Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa
File: 1d9a8425-e89b-4598-a680-84c5b341edfd.roa (raw, json)
Hash identifier: vvxgekOsmZMVUBjD5ZyRh5c4X0Yc4qsdnOhsXvAueaI=
Subject key identifier: B1:E3:D3:D2:A7:39:83:95:4E:15:CD:6F:96:80:18:76:12:1B:51:52
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 334836B6376F973AA23B6513915EB4C948231598
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:48:36:b6:37:6f:97:3a:a2:3b:65:13:91:5e:b4:c9:48:23:15:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=72349d91bcfe1d3c3d2b35027abc128d79eae9b63eec1d6eb873a6d5def1e2b9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5e:ed:8d:0c:a2:28:cd:1e:06:d5:bc:50:c3:
ed:2c:ee:25:95:d2:37:97:44:f8:6f:91:db:76:c0:
fc:69:50:d6:e3:09:75:18:ab:79:c3:39:6c:f2:af:
5a:3d:d4:2c:53:a3:0f:12:5f:c1:ad:25:19:f7:9c:
44:1e:91:82:5a:21:95:41:80:26:fd:cf:d4:38:2e:
91:ac:80:ab:8b:ab:7b:98:29:90:41:f5:25:b2:a8:
ef:74:1d:9a:25:e5:cd:81:c4:d8:28:16:7f:b2:2c:
a0:cc:69:7c:78:1d:6e:07:56:22:d3:f3:4f:fa:a1:
3e:41:92:60:56:5c:43:70:8a:ba:5c:72:7c:75:a6:
88:d8:99:9e:48:69:7a:2c:7a:65:d7:5a:7a:0a:76:
81:fa:2f:6c:47:7e:b8:df:81:87:4e:0a:be:fc:5f:
da:a4:10:9b:f6:80:58:f0:fb:aa:47:b9:0f:ff:8d:
b8:5e:38:ad:87:0e:3d:65:1c:c1:66:da:db:3a:00:
e3:a3:e0:30:f3:28:ff:b6:3d:53:e5:92:99:2f:af:
19:df:ed:06:a6:a7:38:74:77:6a:26:cb:bb:af:55:
50:f3:59:de:45:7f:1c:2f:59:23:fc:f1:5e:7b:87:
a0:45:87:b1:dd:64:bb:f1:1f:9c:56:0f:d2:18:97:
01:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:E3:D3:D2:A7:39:83:95:4E:15:CD:6F:96:80:18:76:12:1B:51:52
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:2000::/40
Signature Algorithm: sha256WithRSAEncryption
30:48:e5:62:c4:33:d2:5f:4a:36:ef:bf:7e:cf:76:42:e1:36:
81:0e:ca:90:58:14:a6:31:04:16:f8:0a:70:46:cb:19:e0:29:
72:a9:d0:ce:ca:f3:f6:d6:e4:ca:ae:23:ed:e4:1a:5a:e9:cc:
6b:21:ee:fe:bc:32:60:01:6b:bf:66:f6:7c:4d:66:fe:5b:c8:
93:d2:85:1c:3d:41:2f:bc:75:14:fc:80:84:98:da:fd:d9:bf:
71:cc:62:4a:4e:9b:b2:9a:96:f7:84:4f:6a:16:90:15:5d:74:
42:90:ae:7d:5a:1d:6c:92:1a:d7:93:1d:85:82:07:e5:04:83:
09:68:9a:81:05:d2:f2:5d:91:b5:40:2d:43:98:69:bc:f9:53:
de:15:be:6e:a9:7c:bb:b1:19:b9:a8:ae:9e:21:b1:53:09:c8:
e6:9e:74:26:88:3a:89:61:76:a8:6b:75:07:b8:dd:b2:5d:65:
89:e5:9d:50:b6:e9:cc:eb:e8:32:c8:e3:10:6a:5a:25:c4:71:
0f:7e:2c:34:c1:34:6f:7e:22:c7:43:72:38:33:bd:7e:6b:4c:
64:2d:5b:05:e7:88:f9:06:73:be:6e:1b:f4:77:f9:ed:77:aa:
a3:87:35:1f:72:83:b8:95:b4:40:21:46:32:b8:37:03:69:fd:
03:20:6b:6a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUM0g2tjdvlzqiO2UTkV60yUgjFZgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyMzQ5ZDkxYmNmZTFkM2MzZDJiMzUwMjdhYmMxMjhkNzllYWU5YjYzZWVj
MWQ2ZWI4NzNhNmQ1ZGVmMWUyYjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ5e7Y0MoijNHgbVvFDD7SzuJZXSN5dE+G+R23bA/GlQ1uMJdRirecM5bPKv
Wj3ULFOjDxJfwa0lGfecRB6RglohlUGAJv3P1DgukayAq4ure5gpkEH1JbKo73Qd
miXlzYHE2CgWf7IsoMxpfHgdbgdWItPzT/qhPkGSYFZcQ3CKulxyfHWmiNiZnkhp
eix6Zddaegp2gfovbEd+uN+Bh04Kvvxf2qQQm/aAWPD7qke5D/+NuF44rYcOPWUc
wWba2zoA46PgMPMo/7Y9U+WSmS+vGd/tBqanOHR3aibLu69VUPNZ3kV/HC9ZI/zx
XnuHoEWHsd1ku/EfnFYP0hiXAWcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSx49PS
pzmDlU4VzW+WgBh2EhtRUjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWQ5YTg0MjUtZTg5Yi00NTk4LWE2ODAtODRjNWIzNDFlZGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FAg
MA0GCSqGSIb3DQEBCwUAA4IBAQAwSOVixDPSX0o2779+z3ZC4TaBDsqQWBSmMQQW
+ApwRssZ4ClyqdDOyvP21uTKriPt5Bpa6cxrIe7+vDJgAWu/ZvZ8TWb+W8iT0oUc
PUEvvHUU/ICEmNr92b9xzGJKTpuympb3hE9qFpAVXXRCkK59Wh1skhrXkx2Fggfl
BIMJaJqBBdLyXZG1QC1DmGm8+VPeFb5uqXy7sRm5qK6eIbFTCcjmnnQmiDqJYXao
a3UHuN2yXWWJ5Z1QtunM6+gyyOMQalolxHEPfiw0wTRvfiLHQ3I4M71+a0xkLVsF
54j5BnO+bhv0d/ntd6qjhzUfcoO4lbRAIUYyuDcDaf0DIGtq
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:29 2023 by rpki-client on console-fra.rpki-client.org