Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/23bf04ce-3f25-4dfc-854b-7ab9fceb5046.roa
File: 23bf04ce-3f25-4dfc-854b-7ab9fceb5046.roa (raw, json)
Hash identifier: wfWVOsv1LPyCB1x6LVW94RSB2TFiSpZ4aH2aoeXi6K0=
Subject key identifier: 45:AA:57:D9:09:69:5E:1A:D8:3D:F6:9A:D6:23:5F:DA:A9:DA:6A:D3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C466F2815062D67AFF657F2EAAEFEE741D5BF46
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/23bf04ce-3f25-4dfc-854b-7ab9fceb5046.roa
Signing time: Tue 03 Sep 2024 00:00:00 +0000
ROA not before: Tue 03 Sep 2024 00:00:00 +0000
ROA not after: Tue 08 Oct 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Sep 2024 20:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:46:6f:28:15:06:2d:67:af:f6:57:f2:ea:ae:fe:e7:41:d5:bf:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 3 00:00:00 2024 GMT
Not After : Oct 8 23:59:59 2024 GMT
Subject: serialNumber=da67996a6f6243e985519e121955599e8a9a7588e8364ea2d89eeec90cb9bf3c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:5b:f1:71:90:ae:14:48:ab:98:b8:82:49:d0:
3c:f4:80:d2:9e:a1:22:82:35:f0:12:74:80:5d:f5:
c9:ce:ec:6a:e9:63:81:9d:5f:d9:19:03:75:a6:a4:
ed:9b:f9:6a:f6:d9:60:89:0c:bf:86:70:c8:fc:0c:
26:d7:e4:dd:93:52:96:5d:62:8c:ba:04:87:9a:34:
28:3b:f5:5e:32:45:2e:8a:07:c5:f5:7f:e6:f8:14:
5b:bf:64:56:a4:78:9b:53:5d:fc:81:5c:a0:62:8b:
14:76:b5:08:a4:90:bb:54:b0:3c:89:50:78:27:b3:
09:67:df:32:f4:96:bc:9a:ba:c0:82:94:cb:a7:87:
b1:6b:a5:9c:8f:73:f2:c5:50:c8:9e:a4:d9:bb:ba:
26:32:74:27:e0:70:71:6e:36:0d:20:b9:0e:fd:5a:
d4:8b:48:95:0f:d4:cf:c1:75:7a:20:7e:3c:ef:19:
a1:75:f6:8b:0a:cb:66:b3:1f:6c:b5:93:ed:03:5e:
0e:28:52:a7:e6:01:84:a1:c2:f5:31:56:4f:5c:b1:
8d:f7:18:ae:a1:fe:b8:9f:94:e1:f1:0a:c5:a8:53:
ba:61:11:32:f5:65:10:b9:2b:00:c8:fe:d4:56:f7:
f6:ae:4f:c8:a7:2c:e0:41:02:b0:06:46:9a:61:ab:
2c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:AA:57:D9:09:69:5E:1A:D8:3D:F6:9A:D6:23:5F:DA:A9:DA:6A:D3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/23bf04ce-3f25-4dfc-854b-7ab9fceb5046.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:c000::/40
Signature Algorithm: sha256WithRSAEncryption
10:89:27:fa:a0:64:d0:9d:08:23:76:c4:b6:37:62:55:11:72:
8b:53:54:f0:d3:d1:e4:0c:71:92:b6:8c:39:9c:ef:a9:cd:f2:
85:d8:0f:5a:27:f7:6c:ef:08:16:20:39:88:24:4b:56:ad:1d:
30:40:8a:d1:9c:c2:54:7f:21:de:c1:50:e0:a9:00:48:74:77:
a4:de:83:dc:5e:18:70:bb:00:c2:9d:df:ee:a2:6f:25:df:0a:
75:61:ed:ce:72:f8:b9:64:3a:df:9d:08:9e:87:e3:76:37:33:
72:f8:5b:a0:b5:fd:e6:5b:fa:96:69:51:34:ed:60:23:f8:26:
5c:63:52:46:2e:f7:2d:98:b0:0d:ee:90:73:dc:bb:8d:9b:ed:
5e:0b:3b:08:df:c1:ad:25:dc:0e:c5:c5:88:ca:24:7c:26:3a:
8e:4c:41:b2:73:95:43:46:6b:73:06:e6:4c:31:72:6f:e2:07:
d8:eb:f5:af:98:78:9a:51:5a:8c:1b:18:08:ee:ae:77:42:0b:
2e:fd:a9:ec:46:39:6a:b1:3d:7c:a4:31:d6:b2:ec:fc:ce:94:
19:33:c3:f5:14:0b:e1:23:d1:e9:cd:df:99:5d:1b:25:d0:f5:
3e:cf:9f:d6:8e:5a:b4:d6:cc:32:4f:2a:44:3d:d0:cd:0a:10:
d5:f2:66:f1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfEZvKBUGLWev9lfy6q7+50HVv0YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA5MDMwMDAwMDBaFw0yNDEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhNjc5OTZhNmY2MjQzZTk4NTUxOWUxMjE5NTU1OTllOGE5YTc1ODhlODM2
NGVhMmQ4OWVlZWM5MGNiOWJmM2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAONb8XGQrhRIq5i4gknQPPSA0p6hIoI18BJ0gF31yc7sauljgZ1f2RkDdaak
7Zv5avbZYIkMv4ZwyPwMJtfk3ZNSll1ijLoEh5o0KDv1XjJFLooHxfV/5vgUW79k
VqR4m1Nd/IFcoGKLFHa1CKSQu1SwPIlQeCezCWffMvSWvJq6wIKUy6eHsWulnI9z
8sVQyJ6k2bu6JjJ0J+BwcW42DSC5Dv1a1ItIlQ/Uz8F1eiB+PO8ZoXX2iwrLZrMf
bLWT7QNeDihSp+YBhKHC9TFWT1yxjfcYrqH+uJ+U4fEKxahTumERMvVlELkrAMj+
1Fb39q5PyKcs4EECsAZGmmGrLOsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRFqlfZ
CWleGtg99prWI1/aqdpq0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjNiZjA0Y2UtM2YyNS00ZGZjLTg1NGItN2FiOWZjZWI1MDQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H/A
MA0GCSqGSIb3DQEBCwUAA4IBAQAQiSf6oGTQnQgjdsS2N2JVEXKLU1Tw09HkDHGS
tow5nO+pzfKF2A9aJ/ds7wgWIDmIJEtWrR0wQIrRnMJUfyHewVDgqQBIdHek3oPc
XhhwuwDCnd/uom8l3wp1Ye3Ocvi5ZDrfnQieh+N2NzNy+Fugtf3mW/qWaVE07WAj
+CZcY1JGLvctmLAN7pBz3LuNm+1eCzsI38GtJdwOxcWIyiR8JjqOTEGyc5VDRmtz
BuZMMXJv4gfY6/WvmHiaUVqMGxgI7q53Qgsu/ansRjlqsT18pDHWsuz8zpQZM8P1
FAvhI9Hpzd+ZXRsl0PU+z5/Wjlq01swyTypEPdDNChDV8mbx
-----END CERTIFICATE-----
Generated at Sat Sep 7 01:39:48 2024 by rpki-client on console-ams.rpki-client.org