Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/29da5eb1-a285-413c-a29c-911e1f05356b.roa
File: 29da5eb1-a285-413c-a29c-911e1f05356b.roa (raw, json)
Hash identifier: ZPfHASPJ637zGnCiEdHYDv6MZZtN/Re41jKn5RCn8Ko=
Subject key identifier: 04:8E:C1:8E:46:2B:C5:68:E3:34:91:88:BF:85:B0:29:D4:84:BF:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 638D4A38369691ABF9907EA6E64D9886B2CE986E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/29da5eb1-a285-413c-a29c-911e1f05356b.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:8d:4a:38:36:96:91:ab:f9:90:7e:a6:e6:4d:98:86:b2:ce:98:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=1e20f2e44bd866a393332d985501dff7a0ac29b98dc35cca5828014b5d2dc51c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:90:35:01:79:74:cd:64:1f:83:1d:a7:f9:61:
7b:a6:fd:c1:45:8a:44:ac:6e:2a:0b:bf:15:c2:8d:
db:07:b2:13:45:b1:d4:8f:f5:26:d4:43:f7:78:ae:
b7:39:fc:d1:30:91:ea:c4:4b:6f:12:01:b9:dc:9c:
bd:f7:7b:0a:e1:23:98:95:39:19:9b:2a:32:10:47:
62:68:ea:24:81:4b:00:78:9d:e6:81:20:dc:0e:f8:
75:f2:2f:de:80:b2:75:6e:5d:ee:95:a0:f0:21:e6:
07:65:d3:70:40:99:55:51:0c:45:56:11:f1:25:10:
6c:e8:c3:bf:c8:50:64:ce:aa:44:90:0f:f1:84:38:
d3:aa:be:28:eb:51:60:66:98:8d:d6:f8:27:54:56:
e5:b7:10:bb:92:9e:7e:1a:d1:e6:19:d8:46:bd:8b:
66:4b:7d:80:1a:26:80:1a:e3:ed:a6:6f:b6:2c:62:
17:52:80:d7:32:c1:10:72:5d:d8:0d:d9:30:50:10:
e5:41:d1:22:51:20:83:67:39:61:29:7f:15:0f:4a:
01:82:29:38:db:c6:07:f1:7d:1f:28:b4:f3:90:6a:
f0:a7:97:d4:fc:71:b8:e2:98:15:71:f2:94:13:ca:
05:69:38:07:49:aa:14:dd:cd:ad:e1:c8:08:a9:34:
4c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:8E:C1:8E:46:2B:C5:68:E3:34:91:88:BF:85:B0:29:D4:84:BF:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/29da5eb1-a285-413c-a29c-911e1f05356b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c:e000::/40
Signature Algorithm: sha256WithRSAEncryption
b0:f3:64:d0:72:05:f8:b7:4a:89:40:c2:20:9b:e2:14:90:22:
75:e9:48:88:37:9d:14:4b:00:dd:fe:f7:1e:75:8b:8a:52:5f:
85:8a:ad:86:be:ef:71:e3:30:11:88:54:ff:2c:55:18:07:0b:
d5:4a:b7:ea:5a:ff:0c:60:82:29:41:ba:2f:ce:09:23:c7:65:
9e:20:f2:b7:ac:79:e5:62:10:b0:d9:30:12:7e:2b:ba:6f:68:
41:81:fb:ce:bf:c0:55:68:7c:79:4d:a7:86:70:ea:bb:01:0a:
14:a2:52:eb:f6:1a:12:c5:65:cb:61:54:3e:bf:2d:80:69:54:
32:75:48:e8:98:a1:2c:50:3e:6b:ba:95:00:85:32:11:aa:43:
c1:07:84:c4:0c:56:8b:dd:77:f2:53:8d:00:9f:0c:05:a4:49:
d0:52:6d:17:ce:6f:4b:a9:e0:80:55:91:84:60:7c:dc:55:cc:
44:eb:36:20:1b:d0:51:13:eb:06:79:b9:42:58:f9:28:f0:a0:
98:05:85:aa:55:25:17:07:68:c6:9a:60:6f:6a:f2:f6:08:c7:
09:db:62:e1:ce:30:ac:77:d4:d1:65:8e:40:05:c1:ca:e1:87:
89:cf:53:0d:32:1c:52:28:f0:ad:99:64:4a:e3:bf:5c:8a:f6:
2d:14:b5:0f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY41KODaWkav5kH6m5k2YhrLOmG4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlMjBmMmU0NGJkODY2YTM5MzMzMmQ5ODU1MDFkZmY3YTBhYzI5Yjk4ZGMz
NWNjYTU4MjgwMTRiNWQyZGM1MWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2QNQF5dM1kH4Mdp/lhe6b9wUWKRKxuKgu/FcKN2weyE0Wx1I/1JtRD93iu
tzn80TCR6sRLbxIBudycvfd7CuEjmJU5GZsqMhBHYmjqJIFLAHid5oEg3A74dfIv
3oCydW5d7pWg8CHmB2XTcECZVVEMRVYR8SUQbOjDv8hQZM6qRJAP8YQ406q+KOtR
YGaYjdb4J1RW5bcQu5KefhrR5hnYRr2LZkt9gBomgBrj7aZvtixiF1KA1zLBEHJd
2A3ZMFAQ5UHRIlEgg2c5YSl/FQ9KAYIpONvGB/F9Hyi085Bq8KeX1PxxuOKYFXHy
lBPKBWk4B0mqFN3NreHICKk0TAUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQEjsGO
RivFaOM0kYi/hbAp1IS/azAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjlkYTVlYjEtYTI4NS00MTNjLWEyOWMtOTExZTFmMDUzNTZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hzg
MA0GCSqGSIb3DQEBCwUAA4IBAQCw82TQcgX4t0qJQMIgm+IUkCJ16UiIN50USwDd
/vcedYuKUl+Fiq2Gvu9x4zARiFT/LFUYBwvVSrfqWv8MYIIpQbovzgkjx2WeIPK3
rHnlYhCw2TASfiu6b2hBgfvOv8BVaHx5TaeGcOq7AQoUolLr9hoSxWXLYVQ+vy2A
aVQydUjomKEsUD5rupUAhTIRqkPBB4TEDFaL3XfyU40AnwwFpEnQUm0Xzm9LqeCA
VZGEYHzcVcxE6zYgG9BRE+sGeblCWPko8KCYBYWqVSUXB2jGmmBvavL2CMcJ22Lh
zjCsd9TRZY5ABcHK4YeJz1MNMhxSKPCtmWRK479civYtFLUP
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org