Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
File: 4aa6172c-f263-4645-8d7a-40a15aee233f.roa (raw, json)
Hash identifier: Y1C48Y1Z4ZWNgKfQaiM6NMUJPdFsFLY58acNI5qim0A=
Subject key identifier: 19:59:C8:C5:B7:91:F0:EE:F7:6D:99:23:9E:F2:F8:BB:93:65:C5:B9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4571D84BD5F26059340420BB63BC8FAEBC81B854
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:71:d8:4b:d5:f2:60:59:34:04:20:bb:63:bc:8f:ae:bc:81:b8:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=067741fe23015c09d6923584ce219e8cb42d6c17b1241a335cbffa87a9f40ee6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f7:61:f6:cf:27:7e:48:af:37:d8:a1:a6:0e:
97:a5:93:a4:67:aa:ec:02:80:dd:dd:db:4b:ad:54:
3c:31:8a:34:31:30:bc:aa:ef:1c:9f:e2:a0:e7:5b:
ef:7d:39:52:53:f4:69:e0:a2:0e:5f:e8:c1:32:bd:
e3:59:43:df:c6:de:73:f5:8e:f0:63:f6:ee:de:36:
4a:d1:fd:58:e0:90:83:94:f7:2b:f7:f1:ae:5f:b8:
07:6e:28:ce:02:68:8a:88:14:6b:85:a4:af:f0:62:
88:ac:fd:22:04:ae:8d:13:4a:85:32:10:e1:f2:9b:
f8:a5:42:80:02:f6:16:a6:20:ef:4b:17:b7:29:00:
7b:20:14:57:a3:26:e8:04:1a:64:74:e9:9b:0b:6e:
b0:d9:4f:af:86:96:c4:e2:c6:a8:95:8c:7e:db:3d:
e7:1b:ca:20:b1:f6:fb:7f:ac:b8:ef:aa:d0:4e:c7:
c3:3c:1a:b9:e6:ba:bd:60:cc:ae:28:d9:50:f2:47:
d2:be:6b:55:29:8b:89:21:67:e1:9c:cd:64:28:64:
19:78:77:9f:7d:27:27:bf:c9:77:34:3c:44:27:88:
e8:50:7f:aa:8b:54:b9:8b:e9:c9:3f:d6:3c:46:32:
ed:4a:01:73:5d:78:04:ee:d6:df:de:c1:af:32:b2:
11:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:59:C8:C5:B7:91:F0:EE:F7:6D:99:23:9E:F2:F8:BB:93:65:C5:B9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:8000::/40
Signature Algorithm: sha256WithRSAEncryption
94:ee:6e:2f:99:1c:12:00:03:98:ed:58:a8:3d:65:47:19:75:
e8:58:52:fd:0d:0c:d6:67:ca:a9:9c:11:7a:43:89:ba:64:02:
20:82:1f:80:6e:66:7e:0a:b3:ce:eb:1c:80:9e:77:6e:13:6e:
81:e1:a6:f7:0f:c6:e6:dc:3c:80:ac:3e:9f:9e:d3:51:da:01:
e6:06:99:bf:42:1e:db:18:81:b2:4e:c1:2c:11:5f:fe:11:dc:
53:66:0e:3d:9e:4b:ed:63:35:26:32:b3:e0:c4:ab:18:45:07:
9e:f8:b7:dc:cd:2c:c6:af:d3:e1:2a:0a:8a:61:ac:3a:dc:56:
58:7f:c7:e4:c7:c6:bc:92:95:c0:f7:c3:ba:55:ff:de:a8:e1:
38:f2:4f:e8:3e:2b:18:5f:5f:ca:81:8a:b6:33:3e:fa:ee:95:
fa:4e:53:ed:4a:49:db:c1:b9:26:e5:52:17:ba:f1:81:77:e0:
ed:64:6a:e1:ca:ff:9d:03:3a:38:42:4e:e1:a4:92:ac:1f:dc:
ba:61:15:9f:5a:19:9d:ee:25:63:e3:3e:5b:8b:45:17:4a:dc:
c8:7b:da:9e:ed:0e:f2:df:97:42:65:78:e9:45:48:4b:e5:7c:
d9:2f:18:3c:00:1b:38:c6:f5:fa:a4:bb:3f:82:0c:5e:67:7f:
90:c7:90:7c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURXHYS9XyYFk0BCC7Y7yPrryBuFQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2Nzc0MWZlMjMwMTVjMDlkNjkyMzU4NGNlMjE5ZThjYjQyZDZjMTdiMTI0
MWEzMzVjYmZmYTg3YTlmNDBlZTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKj3YfbPJ35IrzfYoaYOl6WTpGeq7AKA3d3bS61UPDGKNDEwvKrvHJ/ioOdb
7305UlP0aeCiDl/owTK941lD38bec/WO8GP27t42StH9WOCQg5T3K/fxrl+4B24o
zgJoiogUa4Wkr/BiiKz9IgSujRNKhTIQ4fKb+KVCgAL2FqYg70sXtykAeyAUV6Mm
6AQaZHTpmwtusNlPr4aWxOLGqJWMfts95xvKILH2+3+suO+q0E7Hwzwauea6vWDM
rijZUPJH0r5rVSmLiSFn4ZzNZChkGXh3n30nJ7/JdzQ8RCeI6FB/qotUuYvpyT/W
PEYy7UoBc114BO7W397BrzKyET8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQZWcjF
t5Hw7vdtmSOe8vi7k2XFuTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFhNjE3MmMtZjI2My00NjQ1LThkN2EtNDBhMTVhZWUyMzNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGA
MA0GCSqGSIb3DQEBCwUAA4IBAQCU7m4vmRwSAAOY7VioPWVHGXXoWFL9DQzWZ8qp
nBF6Q4m6ZAIggh+AbmZ+CrPO6xyAnnduE26B4ab3D8bm3DyArD6fntNR2gHmBpm/
Qh7bGIGyTsEsEV/+EdxTZg49nkvtYzUmMrPgxKsYRQee+LfczSzGr9PhKgqKYaw6
3FZYf8fkx8a8kpXA98O6Vf/eqOE48k/oPisYX1/KgYq2Mz767pX6TlPtSknbwbkm
5VIXuvGBd+DtZGrhyv+dAzo4Qk7hpJKsH9y6YRWfWhmd7iVj4z5bi0UXStzIe9qe
7Q7y35dCZXjpRUhL5XzZLxg8ABs4xvX6pLs/ggxeZ3+Qx5B8
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org