Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/305a28e2-5105-4222-8a2a-f3c7201b482a.roa
File: 305a28e2-5105-4222-8a2a-f3c7201b482a.roa (raw, json)
Hash identifier: 6X8dngqp/hS3wHVmXatWVM0J8o0c/AGtUHGBId2GHWc=
Subject key identifier: 19:76:22:B3:FB:37:6E:8D:EC:33:3E:FF:71:C9:F4:37:1F:3F:6B:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 64CA25890414A99B1EEC04BF7B1695682A40FE88
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/305a28e2-5105-4222-8a2a-f3c7201b482a.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:ca:25:89:04:14:a9:9b:1e:ec:04:bf:7b:16:95:68:2a:40:fe:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=21072f31a1d9f801e67c579cb01098221df02484851df5368f63ad1108df6e19, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:61:28:b3:cc:a4:ba:0c:a0:23:c7:55:94:5f:
72:0c:92:f3:4d:fd:ca:cf:b1:e4:7a:f7:00:a3:bc:
51:c7:6b:78:39:10:78:b9:a7:45:a5:28:2e:f5:a2:
db:93:70:a0:06:bb:90:f5:e2:59:9c:eb:3a:1e:7a:
c9:82:a8:04:32:39:e1:2e:9d:69:f6:20:98:72:56:
02:d1:09:de:01:3f:cc:8a:a8:99:ff:85:63:5d:52:
26:c9:fc:1b:47:4e:bd:3d:41:31:15:62:3d:69:b0:
37:b8:00:ba:19:0a:30:61:e2:a2:b8:57:81:b4:a6:
d3:cd:84:33:64:4c:18:81:72:dc:69:ba:c6:53:10:
5f:3d:0c:19:78:88:29:4d:d3:ca:f4:04:85:7c:2d:
7b:84:87:6c:3e:0b:b1:15:e5:f5:f6:0a:8d:27:5d:
04:98:ae:d3:fe:0e:6b:63:de:8a:02:9f:df:da:44:
88:bb:a0:cb:3f:61:3a:a3:c0:08:df:30:fe:57:ab:
c9:7f:a0:52:18:bd:ff:61:23:51:19:87:1c:8b:94:
45:02:ba:ed:61:56:b5:69:d4:a3:6d:2a:e1:3a:3b:
3a:61:3d:a3:b2:07:01:4c:33:b8:af:bf:41:6d:cc:
4d:1c:0e:46:1d:f2:67:cc:24:fd:0e:83:72:cd:19:
7f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:76:22:B3:FB:37:6E:8D:EC:33:3E:FF:71:C9:F4:37:1F:3F:6B:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/305a28e2-5105-4222-8a2a-f3c7201b482a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:8000::/40
Signature Algorithm: sha256WithRSAEncryption
0e:b5:cc:a6:43:7e:e6:e6:dd:c5:f0:ed:20:01:88:9b:81:d5:
98:bf:ec:eb:51:fc:4f:c4:4c:85:70:f6:3d:b4:20:bc:24:be:
b2:fd:83:9b:5d:29:18:0a:83:20:bf:5d:cb:ed:af:05:68:49:
0e:53:9a:ad:e9:4c:1c:e8:7c:06:e9:84:aa:0f:1e:3f:6d:4a:
7d:ca:6f:10:1e:1f:e4:a9:29:6f:42:d6:88:82:17:f8:5a:61:
ed:ac:21:7b:b6:6d:81:84:e5:d4:bc:1e:9e:8d:ff:b2:c4:91:
24:5b:95:2b:e2:b1:c1:90:9c:b2:42:88:dd:ec:83:88:93:40:
24:96:cf:ae:ee:0c:04:13:85:8e:41:67:01:de:5d:a5:37:c4:
f6:35:e3:4f:f0:11:68:65:45:37:bc:f6:eb:a5:b2:c8:c7:5a:
1e:b9:80:d4:fc:e3:a2:83:bc:38:5d:1a:c0:e3:4e:18:c8:04:
21:32:10:32:c4:17:ca:5e:f3:c9:42:31:37:46:8c:e9:2e:45:
e6:9c:6c:34:dd:ac:7c:ee:34:72:fd:1a:0b:96:d4:fd:85:ba:
4f:58:60:b9:e9:2e:a1:60:b9:ba:79:63:66:11:78:3c:85:4d:
d3:70:02:cd:22:d6:32:f6:30:60:ed:29:df:1b:02:7e:06:b5:
89:88:e8:df
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZMoliQQUqZse7AS/exaVaCpA/ogwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxMDcyZjMxYTFkOWY4MDFlNjdjNTc5Y2IwMTA5ODIyMWRmMDI0ODQ4NTFk
ZjUzNjhmNjNhZDExMDhkZjZlMTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxhKLPMpLoMoCPHVZRfcgyS8039ys+x5Hr3AKO8UcdreDkQeLmnRaUoLvWi
25NwoAa7kPXiWZzrOh56yYKoBDI54S6dafYgmHJWAtEJ3gE/zIqomf+FY11SJsn8
G0dOvT1BMRViPWmwN7gAuhkKMGHiorhXgbSm082EM2RMGIFy3Gm6xlMQXz0MGXiI
KU3TyvQEhXwte4SHbD4LsRXl9fYKjSddBJiu0/4Oa2PeigKf39pEiLugyz9hOqPA
CN8w/leryX+gUhi9/2EjURmHHIuURQK67WFWtWnUo20q4To7OmE9o7IHAUwzuK+/
QW3MTRwORh3yZ8wk/Q6Dcs0ZfyECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQZdiKz
+zdujewzPv9xyfQ3Hz9rpjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzA1YTI4ZTItNTEwNS00MjIyLThhMmEtZjNjNzIwMWI0ODJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HmA
MA0GCSqGSIb3DQEBCwUAA4IBAQAOtcymQ37m5t3F8O0gAYibgdWYv+zrUfxPxEyF
cPY9tCC8JL6y/YObXSkYCoMgv13L7a8FaEkOU5qt6Uwc6HwG6YSqDx4/bUp9ym8Q
Hh/kqSlvQtaIghf4WmHtrCF7tm2BhOXUvB6ejf+yxJEkW5Ur4rHBkJyyQojd7IOI
k0Akls+u7gwEE4WOQWcB3l2lN8T2NeNP8BFoZUU3vPbrpbLIx1oeuYDU/OOig7w4
XRrA404YyAQhMhAyxBfKXvPJQjE3RozpLkXmnGw03ax87jRy/RoLltT9hbpPWGC5
6S6hYLm6eWNmEXg8hU3TcALNItYy9jBg7SnfGwJ+BrWJiOjf
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:26 2023 by rpki-client on console-ams.rpki-client.org