Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3d952455-9c5f-4fa9-88c0-abed2531b77e.roa
File: 3d952455-9c5f-4fa9-88c0-abed2531b77e.roa (raw, json)
Hash identifier: DmFvtbiq4LsResFXbbLbLbENHr6oDfXT3ipnRFzyZMU=
Subject key identifier: 26:92:BB:93:8D:69:63:DE:47:78:5B:D3:0A:8A:B8:7F:55:1D:AB:EE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2DE0066AA283B0D72AFB510E888F96D4DBB3B4F8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3d952455-9c5f-4fa9-88c0-abed2531b77e.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:e0:06:6a:a2:83:b0:d7:2a:fb:51:0e:88:8f:96:d4:db:b3:b4:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=b849e9985fce2020a1add01667229701fc05ab575c921a130007ddf3d5fb946a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5b:bb:b4:9d:31:16:4d:32:ab:5a:33:5e:46:
57:8f:39:6f:80:7e:1d:b4:48:87:f8:8d:66:35:28:
3d:6c:22:96:86:6f:36:b5:6e:b6:c5:fb:00:eb:93:
2d:64:19:2b:e1:64:4b:cf:06:45:17:55:2b:35:d5:
cb:9d:f6:c4:b0:62:6f:8a:a8:a4:a2:10:20:13:3c:
09:14:6c:39:0c:db:89:cc:38:76:ca:dc:60:cb:6d:
c6:12:e2:b4:77:ad:88:94:8f:1c:3c:dd:0a:f1:42:
2e:fd:34:65:a8:a4:23:e5:59:92:40:b9:d6:41:14:
fa:bf:14:8d:e3:f9:a4:cb:fc:b6:7d:ac:82:5b:7b:
04:cb:1f:e9:3c:c2:32:b7:49:ee:ea:93:f6:c6:ce:
64:16:9b:4c:c6:a6:25:77:94:7d:4b:f1:50:9f:87:
0e:3d:7a:e2:45:1a:91:e1:ca:22:05:07:70:02:63:
7d:d3:9d:4b:23:60:9b:8e:65:9e:d4:ca:cd:26:b6:
9b:cc:51:59:33:ec:1f:45:f1:29:29:f0:d1:20:c0:
bd:91:8c:cc:20:55:a5:15:77:97:4f:2d:f5:04:fa:
a9:26:0f:67:b7:9f:87:95:b6:c2:4b:21:b4:a1:7c:
99:b5:92:e9:cd:80:13:1a:f7:e1:4c:73:fd:1c:c1:
c6:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:92:BB:93:8D:69:63:DE:47:78:5B:D3:0A:8A:B8:7F:55:1D:AB:EE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3d952455-9c5f-4fa9-88c0-abed2531b77e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:5000::/40
Signature Algorithm: sha256WithRSAEncryption
30:f7:38:c2:13:86:69:5b:7d:8a:df:9a:2f:60:9e:fa:ea:58:
56:97:d6:3d:8b:e9:49:87:c8:a4:60:01:99:d7:57:13:f2:63:
2f:f7:8b:06:5a:a1:94:06:06:c9:30:80:37:a3:12:e6:c0:86:
7f:23:bb:26:6d:26:e0:d7:d8:50:5c:36:f7:3b:12:b6:00:fa:
08:1a:05:05:3a:76:d2:01:41:b0:ba:8e:c8:49:a7:93:c8:1a:
fa:7e:d0:bc:d1:98:30:85:77:ec:78:16:36:09:09:01:92:17:
3a:db:aa:14:5d:fe:68:70:cb:6a:a5:45:59:f9:5e:46:4d:df:
26:43:97:e5:b4:3c:eb:71:68:02:68:7f:1d:30:46:5d:aa:4a:
04:64:51:96:e4:88:c7:fa:09:e8:67:1f:87:44:46:35:89:ce:
33:5d:72:76:73:24:98:44:90:ca:34:5b:27:03:5c:d5:6b:4f:
06:fd:4c:29:c1:1b:d5:5c:07:ac:fc:e6:cd:bc:f7:28:5c:8f:
ff:b9:cb:0e:76:3c:f1:99:7c:75:c1:4a:cd:03:d7:3e:62:96:
dc:cb:03:ee:16:01:71:68:c3:f2:b9:28:69:1e:44:11:ee:42:
c9:43:a0:b2:4d:79:b5:ea:aa:b4:ad:30:77:4a:cc:d4:62:7a:
4b:29:a3:66
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULeAGaqKDsNcq+1EOiI+W1NuztPgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4NDllOTk4NWZjZTIwMjBhMWFkZDAxNjY3MjI5NzAxZmMwNWFiNTc1Yzky
MWExMzAwMDdkZGYzZDVmYjk0NmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZbu7SdMRZNMqtaM15GV485b4B+HbRIh/iNZjUoPWwiloZvNrVutsX7AOuT
LWQZK+FkS88GRRdVKzXVy532xLBib4qopKIQIBM8CRRsOQzbicw4dsrcYMttxhLi
tHetiJSPHDzdCvFCLv00ZaikI+VZkkC51kEU+r8UjeP5pMv8tn2sglt7BMsf6TzC
MrdJ7uqT9sbOZBabTMamJXeUfUvxUJ+HDj164kUakeHKIgUHcAJjfdOdSyNgm45l
ntTKzSa2m8xRWTPsH0XxKSnw0SDAvZGMzCBVpRV3l08t9QT6qSYPZ7efh5W2wksh
tKF8mbWS6c2AExr34Uxz/RzBxpsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQmkruT
jWlj3kd4W9MKirh/VR2r7jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Q5NTI0NTUtOWM1Zi00ZmE5LTg4YzAtYWJlZDI1MzFiNzdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HlQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAw9zjCE4ZpW32K35ovYJ766lhWl9Y9i+lJh8ik
YAGZ11cT8mMv94sGWqGUBgbJMIA3oxLmwIZ/I7smbSbg19hQXDb3OxK2APoIGgUF
OnbSAUGwuo7ISaeTyBr6ftC80ZgwhXfseBY2CQkBkhc626oUXf5ocMtqpUVZ+V5G
Td8mQ5fltDzrcWgCaH8dMEZdqkoEZFGW5IjH+gnoZx+HREY1ic4zXXJ2cySYRJDK
NFsnA1zVa08G/UwpwRvVXAes/ObNvPcoXI//ucsOdjzxmXx1wUrNA9c+YpbcywPu
FgFxaMPyuShpHkQR7kLJQ6CyTXm16qq0rTB3SszUYnpLKaNm
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:29 2023 by rpki-client on console-fra.rpki-client.org