Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/23bf04ce-3f25-4dfc-854b-7ab9fceb5046.roa
File: 23bf04ce-3f25-4dfc-854b-7ab9fceb5046.roa (raw, json)
Hash identifier: MRkzTpG8AFxRVY7kDkEyR4HbbuqZkidfbWl8DNpfvIY=
Subject key identifier: 2F:27:AE:03:2D:EF:DB:4A:8D:F7:B7:46:B2:AE:7B:BF:CB:3F:45:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7DE308107C18E5FBF26FF901C0ECC2EC38B5D737
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/23bf04ce-3f25-4dfc-854b-7ab9fceb5046.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:e3:08:10:7c:18:e5:fb:f2:6f:f9:01:c0:ec:c2:ec:38:b5:d7:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=6f831c44c91c0adc2df3d1655bbe1e48c2ef6348928df44bbe45ed93f1f22939, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:9b:4c:29:a7:0a:9a:9f:35:9c:57:67:e5:8e:
ef:b9:7d:ff:ad:d1:1b:0d:ce:5b:df:a8:7b:01:7d:
7f:f1:9d:c4:1d:df:3c:32:77:87:e5:31:0b:34:01:
78:d1:43:34:a3:fa:f3:04:ae:cd:db:20:af:21:86:
9c:a7:0a:72:ce:48:e6:e5:32:24:dc:02:be:b1:ee:
29:1e:7e:ac:9c:94:21:9b:3d:22:bd:29:a3:49:5d:
61:90:67:8d:29:32:7a:8f:f5:4c:64:ec:f3:e7:fc:
45:ec:d7:80:5b:4a:38:f6:a3:36:7d:1c:f4:18:ef:
f3:50:a9:b2:96:7d:b9:23:5d:34:15:e4:1c:32:69:
4d:58:b3:fc:6c:23:da:ed:24:9c:db:73:f6:78:cb:
ac:bb:38:78:27:9e:39:b0:12:dd:a9:c4:fb:cb:ea:
d1:be:ee:a7:41:bb:a2:e5:6c:71:94:4c:6d:88:f4:
0d:54:53:0c:36:72:f2:92:d2:33:ce:80:1f:59:44:
a4:2e:26:c9:6c:09:7f:ab:94:e2:76:a5:85:3b:a2:
ca:e7:f6:e9:5e:33:2f:b5:09:a0:14:64:4d:32:3f:
da:21:67:d2:53:b8:fc:03:c5:4a:5e:57:73:13:95:
6e:0a:9e:0f:84:ae:b6:28:d0:b9:1d:d8:ba:6a:8b:
28:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:27:AE:03:2D:EF:DB:4A:8D:F7:B7:46:B2:AE:7B:BF:CB:3F:45:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/23bf04ce-3f25-4dfc-854b-7ab9fceb5046.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:c000::/40
Signature Algorithm: sha256WithRSAEncryption
40:14:93:4f:4f:7d:04:ef:be:00:ac:f0:06:88:05:8e:e5:64:
58:81:8f:12:f5:0c:c6:12:85:a6:4e:36:cb:51:02:60:66:21:
cd:ed:a3:c0:d6:66:93:b8:f9:ba:40:c9:18:73:04:7d:de:c5:
fc:d0:27:12:31:c3:96:57:54:a6:5a:1c:28:9f:d4:83:ff:5c:
95:8b:0c:68:c1:e8:df:33:5d:a5:1c:86:77:ff:66:28:38:f0:
a3:49:3d:e9:5e:f2:57:aa:fd:e8:a3:23:1e:53:03:68:7f:a5:
e4:ca:cd:ba:f1:05:0e:c0:ac:b0:0b:d1:76:d2:4c:e8:0d:32:
83:f7:57:2e:3a:15:b5:ee:f1:ab:3f:11:6d:99:06:bd:a9:90:
fa:f9:76:a1:4f:6d:52:66:05:23:c9:11:77:1c:3a:f9:57:5d:
a5:8b:bd:65:f6:5f:c8:10:b8:03:7e:a0:ac:15:63:e8:98:d9:
85:ca:13:20:84:0e:3b:63:40:0c:bc:05:b1:eb:ae:93:ad:b9:
32:b2:7e:84:fe:6a:48:a6:66:eb:05:82:c2:08:a4:6a:84:97:
55:b2:eb:19:e4:fb:c5:60:61:ae:65:6e:c8:25:3a:6d:10:90:
ce:6a:2f:47:13:c5:f2:53:b7:5d:34:67:88:e6:26:ed:2b:76:
f9:f9:f0:af
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfeMIEHwY5fvyb/kBwOzC7Di11zcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmODMxYzQ0YzkxYzBhZGMyZGYzZDE2NTViYmUxZTQ4YzJlZjYzNDg5Mjhk
ZjQ0YmJlNDVlZDkzZjFmMjI5MzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANObTCmnCpqfNZxXZ+WO77l9/63RGw3OW9+oewF9f/GdxB3fPDJ3h+UxCzQB
eNFDNKP68wSuzdsgryGGnKcKcs5I5uUyJNwCvrHuKR5+rJyUIZs9Ir0po0ldYZBn
jSkyeo/1TGTs8+f8RezXgFtKOPajNn0c9Bjv81CpspZ9uSNdNBXkHDJpTViz/Gwj
2u0knNtz9njLrLs4eCeeObAS3anE+8vq0b7up0G7ouVscZRMbYj0DVRTDDZy8pLS
M86AH1lEpC4myWwJf6uU4nalhTuiyuf26V4zL7UJoBRkTTI/2iFn0lO4/APFSl5X
cxOVbgqeD4SutijQuR3YumqLKNsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQvJ64D
Le/bSo33t0ayrnu/yz9FKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjNiZjA0Y2UtM2YyNS00ZGZjLTg1NGItN2FiOWZjZWI1MDQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H/A
MA0GCSqGSIb3DQEBCwUAA4IBAQBAFJNPT30E774ArPAGiAWO5WRYgY8S9QzGEoWm
TjbLUQJgZiHN7aPA1maTuPm6QMkYcwR93sX80CcSMcOWV1SmWhwon9SD/1yViwxo
wejfM12lHIZ3/2YoOPCjST3pXvJXqv3ooyMeUwNof6Xkys268QUOwKywC9F20kzo
DTKD91cuOhW17vGrPxFtmQa9qZD6+XahT21SZgUjyRF3HDr5V12li71l9l/IELgD
fqCsFWPomNmFyhMghA47Y0AMvAWx666Trbkysn6E/mpIpmbrBYLCCKRqhJdVsusZ
5PvFYGGuZW7IJTptEJDOai9HE8XyU7ddNGeI5ibtK3b5+fCv
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org