Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa
File: 33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa (raw, json)
Hash identifier: FmpKOW39L1fXVnA5v0y+MB3TIJCIVqbL90maqPRbqhk=
Subject key identifier: 1F:25:0B:74:B8:20:3E:1C:0C:F8:EE:AF:E9:7A:8B:A0:31:8C:F6:BC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 31C3015690140ACCBB4B3083D19AF178B00BD315
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:c3:01:56:90:14:0a:cc:bb:4b:30:83:d1:9a:f1:78:b0:0b:d3:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=e585e447c8b2911e41f97b1b7c3e56579f07f79ca34af84e4cde5a971d989c38, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:33:ae:d1:b1:57:88:87:a2:01:42:a4:69:cf:
f9:07:ab:b2:6a:11:b5:e6:8d:a9:b5:ec:95:71:15:
d5:25:5c:3c:ee:a4:8f:bf:d5:1c:84:bd:30:00:11:
75:5f:c3:f8:fc:46:72:60:1c:c0:27:1d:55:a3:4b:
9e:98:d3:e8:6b:c1:56:8a:79:76:45:fc:06:d1:13:
e8:be:eb:60:4b:b0:10:67:3f:3e:d3:d2:66:e0:f6:
46:51:1e:38:16:85:c7:52:58:59:fc:73:cd:c1:01:
0f:80:c0:ca:42:37:ef:4d:7b:cc:3f:39:13:d5:fe:
e7:9c:da:02:94:fa:ed:7d:52:94:e2:a2:fe:34:1d:
7a:80:33:4e:33:ca:e7:ab:74:03:b2:b4:b0:26:ef:
23:55:3c:a3:f1:22:d0:56:7a:08:b3:85:ac:7b:92:
8d:89:dd:bc:f4:ab:ce:ec:83:b3:80:fd:e5:49:d8:
ea:cd:08:ac:99:11:da:c3:34:3e:8e:9e:3a:8b:a1:
ba:8d:29:14:9d:f7:01:25:39:07:32:66:28:e4:22:
28:43:68:10:e2:5a:6c:c5:7a:38:4f:a1:29:8f:cb:
48:ea:f5:00:47:a7:58:b1:4c:4e:8d:21:7e:9e:b7:
44:b4:80:d0:89:07:34:4c:63:a9:59:45:0c:a6:1d:
d1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:25:0B:74:B8:20:3E:1C:0C:F8:EE:AF:E9:7A:8B:A0:31:8C:F6:BC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33f442e1-766e-461d-a3b9-2b0fd01b08cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:6000::/40
Signature Algorithm: sha256WithRSAEncryption
2e:4e:6e:1e:63:a9:5d:53:c7:28:30:00:b2:c5:d2:f4:25:97:
42:9e:97:9b:47:c4:b8:8a:3e:fa:42:37:70:94:53:01:d3:ac:
65:c9:7b:bb:b1:a2:a4:e6:92:f1:16:4d:6d:ee:19:9b:53:54:
27:fd:1a:70:79:e6:be:22:25:34:56:fa:f6:7a:fc:b7:5e:cd:
0e:eb:72:79:30:27:20:8e:e7:a5:46:69:f1:92:23:5a:b7:c6:
ef:4a:d7:70:8d:23:7d:b9:70:b5:1a:5e:77:43:00:bc:d8:3a:
93:49:2a:c6:a6:4d:ec:f2:4d:c0:da:5e:87:39:0e:02:47:08:
b9:fa:b6:e9:7d:cf:52:19:da:46:9e:8d:97:9e:76:ac:8b:ef:
58:95:b4:35:56:c5:87:b1:4f:12:68:cc:26:7e:bc:1f:3c:cd:
51:9b:05:d9:98:b3:27:ec:7a:f3:10:3b:37:cf:3d:a9:38:c4:
2b:ef:f7:bb:20:41:9a:38:8b:7a:b4:2e:29:81:f8:d4:92:7d:
62:62:ad:50:89:e1:50:85:a3:7b:bd:51:87:ce:b4:06:59:bc:
3d:93:ee:f1:ef:86:8d:dd:b5:a9:17:dc:99:4b:d6:ae:4f:9e:
8c:00:51:bc:d0:6f:9b:08:08:84:3b:7f:3e:44:29:50:84:d1:
dd:ee:12:5a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMcMBVpAUCsy7SzCD0ZrxeLAL0xUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1ODVlNDQ3YzhiMjkxMWU0MWY5N2IxYjdjM2U1NjU3OWYwN2Y3OWNhMzRh
Zjg0ZTRjZGU1YTk3MWQ5ODljMzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOEzrtGxV4iHogFCpGnP+QersmoRteaNqbXslXEV1SVcPO6kj7/VHIS9MAAR
dV/D+PxGcmAcwCcdVaNLnpjT6GvBVop5dkX8BtET6L7rYEuwEGc/PtPSZuD2RlEe
OBaFx1JYWfxzzcEBD4DAykI37017zD85E9X+55zaApT67X1SlOKi/jQdeoAzTjPK
56t0A7K0sCbvI1U8o/Ei0FZ6CLOFrHuSjYndvPSrzuyDs4D95UnY6s0IrJkR2sM0
Po6eOouhuo0pFJ33ASU5BzJmKOQiKENoEOJabMV6OE+hKY/LSOr1AEenWLFMTo0h
fp63RLSA0IkHNExjqVlFDKYd0TECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQfJQt0
uCA+HAz47q/peougMYz2vDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzNmNDQyZTEtNzY2ZS00NjFkLWEzYjktMmIwZmQwMWIwOGNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hhg
MA0GCSqGSIb3DQEBCwUAA4IBAQAuTm4eY6ldU8coMACyxdL0JZdCnpebR8S4ij76
QjdwlFMB06xlyXu7saKk5pLxFk1t7hmbU1Qn/Rpweea+IiU0Vvr2evy3Xs0O63J5
MCcgjuelRmnxkiNat8bvStdwjSN9uXC1Gl53QwC82DqTSSrGpk3s8k3A2l6HOQ4C
Rwi5+rbpfc9SGdpGno2Xnnasi+9YlbQ1VsWHsU8SaMwmfrwfPM1RmwXZmLMn7Hrz
EDs3zz2pOMQr7/e7IEGaOIt6tC4pgfjUkn1iYq1QieFQhaN7vVGHzrQGWbw9k+7x
74aN3bWpF9yZS9auT56MAFG80G+bCAiEO38+RClQhNHd7hJa
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org