Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2030a8d8-88f9-4725-9c63-e7aaa9e49e8a.roa
File: 2030a8d8-88f9-4725-9c63-e7aaa9e49e8a.roa (raw, json)
Hash identifier: 3d+NTzTHSPXH9Ai6DOjvkDPW0SWrgzUMwZbJ0MPdqq4=
Subject key identifier: B8:57:A7:68:8F:CC:0E:A8:45:95:BE:3B:CC:8C:72:19:F2:F7:86:9B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1ED03CF5974305E5320D47B478BF0B8C4A4EFD54
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2030a8d8-88f9-4725-9c63-e7aaa9e49e8a.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:d0:3c:f5:97:43:05:e5:32:0d:47:b4:78:bf:0b:8c:4a:4e:fd:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=d2863bc88044d4c45f583057f04ad7aa994ff2b12867a07b382f264b264afb37, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3f:d1:41:2d:52:f8:b0:67:f8:c8:27:f7:18:
b1:6e:40:4e:d2:99:39:89:dd:8f:c4:b8:3d:1d:2b:
24:72:cb:55:32:f9:55:7b:c9:74:fe:6a:01:f2:4c:
80:74:8a:45:4f:83:5e:d6:ad:c8:04:b8:dd:b4:f4:
6b:1c:62:c8:f8:dd:fd:79:8e:b0:81:af:79:9c:4e:
5c:a0:64:dd:f4:03:f9:f6:b6:08:3c:f5:8d:93:dc:
d9:f5:b8:95:96:c1:85:69:25:9f:0c:eb:42:9f:eb:
8e:1e:d7:c7:c4:49:a7:9b:60:ba:a6:87:9c:cc:74:
06:68:7e:05:bc:8d:82:3f:c3:e2:73:ab:7b:e7:82:
c2:7c:b1:e9:5b:91:58:0a:c0:c8:a7:93:d2:f1:85:
70:0f:d7:64:61:3b:0d:fc:e3:c3:7c:ee:8f:d8:18:
e5:13:1d:4c:b5:67:d1:4f:03:db:ea:f1:51:1d:2c:
f3:af:78:a5:9e:14:4e:ff:b4:6b:e9:9b:33:26:c2:
b1:8b:d5:07:e8:e0:d8:05:5f:c8:a9:cb:17:e9:05:
71:8b:2d:da:a2:82:89:7d:9c:cb:2a:45:f8:4d:69:
15:ea:5a:0f:81:32:56:f1:ef:38:b9:5d:dd:2a:b4:
2c:66:ef:c2:34:8b:e3:bc:b9:e4:f7:60:cb:68:f3:
e2:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:57:A7:68:8F:CC:0E:A8:45:95:BE:3B:CC:8C:72:19:F2:F7:86:9B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2030a8d8-88f9-4725-9c63-e7aaa9e49e8a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:6000::/40
Signature Algorithm: sha256WithRSAEncryption
8f:5c:07:5a:6d:23:ab:7d:52:60:e9:6a:96:4e:b1:01:e6:7c:
29:fd:49:ef:32:8c:4b:dd:ce:82:75:c1:78:2b:e0:28:24:98:
0b:20:17:9f:12:00:3a:db:ab:b8:d7:96:8f:02:6a:96:8d:3b:
6f:63:b3:7c:39:90:e6:b1:d3:70:9e:29:84:c0:30:a9:36:2e:
dc:99:e7:73:61:c4:9c:a9:29:e6:0c:8a:9e:52:6c:d2:bd:5c:
38:fb:39:63:cd:f9:66:4b:98:a9:97:ac:ef:27:36:59:00:c9:
3a:ee:de:38:6d:65:d1:04:f6:e0:5b:d9:e4:83:d7:a6:5e:2a:
fc:8b:12:bd:67:ca:c1:43:b3:4b:0b:22:0d:43:62:c2:3a:aa:
16:97:6b:05:a1:31:f1:08:64:2c:be:be:98:22:e3:48:52:1d:
83:de:18:27:0e:91:81:b3:12:98:f1:3f:11:12:bb:40:65:54:
99:c5:3d:33:e2:f5:d3:b8:11:59:28:3e:f0:33:bc:49:3c:c4:
b0:d1:3c:1e:10:25:ed:f7:a4:34:11:ea:ba:9e:33:37:e4:b7:
a1:72:38:e9:61:bb:24:80:5c:23:9c:ba:bd:57:29:76:14:d3:
41:ff:21:23:0c:f5:10:e5:d2:61:6b:f9:dc:99:61:3f:67:46:
a0:9d:06:c5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHtA89ZdDBeUyDUe0eL8LjEpO/VQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyODYzYmM4ODA0NGQ0YzQ1ZjU4MzA1N2YwNGFkN2FhOTk0ZmYyYjEyODY3
YTA3YjM4MmYyNjRiMjY0YWZiMzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALc/0UEtUviwZ/jIJ/cYsW5ATtKZOYndj8S4PR0rJHLLVTL5VXvJdP5qAfJM
gHSKRU+DXtatyAS43bT0axxiyPjd/XmOsIGveZxOXKBk3fQD+fa2CDz1jZPc2fW4
lZbBhWklnwzrQp/rjh7Xx8RJp5tguqaHnMx0Bmh+BbyNgj/D4nOre+eCwnyx6VuR
WArAyKeT0vGFcA/XZGE7Dfzjw3zuj9gY5RMdTLVn0U8D2+rxUR0s8694pZ4UTv+0
a+mbMybCsYvVB+jg2AVfyKnLF+kFcYst2qKCiX2cyypF+E1pFepaD4EyVvHvOLld
3Sq0LGbvwjSL47y55Pdgy2jz4mMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS4V6do
j8wOqEWVvjvMjHIZ8veGmzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjAzMGE4ZDgtODhmOS00NzI1LTljNjMtZTdhYWE5ZTQ5ZThhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABg
MA0GCSqGSIb3DQEBCwUAA4IBAQCPXAdabSOrfVJg6WqWTrEB5nwp/UnvMoxL3c6C
dcF4K+AoJJgLIBefEgA626u415aPAmqWjTtvY7N8OZDmsdNwnimEwDCpNi7cmedz
YcScqSnmDIqeUmzSvVw4+zljzflmS5ipl6zvJzZZAMk67t44bWXRBPbgW9nkg9em
Xir8ixK9Z8rBQ7NLCyINQ2LCOqoWl2sFoTHxCGQsvr6YIuNIUh2D3hgnDpGBsxKY
8T8RErtAZVSZxT0z4vXTuBFZKD7wM7xJPMSw0TweECXt96Q0Eeq6njM35Lehcjjp
YbskgFwjnLq9Vyl2FNNB/yEjDPUQ5dJha/ncmWE/Z0agnQbF
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:29 2023 by rpki-client on console-fra.rpki-client.org