Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
File: 2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa (raw, json)
Hash identifier: E1a+/+Vk1WnLMrPEW1UrSeD8qRZKyqyLLvpliaBwfBk=
Subject key identifier: A2:43:EB:35:83:ED:E6:B0:77:CF:DA:F0:73:52:D7:BA:74:B5:B7:61
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16EA1F3A9F082D9A1EC3385CEB217556B5652FD1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:ea:1f:3a:9f:08:2d:9a:1e:c3:38:5c:eb:21:75:56:b5:65:2f:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=d58559fc4f234ab3d6c874f8dae1867f3c00e42c08cf4853db5a117e2b9164a7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:e5:e1:f1:18:81:12:9d:d7:81:40:1e:0d:81:
2b:d7:75:92:67:9a:47:67:3d:c0:0d:37:be:6a:1a:
4b:f9:ec:f5:6f:ca:9c:22:e7:2b:04:12:82:d5:3a:
54:d3:ef:20:59:f9:9d:51:c1:ec:ae:00:9d:30:90:
72:3b:0c:ff:d4:ef:6e:28:d0:a9:9c:f6:7c:28:6c:
d3:05:f3:cd:d6:67:3d:ab:43:76:5d:d5:ea:de:83:
35:ef:b2:3f:6e:7b:58:58:00:b1:3e:d4:98:17:ba:
13:de:50:e7:a6:47:ff:d7:c5:19:47:91:e9:d7:c4:
b7:16:39:a7:b9:6a:aa:86:87:a0:f2:ac:30:a0:38:
12:a5:b1:3e:37:c8:e8:51:ec:ca:6d:86:d8:66:d5:
95:d1:62:30:84:53:13:03:f6:5d:59:53:be:51:40:
57:fd:20:00:11:6c:33:80:79:07:75:f0:bf:5d:e2:
20:ca:a8:f9:2a:0d:1c:1e:19:ee:de:0a:24:32:99:
4a:2a:95:37:5a:50:79:53:f9:5c:99:03:a5:f0:eb:
8d:ba:10:31:89:dc:7d:58:61:50:9a:55:2b:8c:8d:
07:c8:69:5d:74:71:bf:8b:e0:13:e9:6e:bb:60:d7:
06:fd:2d:90:b7:b8:70:e4:6c:6f:08:af:f8:0c:89:
af:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:43:EB:35:83:ED:E6:B0:77:CF:DA:F0:73:52:D7:BA:74:B5:B7:61
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:9000::/40
Signature Algorithm: sha256WithRSAEncryption
8d:3d:31:6e:59:24:45:57:09:55:f9:f2:a9:ba:76:8f:7b:69:
c6:92:ff:11:3b:de:30:68:5c:05:15:dd:fc:f3:e5:7e:2a:77:
8e:db:a3:e7:b8:ca:ee:ad:e5:7d:8c:86:68:52:17:ff:1b:83:
5f:32:a9:ab:57:34:b9:2d:34:98:c6:de:2c:9f:eb:f8:f8:76:
b2:26:56:fc:20:2d:82:5e:26:31:86:68:aa:ec:1d:12:61:20:
48:bb:92:51:32:db:22:e6:69:1e:36:22:bc:19:ed:fa:8b:b4:
2a:c7:70:36:4c:22:24:40:31:1c:34:c0:f3:2c:e7:6a:e1:ed:
dd:b4:75:d2:57:39:27:ab:4e:f2:91:af:c5:c6:eb:0e:10:91:
96:04:4a:14:d3:12:1d:2b:6e:89:7f:5a:e2:8d:4a:21:cc:c0:
16:03:3c:c6:d6:b1:fc:b6:63:ec:09:99:f8:25:68:54:21:87:
a5:d5:ad:9f:ac:fb:dd:01:ae:c3:e6:5c:ac:cb:6d:dc:f0:74:
49:78:96:8a:0c:94:42:e4:bc:9c:38:7b:59:3d:96:3b:8a:8f:
09:74:d7:e5:7e:1a:a2:09:74:8b:a4:6b:e0:74:7d:4e:81:53:
a3:d8:50:0c:43:55:cd:17:98:7b:78:da:4c:45:85:e3:d0:82:
54:69:63:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFuofOp8ILZoewzhc6yF1VrVlL9EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1ODU1OWZjNGYyMzRhYjNkNmM4NzRmOGRhZTE4NjdmM2MwMGU0MmMwOGNm
NDg1M2RiNWExMTdlMmI5MTY0YTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO7l4fEYgRKd14FAHg2BK9d1kmeaR2c9wA03vmoaS/ns9W/KnCLnKwQSgtU6
VNPvIFn5nVHB7K4AnTCQcjsM/9TvbijQqZz2fChs0wXzzdZnPatDdl3V6t6DNe+y
P257WFgAsT7UmBe6E95Q56ZH/9fFGUeR6dfEtxY5p7lqqoaHoPKsMKA4EqWxPjfI
6FHsym2G2GbVldFiMIRTEwP2XVlTvlFAV/0gABFsM4B5B3Xwv13iIMqo+SoNHB4Z
7t4KJDKZSiqVN1pQeVP5XJkDpfDrjboQMYncfVhhUJpVK4yNB8hpXXRxv4vgE+lu
u2DXBv0tkLe4cORsbwiv+AyJr8sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSiQ+s1
g+3msHfP2vBzUte6dLW3YTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmRmYjIwMmYtNjIwMi00OGRhLWEzYjMtOTRmMWFjMDAwYmM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCNPTFuWSRFVwlV+fKpunaPe2nGkv8RO94waFwF
Fd388+V+KneO26PnuMrureV9jIZoUhf/G4NfMqmrVzS5LTSYxt4sn+v4+HayJlb8
IC2CXiYxhmiq7B0SYSBIu5JRMtsi5mkeNiK8Ge36i7Qqx3A2TCIkQDEcNMDzLOdq
4e3dtHXSVzknq07yka/FxusOEJGWBEoU0xIdK26Jf1rijUohzMAWAzzG1rH8tmPs
CZn4JWhUIYel1a2frPvdAa7D5lysy23c8HRJeJaKDJRC5LycOHtZPZY7io8JdNfl
fhqiCXSLpGvgdH1OgVOj2FAMQ1XNF5h7eNpMRYXj0IJUaWMD
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org