Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa
File: 44d8b686-7db5-4309-8f09-3af611be3753.roa (raw, json)
Hash identifier: T0JaUU3fwXD6VAGjwZ8clFjEhN7Nl33XPoA7RECHrds=
Subject key identifier: D3:DB:13:6F:F6:D0:B5:8C:D9:DB:E0:0F:1E:73:93:4C:01:35:15:2B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 01FED4DCC201413379A394A34E87C1827EDE2018
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:fe:d4:dc:c2:01:41:33:79:a3:94:a3:4e:87:c1:82:7e:de:20:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=9cb52a39175e7f11d406fc2e2fb1604f8e44d0a88af47ea0fe888bd0f5428f5a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:5c:06:f0:36:51:30:31:5d:99:a4:9b:29:71:
95:e4:4b:b0:94:39:dd:0e:07:49:7a:ea:14:1a:94:
44:b1:0d:52:44:0c:9a:a3:8b:7c:75:2f:17:55:64:
58:13:23:ca:0d:2e:2d:b4:29:f5:ac:ba:4f:ba:d6:
9a:3e:5a:f7:a4:40:f2:d6:a3:10:94:f5:fa:25:6d:
93:89:75:87:14:59:4f:2f:b3:80:19:25:4a:39:ef:
90:b7:28:b6:83:61:2a:51:34:48:04:a7:f0:f3:be:
38:e6:be:e3:2a:88:8d:d5:c0:8a:e6:81:d2:06:c3:
a6:68:1c:ec:ec:84:ba:b5:b9:a3:eb:35:dd:58:98:
4e:a7:c0:e5:80:38:20:58:4c:f6:41:a7:88:ee:85:
6e:cb:a0:3e:e4:01:4d:92:43:77:05:77:94:f9:7d:
1c:6d:d9:d9:7c:d2:9c:42:26:16:f6:53:27:98:9b:
29:ad:41:df:c8:24:60:b2:ee:04:b9:f0:44:b7:dc:
87:77:c3:6e:f2:35:1d:81:f7:33:e9:20:38:df:b7:
e7:f4:e5:e7:82:b4:ee:c2:97:bf:73:78:4f:b8:a5:
19:8f:20:7d:1d:09:79:f8:15:42:52:d6:2f:e0:d2:
30:05:b4:f9:e2:5b:c3:11:6f:fc:bf:bd:5f:32:e9:
ce:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:DB:13:6F:F6:D0:B5:8C:D9:DB:E0:0F:1E:73:93:4C:01:35:15:2B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:c000::/40
Signature Algorithm: sha256WithRSAEncryption
8e:20:19:0b:86:0a:c7:94:4c:5f:84:db:f1:93:56:f3:b9:a8:
e8:80:94:f7:3d:32:52:4e:8b:a2:15:17:d3:57:9e:a7:e5:f3:
58:de:1a:38:ba:f1:93:c9:5e:fa:8b:e2:e4:74:b9:9b:2a:0b:
94:db:84:83:c5:6b:37:01:49:29:6a:4f:6e:b4:f1:da:1c:af:
c3:4a:8f:fa:a7:41:0c:84:31:84:c4:43:07:d2:20:a3:2c:81:
6e:bd:82:3e:cd:0a:97:89:c0:2f:97:f9:f4:e8:a5:c6:89:d6:
79:03:3e:00:55:96:ce:55:64:dd:d8:f2:4d:d7:1e:25:90:58:
ca:65:32:76:b3:48:32:d7:52:e6:fb:64:05:03:6c:e8:b4:17:
ad:3b:9e:13:11:89:d3:20:be:8b:36:b1:cc:5a:82:88:a7:58:
b5:06:32:15:1e:a3:79:8f:c4:74:8c:8a:ee:68:62:b8:68:39:
af:93:38:2f:9b:33:20:27:61:b3:55:92:dc:38:b4:a9:5e:9f:
4d:4b:e0:54:0e:b7:f0:bb:f3:fc:f6:82:78:e9:35:b5:4b:0d:
0a:1d:13:be:fd:2d:b5:c3:74:ae:7a:e2:cf:0c:18:6f:17:cd:
24:f6:bd:d6:98:52:e0:9a:c3:82:5f:e2:de:0a:ea:be:e0:0d:
dc:cd:5f:47
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAf7U3MIBQTN5o5SjTofBgn7eIBgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDljYjUyYTM5MTc1ZTdmMTFkNDA2ZmMyZTJmYjE2MDRmOGU0NGQwYTg4YWY0
N2VhMGZlODg4YmQwZjU0MjhmNWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJNcBvA2UTAxXZmkmylxleRLsJQ53Q4HSXrqFBqURLENUkQMmqOLfHUvF1Vk
WBMjyg0uLbQp9ay6T7rWmj5a96RA8tajEJT1+iVtk4l1hxRZTy+zgBklSjnvkLco
toNhKlE0SASn8PO+OOa+4yqIjdXAiuaB0gbDpmgc7OyEurW5o+s13ViYTqfA5YA4
IFhM9kGniO6FbsugPuQBTZJDdwV3lPl9HG3Z2XzSnEImFvZTJ5ibKa1B38gkYLLu
BLnwRLfch3fDbvI1HYH3M+kgON+35/Tl54K07sKXv3N4T7ilGY8gfR0JefgVQlLW
L+DSMAW0+eJbwxFv/L+9XzLpziECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTT2xNv
9tC1jNnb4A8ec5NMATUVKzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDRkOGI2ODYtN2RiNS00MzA5LThmMDktM2FmNjExYmUzNzUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HrA
MA0GCSqGSIb3DQEBCwUAA4IBAQCOIBkLhgrHlExfhNvxk1bzuajogJT3PTJSToui
FRfTV56n5fNY3ho4uvGTyV76i+LkdLmbKguU24SDxWs3AUkpak9utPHaHK/DSo/6
p0EMhDGExEMH0iCjLIFuvYI+zQqXicAvl/n06KXGidZ5Az4AVZbOVWTd2PJN1x4l
kFjKZTJ2s0gy11Lm+2QFA2zotBetO54TEYnTIL6LNrHMWoKIp1i1BjIVHqN5j8R0
jIruaGK4aDmvkzgvmzMgJ2GzVZLcOLSpXp9NS+BUDrfwu/P89oJ46TW1Sw0KHRO+
/S21w3SueuLPDBhvF80k9r3WmFLgmsOCX+LeCuq+4A3czV9H
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:26 2023 by rpki-client on console-ams.rpki-client.org