Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ef44119-0cae-4a43-ad5a-98103c19e39b.roa
File: 1ef44119-0cae-4a43-ad5a-98103c19e39b.roa (raw, json)
Hash identifier: ssKpLYkn9JxMVYqEXS0+d+Wt1GJ1HnFP2p9ItT97UKM=
Subject key identifier: 1F:85:1E:C3:52:EC:7F:9B:40:BD:22:C7:AC:C3:E0:31:56:A8:3C:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A1C1778AFD2A70241C42D8B6F352BA43D21D37E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ef44119-0cae-4a43-ad5a-98103c19e39b.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:1c:17:78:af:d2:a7:02:41:c4:2d:8b:6f:35:2b:a4:3d:21:d3:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=99f80d8dfa273aca2db600cfda07137ae66e1a2beac87ec4cee9812f393f9b18, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:88:82:dd:70:fe:26:76:76:e3:3c:cb:22:3c:
e0:db:58:8d:42:2b:97:92:90:0a:c0:bc:a3:e0:f1:
9f:67:a0:26:96:3d:74:37:7c:50:71:c9:6c:d1:f4:
f7:d8:c2:fd:d9:ca:64:c6:3e:9e:f6:8c:cd:14:df:
da:b9:97:01:49:3f:c7:cb:a8:8a:4c:be:af:4b:8a:
b4:2f:1a:8a:c5:4e:8e:af:17:65:1e:c1:ee:b7:67:
63:17:49:b5:56:6b:a1:04:44:71:2d:9a:30:ca:69:
71:6a:29:dc:85:63:64:23:41:9a:e5:ba:2f:47:a2:
2e:6d:b5:3b:d4:46:12:99:9e:fa:e9:52:80:6c:ee:
83:ae:8f:d3:ab:61:29:b8:e9:41:4a:cf:5a:39:0b:
95:c8:9d:61:3e:d0:55:ce:18:90:e5:9e:2a:7c:f3:
ee:6d:10:23:0d:89:a4:d6:ae:1d:d4:b3:60:15:58:
a8:d2:85:da:7b:75:bd:dd:a3:f7:d8:df:a8:b6:00:
a2:95:47:49:d9:3a:a9:33:f7:bf:73:53:cd:da:ff:
e8:a1:ca:86:8e:42:fa:3e:0c:06:f7:ca:cd:97:b3:
d2:fd:fa:78:99:17:c2:3a:ef:94:e6:a1:5a:2b:61:
df:2f:3e:b7:d5:41:05:84:53:82:62:55:f8:0f:81:
44:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:85:1E:C3:52:EC:7F:9B:40:BD:22:C7:AC:C3:E0:31:56:A8:3C:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ef44119-0cae-4a43-ad5a-98103c19e39b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:e000::/40
Signature Algorithm: sha256WithRSAEncryption
a6:93:f9:41:70:ef:33:01:46:c7:75:eb:c9:5c:fd:e6:04:f2:
5e:8b:96:4c:64:39:7a:ab:24:5b:9c:ff:d3:b3:90:6e:a0:c0:
49:c3:8a:46:2e:46:ac:44:f3:f6:f8:1e:33:f5:b9:f7:1b:f0:
06:17:ad:98:a4:f2:e5:61:2e:1f:5b:e8:b2:f2:f6:31:04:d6:
d3:19:3c:99:7a:f2:2c:19:19:f7:4b:4d:e6:c1:e9:76:a1:a6:
88:08:b7:72:ba:e6:e3:83:02:17:91:31:3b:ab:da:8f:1d:d1:
fa:fd:92:4e:1b:ee:af:49:af:be:26:79:03:a3:22:7e:31:84:
4e:e9:00:44:f3:c6:16:46:22:f0:e1:70:ec:af:42:a0:24:14:
64:a7:58:b3:85:2d:69:a4:80:44:d0:0d:0c:80:68:bb:84:7e:
c8:9e:06:8f:d2:28:b6:ab:f6:1b:cb:42:5f:28:19:66:bd:72:
bb:0c:01:fd:e9:fc:15:f2:81:3b:71:23:4c:6c:8f:3c:30:aa:
9e:77:74:02:46:31:48:b3:9a:23:15:8f:74:7a:c3:fd:72:db:
46:fc:a8:4b:73:9b:84:be:05:71:50:28:34:82:20:60:5b:9a:
12:6b:d6:9a:b4:ff:5d:d0:d9:78:a2:3d:9d:34:6b:19:dd:c0:
9b:9f:92:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUehwXeK/SpwJBxC2LbzUrpD0h034wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5ZjgwZDhkZmEyNzNhY2EyZGI2MDBjZmRhMDcxMzdhZTY2ZTFhMmJlYWM4
N2VjNGNlZTk4MTJmMzkzZjliMTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKaIgt1w/iZ2duM8yyI84NtYjUIrl5KQCsC8o+Dxn2egJpY9dDd8UHHJbNH0
99jC/dnKZMY+nvaMzRTf2rmXAUk/x8uoiky+r0uKtC8aisVOjq8XZR7B7rdnYxdJ
tVZroQREcS2aMMppcWop3IVjZCNBmuW6L0eiLm21O9RGEpme+ulSgGzug66P06th
KbjpQUrPWjkLlcidYT7QVc4YkOWeKnzz7m0QIw2JpNauHdSzYBVYqNKF2nt1vd2j
99jfqLYAopVHSdk6qTP3v3NTzdr/6KHKho5C+j4MBvfKzZez0v36eJkXwjrvlOah
With3y8+t9VBBYRTgmJV+A+BRK8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQfhR7D
Uux/m0C9Isesw+AxVqg8ZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWVmNDQxMTktMGNhZS00YTQzLWFkNWEtOTgxMDNjMTllMzliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HLg
MA0GCSqGSIb3DQEBCwUAA4IBAQCmk/lBcO8zAUbHdevJXP3mBPJei5ZMZDl6qyRb
nP/Ts5BuoMBJw4pGLkasRPP2+B4z9bn3G/AGF62YpPLlYS4fW+iy8vYxBNbTGTyZ
evIsGRn3S03mwel2oaaICLdyuubjgwIXkTE7q9qPHdH6/ZJOG+6vSa++JnkDoyJ+
MYRO6QBE88YWRiLw4XDsr0KgJBRkp1izhS1ppIBE0A0MgGi7hH7IngaP0ii2q/Yb
y0JfKBlmvXK7DAH96fwV8oE7cSNMbI88MKqed3QCRjFIs5ojFY90esP9cttG/KhL
c5uEvgVxUCg0giBgW5oSa9aatP9d0Nl4oj2dNGsZ3cCbn5ID
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:26 2023 by rpki-client on console-ams.rpki-client.org