Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa
File: 4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa (raw, json)
Hash identifier: TbpXbXxFS/jzjstTlUURn4oHrtyioYvZz0pGUXShrzA=
Subject key identifier: 38:F7:81:5A:A0:3E:F2:FF:BE:E6:36:C6:25:2B:28:8D:31:C4:E1:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 13CD521D95386E33212DFD53C4F78FB1333CD69A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:cd:52:1d:95:38:6e:33:21:2d:fd:53:c4:f7:8f:b1:33:3c:d6:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=6af51eda4b8405d9d6a9f998846b7882af7987f458fd50ec18e786820b353d9f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:6d:74:84:46:7b:87:5a:8b:1e:4b:a5:6c:4b:
ac:98:f4:8b:38:f7:22:93:0e:24:e2:b2:9f:18:3b:
5c:09:f0:1f:5f:b3:c6:ec:c5:79:2b:8a:6c:5c:69:
7d:24:15:ca:aa:7e:a8:b7:21:7d:86:8f:29:83:68:
4a:ae:da:d5:07:16:be:f5:4d:33:fc:ff:92:db:12:
5c:f5:dc:71:1b:29:6c:99:80:da:58:6d:f6:8a:c1:
8b:83:2d:4e:1f:92:88:a8:86:20:1f:8b:e5:71:7b:
ed:2f:51:9b:c6:b3:e6:93:90:e9:dc:e4:cd:2b:bf:
2d:90:88:6d:40:3d:fe:48:b4:4f:d2:b9:5e:c9:1d:
bf:9f:ba:07:e9:c8:f4:2a:b5:f2:bb:d3:96:99:02:
e5:02:c9:b5:42:b1:b6:b6:a5:d6:30:43:2b:16:a6:
94:6c:45:95:60:bb:b1:33:c2:a4:8c:03:d1:46:3c:
c7:c6:09:96:da:af:7f:ca:77:a8:80:21:ff:c4:c8:
91:64:ea:30:43:5e:aa:91:4a:0f:64:f9:a7:72:7c:
dc:e6:42:bb:a5:f6:ff:4a:36:a7:c2:53:d3:4d:7e:
d3:a4:44:75:9f:09:5a:ad:d5:4a:14:da:cd:c0:2c:
09:d0:90:22:0d:3f:a7:cc:5e:c1:04:62:bd:b3:bf:
a0:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:F7:81:5A:A0:3E:F2:FF:BE:E6:36:C6:25:2B:28:8D:31:C4:E1:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:8000::/40
Signature Algorithm: sha256WithRSAEncryption
aa:d8:a8:ce:fc:1f:e2:de:17:86:70:5f:12:3d:02:bd:53:d2:
63:77:9f:10:8d:90:ee:26:3d:d9:15:75:7a:4a:36:9d:81:a5:
4a:3c:f4:45:c9:a5:17:cc:02:d9:5a:e0:5a:6c:9f:2b:19:e2:
fa:35:26:b6:d0:50:6b:74:b1:79:59:80:7a:f6:71:a4:1c:6d:
6d:88:ac:91:c7:b7:9b:ea:d3:e3:31:67:3c:f4:f9:d6:2a:bb:
df:82:a0:3c:11:66:79:6f:93:f3:95:4a:26:a9:a7:e8:e7:20:
b1:32:7b:3b:9e:89:16:a3:57:c8:6d:e1:16:ce:b8:01:2f:a4:
5b:15:ac:6b:35:a1:29:1e:ad:de:27:d3:bc:60:b7:2f:73:e3:
c4:fe:b9:28:99:91:29:ed:0c:f3:5c:08:76:40:dd:84:87:c6:
58:3d:72:ea:2b:aa:7a:d9:d0:68:fe:71:8e:e5:97:92:0e:60:
4c:90:90:3f:b2:65:8e:b3:e6:b3:99:13:30:7a:5b:2a:eb:18:
54:95:a8:63:6e:28:c9:4c:ad:0c:80:c2:0f:4a:cb:10:09:a9:
b7:92:0e:4c:8f:15:c3:96:f5:ea:dc:71:40:4c:2a:ac:fc:e5:
46:8a:dd:e8:1f:89:e3:e1:9b:69:84:43:5a:df:c5:b7:15:94:
fc:71:c6:99
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE81SHZU4bjMhLf1TxPePsTM81powDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhZjUxZWRhNGI4NDA1ZDlkNmE5Zjk5ODg0NmI3ODgyYWY3OTg3ZjQ1OGZk
NTBlYzE4ZTc4NjgyMGIzNTNkOWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOFtdIRGe4daix5LpWxLrJj0izj3IpMOJOKynxg7XAnwH1+zxuzFeSuKbFxp
fSQVyqp+qLchfYaPKYNoSq7a1QcWvvVNM/z/ktsSXPXccRspbJmA2lht9orBi4Mt
Th+SiKiGIB+L5XF77S9Rm8az5pOQ6dzkzSu/LZCIbUA9/ki0T9K5Xskdv5+6B+nI
9Cq18rvTlpkC5QLJtUKxtral1jBDKxamlGxFlWC7sTPCpIwD0UY8x8YJltqvf8p3
qIAh/8TIkWTqMENeqpFKD2T5p3J83OZCu6X2/0o2p8JT001+06REdZ8JWq3VShTa
zcAsCdCQIg0/p8xewQRivbO/oLMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ494Fa
oD7y/77mNsYlKyiNMcThazAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGMyY2Y3YjYtM2ZiYi00ZDc0LTg4NmQtMjFjNThiMzQ3ZjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6A
MA0GCSqGSIb3DQEBCwUAA4IBAQCq2KjO/B/i3heGcF8SPQK9U9Jjd58QjZDuJj3Z
FXV6SjadgaVKPPRFyaUXzALZWuBabJ8rGeL6NSa20FBrdLF5WYB69nGkHG1tiKyR
x7eb6tPjMWc89PnWKrvfgqA8EWZ5b5PzlUomqafo5yCxMns7nokWo1fIbeEWzrgB
L6RbFaxrNaEpHq3eJ9O8YLcvc+PE/rkomZEp7QzzXAh2QN2Eh8ZYPXLqK6p62dBo
/nGO5ZeSDmBMkJA/smWOs+azmRMwelsq6xhUlahjbijJTK0MgMIPSssQCam3kg5M
jxXDlvXq3HFATCqs/OVGit3oH4nj4ZtphENa38W3FZT8ccaZ
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org