Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
File: 21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa (raw, json)
Hash identifier: sLRZHbhXD8O66+siWvJCv5oJYjdpypBl3WB2uWWtPc0=
Subject key identifier: 28:97:2D:4A:D1:05:B5:D3:BF:76:AA:CC:F9:51:80:A7:42:CF:84:4F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F4ECD9990F9D546AA65C3935FFCB221DA459B30
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:4e:cd:99:90:f9:d5:46:aa:65:c3:93:5f:fc:b2:21:da:45:9b:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=ce4722163e58cad916506a11fbf8aa03cffa1db9196d1be272fe0d4481c82046, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e4:00:6f:58:4d:03:3b:d6:5b:1d:fb:03:67:
ae:b8:a1:c5:6c:7f:02:07:8b:f4:01:7e:23:5e:50:
f2:64:b1:37:77:72:ca:ee:9c:bd:c7:93:ba:bf:b2:
2c:7b:69:e5:52:c9:08:ae:1b:1f:66:14:c4:b9:2a:
19:17:a6:be:84:00:98:93:2c:dc:1a:ec:af:bc:d0:
ce:3e:25:01:24:9d:5b:54:99:19:95:1e:e0:88:38:
12:34:a4:09:ed:07:9b:27:e3:24:49:53:b8:64:9a:
59:a0:57:e4:06:8c:17:71:48:bd:fa:61:a9:c0:95:
13:21:41:b1:5e:b5:c2:26:84:4e:58:c6:f6:10:87:
e3:a3:71:53:5b:4c:a0:b3:f4:f7:4a:b1:68:8f:4a:
8e:ae:d5:a6:02:63:6e:e4:a9:99:6e:47:3d:a9:cb:
44:89:a3:40:86:e2:67:a1:86:60:d7:93:73:ab:ba:
29:fc:b3:71:49:81:bb:34:53:cb:74:c2:b6:ec:d6:
80:1b:cb:63:af:5d:15:1a:c4:ce:e0:74:4d:da:f6:
7f:7a:3b:a4:bc:07:be:ef:d3:43:b0:00:5a:d1:f1:
87:82:d5:9c:15:92:c6:45:5f:a6:8a:80:7d:ec:94:
ab:22:e6:58:d3:a5:31:d4:63:65:5a:f0:71:94:9c:
bd:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:97:2D:4A:D1:05:B5:D3:BF:76:AA:CC:F9:51:80:A7:42:CF:84:4F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:4000::/40
Signature Algorithm: sha256WithRSAEncryption
94:00:81:ec:c3:22:c3:68:25:14:ea:31:a4:d9:b8:37:32:49:
48:51:18:9c:63:7a:3e:02:63:b6:ba:0e:7a:9e:01:5c:30:78:
12:1c:06:26:43:6f:a5:1e:1c:21:36:e7:fb:d2:b8:84:bb:11:
4c:74:62:0b:14:cd:7b:b4:28:e4:71:a2:c3:b3:91:71:01:c8:
60:be:ff:67:ca:9d:66:ec:1e:c1:4f:63:98:51:a5:71:fa:dc:
74:16:70:7b:9c:4f:8c:c8:bc:26:76:10:a8:bb:d1:33:8a:04:
8b:08:3d:7e:39:cf:33:d8:39:1a:d5:2d:1d:ed:57:ff:d0:f4:
cc:61:ce:ed:e2:bf:d1:b0:ba:d6:36:f3:04:a1:83:f4:d0:50:
34:5f:0e:f6:77:a0:4f:11:90:e0:5a:55:f5:98:04:41:44:d5:
26:d7:9d:51:c7:e2:0e:c5:3f:f2:27:99:4a:ae:d6:07:52:0c:
da:1c:fc:ad:09:b0:cf:69:38:1d:54:c0:53:7e:00:f2:4d:84:
76:b5:bc:cf:2c:0b:77:88:f7:d2:b7:0f:ff:ff:7f:7b:a5:81:
9b:14:9e:a0:d8:56:81:1d:ee:e4:7e:fb:86:14:da:5d:9d:f6:
78:24:bb:c0:8f:a1:82:af:81:36:73:40:98:74:b9:cc:eb:c7:
a0:da:af:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUT07NmZD51UaqZcOTX/yyIdpFmzAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlNDcyMjE2M2U1OGNhZDkxNjUwNmExMWZiZjhhYTAzY2ZmYTFkYjkxOTZk
MWJlMjcyZmUwZDQ0ODFjODIwNDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKLkAG9YTQM71lsd+wNnrrihxWx/AgeL9AF+I15Q8mSxN3dyyu6cvceTur+y
LHtp5VLJCK4bH2YUxLkqGRemvoQAmJMs3Brsr7zQzj4lASSdW1SZGZUe4Ig4EjSk
Ce0HmyfjJElTuGSaWaBX5AaMF3FIvfphqcCVEyFBsV61wiaETljG9hCH46NxU1tM
oLP090qxaI9Kjq7VpgJjbuSpmW5HPanLRImjQIbiZ6GGYNeTc6u6KfyzcUmBuzRT
y3TCtuzWgBvLY69dFRrEzuB0Tdr2f3o7pLwHvu/TQ7AAWtHxh4LVnBWSxkVfpoqA
feyUqyLmWNOlMdRjZVrwcZScvZUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQoly1K
0QW10792qsz5UYCnQs+ETzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjFlMmY1YzgtZTAxMi00NGQwLWE2ZjItYzRhMDY1YjNiOTU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRA
MA0GCSqGSIb3DQEBCwUAA4IBAQCUAIHswyLDaCUU6jGk2bg3MklIURicY3o+AmO2
ug56ngFcMHgSHAYmQ2+lHhwhNuf70riEuxFMdGILFM17tCjkcaLDs5FxAchgvv9n
yp1m7B7BT2OYUaVx+tx0FnB7nE+MyLwmdhCou9EzigSLCD1+Oc8z2Dka1S0d7Vf/
0PTMYc7t4r/RsLrWNvMEoYP00FA0Xw72d6BPEZDgWlX1mARBRNUm151Rx+IOxT/y
J5lKrtYHUgzaHPytCbDPaTgdVMBTfgDyTYR2tbzPLAt3iPfStw///397pYGbFJ6g
2FaBHe7kfvuGFNpdnfZ4JLvAj6GCr4E2c0CYdLnM68eg2q/6
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org