Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/247ad9fa-bec9-4b2a-bf50-46f08250e756.roa
File: 247ad9fa-bec9-4b2a-bf50-46f08250e756.roa (raw, json)
Hash identifier: NA9zgtuS9cAf1jPKWAppG8oFuiMMxUoiD8RomIkGpNg=
Subject key identifier: 66:C2:1D:EA:EC:34:64:C1:E2:86:D5:44:7C:30:0E:EE:04:C5:67:F7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0759F8D8801B474914C2E36FF9B92DCFC25A104C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/247ad9fa-bec9-4b2a-bf50-46f08250e756.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:59:f8:d8:80:1b:47:49:14:c2:e3:6f:f9:b9:2d:cf:c2:5a:10:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=ffedaed59a3b7b801a645d5e710647e5989193f9430b525f1cbeb97c61a9240e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:4d:69:43:bb:ed:5b:e6:26:0e:00:fa:7f:c4:
74:be:c6:8d:93:68:29:52:4d:17:83:ec:83:04:4e:
f0:fb:21:56:38:83:03:a5:53:1b:a6:d3:2f:6c:b3:
36:ae:33:29:2c:8e:ea:8d:6d:38:78:f4:78:06:c2:
24:9d:fa:21:9d:a3:08:56:fe:74:5d:d5:f0:03:90:
4e:81:80:bc:84:17:41:45:cf:f8:9c:7d:3e:6e:fd:
02:6f:63:58:b4:57:ad:dc:d9:c6:8f:29:39:46:37:
c4:20:97:ad:6c:e2:eb:36:55:34:54:90:2b:b4:96:
3f:cc:60:a8:a3:e6:51:a8:84:35:c9:d2:72:3a:74:
f3:69:c4:6d:e6:e7:d3:ab:8a:de:35:8e:f5:1c:bc:
a5:12:72:4e:3f:35:66:87:fb:e4:ac:57:6c:ad:e5:
dc:24:84:6b:8b:07:76:3e:d0:27:c7:ef:4b:cb:47:
06:38:69:51:d4:a3:08:4d:53:6a:2b:e5:a2:14:49:
9b:8d:a1:22:c0:84:40:b4:96:43:64:ea:44:ab:e5:
e6:87:61:8b:ca:23:4c:7f:3e:92:8f:4e:e7:59:cf:
7e:aa:d9:65:fc:88:4e:1d:3f:2a:ed:d8:62:5c:0e:
cd:1a:63:aa:99:dc:84:b2:24:3c:37:88:51:31:4b:
b6:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:C2:1D:EA:EC:34:64:C1:E2:86:D5:44:7C:30:0E:EE:04:C5:67:F7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/247ad9fa-bec9-4b2a-bf50-46f08250e756.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:5000::/40
Signature Algorithm: sha256WithRSAEncryption
af:c8:26:a1:01:bd:5a:51:aa:73:fd:8d:2a:7a:87:c5:96:96:
e4:ad:76:c0:c7:9c:a8:0a:af:53:5f:3c:24:a3:2e:30:1e:9d:
d1:0f:55:31:be:e1:35:30:3f:d9:11:1a:92:26:f5:81:ba:ac:
87:c8:c4:37:2f:e8:1f:8e:1b:e6:1d:13:f9:95:93:6f:5c:a4:
1e:04:a3:0f:76:c0:29:c8:9f:ff:d0:d2:bd:6d:9e:16:a1:7d:
c5:1e:5f:ea:5a:1f:af:3e:fd:7f:dc:5a:e6:c6:9f:ef:1f:b4:
df:20:56:83:75:aa:01:e4:cc:12:df:f1:6c:c0:50:35:00:97:
a1:a1:2d:53:c7:df:03:4b:15:96:c1:1a:ca:79:85:60:a8:d2:
ab:6a:29:bd:08:a9:ef:52:67:b0:bb:6e:09:90:83:6b:f4:19:
87:3e:98:74:70:61:af:16:bd:61:27:54:50:83:f5:e8:21:b6:
73:2c:d7:28:2f:16:a2:59:41:1b:a9:6d:2c:64:6d:b3:bc:10:
a2:b8:9e:33:a9:d0:2c:ab:95:91:99:a4:1d:7a:77:0f:e0:ce:
c2:28:57:73:fd:a7:9e:15:d7:c7:ea:3b:c5:3f:22:fa:17:27:
8f:8b:6d:9a:29:51:f4:5a:d0:f1:34:e9:31:47:d6:4d:fb:65:
c3:8b:db:8f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUB1n42IAbR0kUwuNv+bktz8JaEEwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmZWRhZWQ1OWEzYjdiODAxYTY0NWQ1ZTcxMDY0N2U1OTg5MTkzZjk0MzBi
NTI1ZjFjYmViOTdjNjFhOTI0MGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPRNaUO77VvmJg4A+n/EdL7GjZNoKVJNF4PsgwRO8PshVjiDA6VTG6bTL2yz
Nq4zKSyO6o1tOHj0eAbCJJ36IZ2jCFb+dF3V8AOQToGAvIQXQUXP+Jx9Pm79Am9j
WLRXrdzZxo8pOUY3xCCXrWzi6zZVNFSQK7SWP8xgqKPmUaiENcnScjp082nEbebn
06uK3jWO9Ry8pRJyTj81Zof75KxXbK3l3CSEa4sHdj7QJ8fvS8tHBjhpUdSjCE1T
aivlohRJm42hIsCEQLSWQ2TqRKvl5odhi8ojTH8+ko9O51nPfqrZZfyITh0/Ku3Y
YlwOzRpjqpnchLIkPDeIUTFLtu8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRmwh3q
7DRkweKG1UR8MA7uBMVn9zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjQ3YWQ5ZmEtYmVjOS00YjJhLWJmNTAtNDZmMDgyNTBlNzU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DpQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCvyCahAb1aUapz/Y0qeofFlpbkrXbAx5yoCq9T
Xzwkoy4wHp3RD1UxvuE1MD/ZERqSJvWBuqyHyMQ3L+gfjhvmHRP5lZNvXKQeBKMP
dsApyJ//0NK9bZ4WoX3FHl/qWh+vPv1/3Frmxp/vH7TfIFaDdaoB5MwS3/FswFA1
AJehoS1Tx98DSxWWwRrKeYVgqNKraim9CKnvUmewu24JkINr9BmHPph0cGGvFr1h
J1RQg/XoIbZzLNcoLxaiWUEbqW0sZG2zvBCiuJ4zqdAsq5WRmaQdencP4M7CKFdz
/aeeFdfH6jvFPyL6FyePi22aKVH0WtDxNOkxR9ZN+2XDi9uP
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org