Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
File: 4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa (raw, json)
Hash identifier: smTlKsifYvhlN9Ne7deb9Ua29N5e8fttoc5CBZ6xYNI=
Subject key identifier: 6C:33:F3:8D:1B:7B:06:A1:5F:06:98:EA:82:59:FF:02:D1:7D:1F:3B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 23C7529E7C793E93A476837AE2F6010726E454C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:c7:52:9e:7c:79:3e:93:a4:76:83:7a:e2:f6:01:07:26:e4:54:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=7a01595b23e7db5db3999a3855853009c0f72b60a416e34b331ddb3062eba02d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:03:e7:24:69:9f:68:1d:62:cf:1e:c2:c4:2e:
1c:65:02:93:a1:1e:8b:a1:90:ae:ff:c3:b4:90:b1:
f1:c4:0e:87:13:de:7a:d5:52:74:76:7b:bf:05:6b:
54:3c:e5:c7:98:3f:f9:32:5e:9d:7b:fc:04:d8:26:
f8:35:2f:35:0e:41:32:3f:39:a7:ff:13:53:39:6c:
27:e0:7c:21:40:cd:4b:05:eb:59:9f:0d:ba:95:5c:
b2:25:0b:d9:9a:bc:e5:4a:5e:81:68:33:4e:63:08:
91:a0:cc:47:8e:70:00:b4:01:81:9c:21:b7:a1:2b:
ca:d8:ec:bc:7a:a6:95:a9:09:94:51:00:47:8d:3f:
9b:8f:85:72:89:72:7d:e4:4f:0b:61:4c:e0:39:52:
02:ef:9a:8d:f7:d1:47:59:df:65:2a:09:17:f9:03:
b0:10:6a:aa:7e:cd:42:6b:9c:94:af:f4:34:be:65:
dc:1d:14:fa:30:68:59:48:13:cd:00:d0:6e:7b:33:
fe:bf:aa:ca:3d:53:14:f2:53:f9:95:ec:99:54:39:
d3:97:83:61:93:f8:9b:6b:8f:61:a8:b1:fb:f0:14:
dc:69:84:51:75:58:51:27:ab:92:4a:9b:91:20:ee:
64:6d:35:c8:50:86:d3:5d:82:47:6b:92:64:b1:dc:
d0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:33:F3:8D:1B:7B:06:A1:5F:06:98:EA:82:59:FF:02:D1:7D:1F:3B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:c000::/40
Signature Algorithm: sha256WithRSAEncryption
ae:24:15:1b:51:56:9b:99:c5:e0:87:b5:75:cf:8a:31:a9:4e:
94:c2:49:d2:16:f3:a0:57:6d:0c:8f:00:c6:2f:3c:cf:87:e0:
7c:fe:a1:cc:d9:2f:19:89:c1:cc:02:0d:15:b9:97:75:9e:94:
20:26:65:38:e3:2d:e5:56:2d:1f:a4:9e:99:9d:77:20:f1:85:
bc:d5:4a:29:65:c6:bf:41:8a:73:af:e4:60:9d:67:82:6b:a2:
3d:30:c0:4b:7d:09:97:00:35:a5:fe:3a:ae:0b:d1:c5:06:45:
d3:fa:30:1b:e3:cb:bb:74:76:0a:01:a4:6d:dd:59:4d:0e:96:
f3:a8:c3:99:90:a8:5b:1e:e4:d6:bf:e4:da:f6:9a:db:6c:2b:
0a:1d:2c:68:d5:b3:0c:6c:d6:89:64:d2:66:93:02:0f:50:e5:
a4:29:4e:a5:cb:13:d8:55:bf:1a:22:2a:03:bf:74:39:f1:5b:
9a:84:e0:be:20:64:67:9d:cf:5c:8f:ca:b7:c4:98:6e:4f:66:
b3:03:2b:70:30:d9:77:9f:93:6b:9d:a7:29:0b:69:af:51:dd:
f7:4c:75:e2:0e:7e:96:09:12:74:d8:98:ae:65:e7:90:63:7c:
f3:14:ba:13:6b:ac:00:44:89:cc:11:a4:b4:00:6a:37:55:de:
d5:68:92:89
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUI8dSnnx5PpOkdoN64vYBBybkVMkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhMDE1OTViMjNlN2RiNWRiMzk5OWEzODU1ODUzMDA5YzBmNzJiNjBhNDE2
ZTM0YjMzMWRkYjMwNjJlYmEwMmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOgD5yRpn2gdYs8ewsQuHGUCk6Eei6GQrv/DtJCx8cQOhxPeetVSdHZ7vwVr
VDzlx5g/+TJenXv8BNgm+DUvNQ5BMj85p/8TUzlsJ+B8IUDNSwXrWZ8NupVcsiUL
2Zq85UpegWgzTmMIkaDMR45wALQBgZwht6ErytjsvHqmlakJlFEAR40/m4+Fcoly
feRPC2FM4DlSAu+ajffRR1nfZSoJF/kDsBBqqn7NQmuclK/0NL5l3B0U+jBoWUgT
zQDQbnsz/r+qyj1TFPJT+ZXsmVQ505eDYZP4m2uPYaix+/AU3GmEUXVYUSerkkqb
kSDuZG01yFCG012CR2uSZLHc0AECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRsM/ON
G3sGoV8GmOqCWf8C0X0fOzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFkNGIxZDUtMTczZS00YzEzLTgwMzItYWIyZGQxZmFmZWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FDA
MA0GCSqGSIb3DQEBCwUAA4IBAQCuJBUbUVabmcXgh7V1z4oxqU6UwknSFvOgV20M
jwDGLzzPh+B8/qHM2S8ZicHMAg0VuZd1npQgJmU44y3lVi0fpJ6ZnXcg8YW81Uop
Zca/QYpzr+RgnWeCa6I9MMBLfQmXADWl/jquC9HFBkXT+jAb48u7dHYKAaRt3VlN
DpbzqMOZkKhbHuTWv+Ta9prbbCsKHSxo1bMMbNaJZNJmkwIPUOWkKU6lyxPYVb8a
IioDv3Q58VuahOC+IGRnnc9cj8q3xJhuT2azAytwMNl3n5NrnacpC2mvUd33THXi
Dn6WCRJ02JiuZeeQY3zzFLoTa6wARInMEaS0AGo3Vd7VaJKJ
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org