:cd:36:a6:0c:9a:31:2c:2c:ad:b7:b8:d5:a3:51:e3:00:e7:
e7:1e:06:c2:6c:0b:5b:bf:d1:72:fc:51:d0:32:50:8f:f7:6b:
4a:92:91:76:84:56:ee:99:b9:85:99:d1:d7:52:64:e1:5f:4f:
db:98:28:80
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFRlygsHhwv7/fgPMvbvgAiZhTS0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0MTg4ZTU0ZjZlZGMxODQ5NzUxMTIwNDVlZDYyZjI5YmE4NGNhZTE0MzY3
NjdlODAyYTA0ZTU5NmQ3N2NmYjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqf5bMuUwiWtZyLuelLnjuWPBOkWVtUhfU9gqmIMHqHMhhDT6hUgS0A7LyA
xA9WqGDm8vjsC+I602DP26CQ+RI/M81SAjvpokq8LiHV4oY2vv1xv/2xN1rzjXof
4ZeGx+YnWZFyYmEMoN+tIwfGLAXdyFkqKsp9EOCH+svLxdjh/oGJjH45J/qe+PSD
1KSr8N2awBn3+1imk5NN3mYKAaFVXBTuGEzVI8tBnsmpJ2eBfHz+8DjrGbyPEHZC
e6/h0bEFGqBo2nUPx1MkY2CI3Wr/G2Y0hNRL3I2V24+AiZ5/Al91IEZIGg/Ovtw4
xbuG5YWlCuvxtubPHM4UV7ZbiIMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTcrw3g
TORA8zjU6BZDU4QtO0oRmzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWI1ZTZmNzEtNDA2MC00OGIwLTk4MzctYWMzYjNkMjU5OTA2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HIg
MA0GCSqGSIb3DQEBCwUAA4IBAQDBTBKz/8mnha0fFJlOHoQ70K1Y8Z1Fn0ZGeO7T
VIzUPGDir6eO2D2FIO5Yr1gdsei6HalUdZkcsdgtorckq/cDSN5XDJskHrCZ0s0r
EcBgOlVvZpAwtC5lDN1vXUTFNdPfBMWOX/nGNVjJ7ToMuKswnBWrw5nBIDnuikd6
wMdu38DbleYXdJjNJUy7FAkCG3YmqDfY1ataDNyt/gSAU+YFo8LD+SpTrHfSA74/
5WpYY20+Z5sqqpsED6Zzmcd9azuJH4pSV9K2zTamDJoxLCytt7jVo1HjAOfnHgbC
bAtbv9Fy/FHQMlCP92tKkpF2hFbumbmFmdHXUmThX0/bmCiA
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:26 2023 by rpki-client on console-ams.rpki-client.org