Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bf2a24c-942b-480a-ae17-c534fb5a88ac.roa
File: 3bf2a24c-942b-480a-ae17-c534fb5a88ac.roa (raw, json)
Hash identifier: rRV12PwvEB8ZtCsmDO6qGojfesxicqdIV168X+lg4M8=
Subject key identifier: 06:08:28:1D:6D:5B:CB:D1:72:E7:DD:B6:39:37:03:E5:09:3E:1E:C1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 41F70CE1FB35108A317C0A20BC81D7E14909837F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bf2a24c-942b-480a-ae17-c534fb5a88ac.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:f7:0c:e1:fb:35:10:8a:31:7c:0a:20:bc:81:d7:e1:49:09:83:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=89b3723755792e2787349acafda0088dc94021a6442de22533c2c2a340505fb3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:65:ff:a2:18:08:53:8b:6d:85:3a:e6:10:90:
11:5b:e7:c5:03:64:04:6c:8e:46:f8:1d:d4:c4:8c:
c5:e5:87:a7:40:ad:84:8d:83:96:be:50:3d:63:68:
40:4c:5b:21:33:1d:61:63:53:ef:5d:7e:d0:f7:e4:
ea:bf:46:fb:24:ed:41:d4:98:47:77:a1:99:4f:c0:
36:cf:7c:f4:72:8b:6a:94:98:df:9e:e2:05:b5:e6:
e4:ed:94:f7:4e:3d:aa:b7:f4:60:b1:69:90:f1:ae:
3a:d9:25:68:b8:cd:1f:f3:0a:b3:bc:31:8b:c9:35:
64:2b:15:9d:38:b9:52:3d:c1:2e:03:11:ae:26:80:
db:37:4a:ff:a6:b2:9d:eb:b9:49:cd:b7:08:91:07:
3b:3f:65:15:26:8d:cb:ce:99:bd:8b:c0:4d:78:5a:
6e:03:50:7f:ea:4b:0e:b1:5a:fe:ad:8d:d9:3f:96:
d4:51:ff:e6:1f:3b:db:e6:b3:8e:cb:41:ea:ef:e3:
26:fe:59:e8:3f:77:ec:8e:67:aa:63:46:f6:f9:55:
d9:e5:e3:de:9c:38:86:b6:27:85:2e:d9:53:28:6a:
bf:54:a2:17:da:fa:df:d1:5c:4d:3f:1b:e2:e2:f9:
e8:b5:9b:57:39:83:a2:92:db:00:0d:4a:9e:90:16:
37:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:08:28:1D:6D:5B:CB:D1:72:E7:DD:B6:39:37:03:E5:09:3E:1E:C1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bf2a24c-942b-480a-ae17-c534fb5a88ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:e000::/40
Signature Algorithm: sha256WithRSAEncryption
c3:00:39:f0:02:e7:6b:df:24:b3:79:9f:bd:07:36:6a:cf:8c:
6d:c7:48:ec:5b:f7:9c:5f:44:c4:f3:5f:be:83:94:8c:70:39:
9e:72:8f:54:8e:c1:05:ab:df:16:d1:c8:86:bd:d1:a7:47:1b:
90:c4:e4:12:45:5b:74:eb:9d:11:03:6d:b4:10:c7:eb:89:f4:
7a:b3:a4:a8:c4:11:ee:a4:8c:ab:26:70:f9:73:ba:d3:82:43:
ed:f4:58:31:e6:86:f8:f6:02:93:37:7c:90:8e:65:03:2e:6d:
f1:35:e1:0e:67:70:82:83:d0:8d:af:d9:63:b0:fe:53:89:36:
9a:c6:bc:07:a5:16:80:9d:2e:8b:18:94:83:78:78:a1:9f:c7:
35:0f:e6:8c:75:ac:61:a7:bd:60:ac:ed:13:9b:db:6d:04:8d:
54:3f:bc:99:e0:af:b6:c7:dc:5c:68:81:17:04:ef:53:b6:89:
97:08:94:a1:9e:a9:65:8c:03:b5:c6:f8:94:23:57:c2:74:0a:
33:74:4d:e4:20:65:84:e7:e0:60:9e:13:b3:34:ef:1d:42:8d:
0f:8a:70:b8:78:17:43:38:cb:72:d7:cb:c3:ff:37:f4:3c:64:
37:47:66:f8:2c:f3:7b:1d:cc:99:eb:9a:58:74:99:64:fc:a2:
32:69:46:54
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQfcM4fs1EIoxfAogvIHX4UkJg38wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5YjM3MjM3NTU3OTJlMjc4NzM0OWFjYWZkYTAwODhkYzk0MDIxYTY0NDJk
ZTIyNTMzYzJjMmEzNDA1MDVmYjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOBl/6IYCFOLbYU65hCQEVvnxQNkBGyORvgd1MSMxeWHp0CthI2Dlr5QPWNo
QExbITMdYWNT711+0Pfk6r9G+yTtQdSYR3ehmU/ANs989HKLapSY357iBbXm5O2U
9049qrf0YLFpkPGuOtklaLjNH/MKs7wxi8k1ZCsVnTi5Uj3BLgMRriaA2zdK/6ay
neu5Sc23CJEHOz9lFSaNy86ZvYvATXhabgNQf+pLDrFa/q2N2T+W1FH/5h872+az
jstB6u/jJv5Z6D937I5nqmNG9vlV2eXj3pw4hrYnhS7ZUyhqv1SiF9r639FcTT8b
4uL56LWbVzmDopLbAA1KnpAWN80CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQGCCgd
bVvL0XLn3bY5NwPlCT4ewTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2JmMmEyNGMtOTQyYi00ODBhLWFlMTctYzUzNGZiNWE4OGFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hvg
MA0GCSqGSIb3DQEBCwUAA4IBAQDDADnwAudr3ySzeZ+9BzZqz4xtx0jsW/ecX0TE
81++g5SMcDmeco9UjsEFq98W0ciGvdGnRxuQxOQSRVt0650RA220EMfrifR6s6So
xBHupIyrJnD5c7rTgkPt9Fgx5ob49gKTN3yQjmUDLm3xNeEOZ3CCg9CNr9ljsP5T
iTaaxrwHpRaAnS6LGJSDeHihn8c1D+aMdaxhp71grO0Tm9ttBI1UP7yZ4K+2x9xc
aIEXBO9TtomXCJShnqlljAO1xviUI1fCdAozdE3kIGWE5+BgnhOzNO8dQo0PinC4
eBdDOMty18vD/zf0PGQ3R2b4LPN7HcyZ65pYdJlk/KIyaUZU
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org