Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
File: 408fc879-4db9-446c-bdb3-37bf4ee28c97.roa (raw, json)
Hash identifier: gol1OLsz7FJdglbGvVCNU1yp1uCoek6ZIa3LloB+3sE=
Subject key identifier: 9D:31:97:15:0F:C5:38:F7:9F:AE:79:7B:7D:08:BB:DB:7C:84:66:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04B97CC2BFFD92160944AF93F411702E5D28BF40
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:b9:7c:c2:bf:fd:92:16:09:44:af:93:f4:11:70:2e:5d:28:bf:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=f001bc7eff2a5f8aa9faa5b95c2918683a2ca118129028cfbb69d187fb30ccfa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c8:b2:9d:61:89:8e:f7:fe:95:e8:d3:c1:38:
f0:a1:c5:07:c4:a3:58:ec:3c:60:d3:68:95:6f:e3:
39:a2:5b:15:c4:da:94:43:f2:21:86:84:28:b2:a4:
4e:89:83:33:07:21:f6:a9:92:69:61:e7:bc:dc:8f:
76:20:ed:f8:93:df:6c:3e:7a:49:56:26:e6:8b:c5:
b3:30:fc:00:c4:ad:b0:9e:50:a9:88:c5:a9:1a:78:
e0:69:b5:3f:f1:df:29:2f:21:bc:2e:d8:7a:8d:bc:
45:bf:9b:0d:f3:8c:43:4f:87:ad:58:c6:8f:93:2b:
21:97:8a:3f:00:5a:5f:55:36:ac:c3:b9:67:a7:71:
a7:91:0f:79:a7:11:17:f5:0e:7a:df:9b:fa:fa:97:
56:67:6b:b8:a3:03:1a:78:4a:f6:e2:a8:ad:e2:71:
02:32:8b:1d:6f:e1:0c:07:51:64:39:85:38:fb:a5:
31:5c:e9:72:f9:e0:96:af:58:1a:4d:46:eb:68:b2:
67:ef:11:10:cf:32:14:10:32:33:a8:63:2a:90:1b:
91:c0:74:d3:3c:2c:2a:96:50:5d:69:33:c9:2d:1c:
59:37:be:5f:b7:46:5d:1b:01:62:ce:6f:cf:98:40:
29:4a:d4:b3:93:c9:f1:00:3b:1b:61:46:ec:0a:6d:
7f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:31:97:15:0F:C5:38:F7:9F:AE:79:7B:7D:08:BB:DB:7C:84:66:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:a000::/40
Signature Algorithm: sha256WithRSAEncryption
72:66:78:a0:80:f9:ed:38:73:22:8a:e4:da:87:40:ff:49:12:
0c:c3:3f:0e:74:4c:e2:21:d0:b1:30:40:50:ea:50:b8:79:57:
24:70:5f:8f:c5:a0:4c:ca:e9:f5:24:f1:cb:20:be:06:c8:1b:
88:98:7c:06:9f:91:5f:6e:1a:8c:97:91:ef:c6:1c:8f:23:98:
2e:b0:07:4f:2f:4d:58:96:91:65:fb:5e:c3:fb:67:d3:99:ec:
18:2b:da:86:b3:10:ea:4d:f0:cb:40:aa:e6:83:38:78:10:c1:
5e:ba:9b:c6:2a:65:31:b0:01:eb:04:37:47:31:bd:59:93:9b:
c3:34:d9:5e:67:4a:5d:4f:cf:cd:ec:1f:cd:f5:37:e1:33:42:
a6:4d:f8:28:e2:97:a7:e9:dc:61:3d:77:91:88:2b:c6:6b:4d:
31:cb:4c:8b:c5:1a:2f:e4:a9:f2:82:b4:90:da:4b:e7:3a:95:
3d:7a:db:04:c0:00:67:3a:2e:88:b3:8f:f6:5d:e6:87:ff:2e:
55:39:db:ba:9e:25:fe:9d:ed:f2:95:ab:d7:5c:88:d1:70:c1:
c6:cf:c6:8e:71:24:b1:8e:be:1e:a8:e6:7c:c5:c6:32:4a:13:
1c:32:19:fa:8e:e3:04:41:00:1c:d5:c7:29:69:ef:c3:6b:63:
6f:8e:7c:4a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBLl8wr/9khYJRK+T9BFwLl0ov0AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwMDFiYzdlZmYyYTVmOGFhOWZhYTViOTVjMjkxODY4M2EyY2ExMTgxMjkw
MjhjZmJiNjlkMTg3ZmIzMGNjZmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOTIsp1hiY73/pXo08E48KHFB8SjWOw8YNNolW/jOaJbFcTalEPyIYaEKLKk
TomDMwch9qmSaWHnvNyPdiDt+JPfbD56SVYm5ovFszD8AMStsJ5QqYjFqRp44Gm1
P/HfKS8hvC7Yeo28Rb+bDfOMQ0+HrVjGj5MrIZeKPwBaX1U2rMO5Z6dxp5EPeacR
F/UOet+b+vqXVmdruKMDGnhK9uKoreJxAjKLHW/hDAdRZDmFOPulMVzpcvnglq9Y
Gk1G62iyZ+8REM8yFBAyM6hjKpAbkcB00zwsKpZQXWkzyS0cWTe+X7dGXRsBYs5v
z5hAKUrUs5PJ8QA7G2FG7Aptf3ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSdMZcV
D8U495+ueXt9CLvbfIRmDTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA4ZmM4NzktNGRiOS00NDZjLWJkYjMtMzdiZjRlZTI4Yzk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hqg
MA0GCSqGSIb3DQEBCwUAA4IBAQByZniggPntOHMiiuTah0D/SRIMwz8OdEziIdCx
MEBQ6lC4eVckcF+PxaBMyun1JPHLIL4GyBuImHwGn5FfbhqMl5HvxhyPI5gusAdP
L01YlpFl+17D+2fTmewYK9qGsxDqTfDLQKrmgzh4EMFeupvGKmUxsAHrBDdHMb1Z
k5vDNNleZ0pdT8/N7B/N9TfhM0KmTfgo4pen6dxhPXeRiCvGa00xy0yLxRov5Kny
grSQ2kvnOpU9etsEwABnOi6Is4/2XeaH/y5VOdu6niX+ne3ylavXXIjRcMHGz8aO
cSSxjr4eqOZ8xcYyShMcMhn6juMEQQAc1ccpae/Da2NvjnxK
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org