Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa
File: 4dc2c958-c749-4f2f-a83c-b419f7f45487.roa (raw, json)
Hash identifier: Nctd6TbXObzfdKKd2M0nGiuAPfdQ2XHaDr0IGEzBFHI=
Subject key identifier: 25:C6:13:4F:23:85:B8:35:0F:2A:68:B6:5D:D2:23:38:78:33:9A:EF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4ABE173E3D62C940E90CA8B92430688658A2E798
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:be:17:3e:3d:62:c9:40:e9:0c:a8:b9:24:30:68:86:58:a2:e7:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=2e229fa05b52c3905a989329587ca7aa649b2f63234ab3fb3b4991917577873c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:75:ed:6c:17:7e:bf:40:99:05:e4:32:bd:29:
67:eb:3f:18:59:d3:16:7c:ee:a7:1a:95:0a:4b:03:
11:69:e7:6a:18:a7:ff:43:aa:4d:5d:4b:f3:57:15:
5a:95:88:68:4d:03:63:9c:a8:5b:d9:0a:cf:83:89:
9d:b5:c7:18:37:cb:ee:91:84:90:2b:2f:00:e6:f4:
60:7d:3b:63:74:c2:42:75:e6:69:6e:76:ac:e1:c3:
20:b4:05:41:95:e2:9c:56:e5:67:69:79:f0:e2:0c:
8a:e5:64:5a:7b:90:1e:e4:30:97:94:d0:95:0b:45:
45:40:a3:f0:c2:31:5d:52:b0:ee:0f:09:31:29:55:
00:6a:07:c4:f1:55:c9:8a:91:ff:13:71:db:6c:74:
9c:9e:36:66:69:7e:d0:b1:d6:cc:6e:c1:99:82:35:
fa:56:60:0d:7e:07:d3:63:95:34:f4:ad:f3:82:67:
63:9d:6c:f6:14:c9:74:76:71:2e:e1:d9:64:35:55:
85:30:85:d0:79:ee:21:91:9f:ea:68:53:3f:93:b0:
70:da:3c:f0:ca:cf:9c:85:42:e4:53:ec:5f:a6:64:
0d:07:56:dd:1c:86:21:21:6e:b0:cd:e9:be:40:01:
76:98:8e:4f:1c:2d:b7:36:c0:f9:3e:2f:e3:62:c6:
57:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:C6:13:4F:23:85:B8:35:0F:2A:68:B6:5D:D2:23:38:78:33:9A:EF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:e000::/40
Signature Algorithm: sha256WithRSAEncryption
73:67:19:ab:f0:1a:c9:28:cf:b5:ef:01:30:07:a9:ea:2e:9d:
9b:9d:a2:84:38:9d:8f:67:94:6b:21:e4:cd:41:46:9d:37:df:
cd:2f:ce:32:41:31:90:42:02:21:e4:a3:16:5a:9a:fa:bb:c3:
02:d2:11:a0:66:e1:a3:15:ef:c3:7c:a6:74:09:f7:83:ac:28:
04:7d:44:0c:c2:cc:94:c3:e6:20:46:bf:29:cd:04:b6:f4:f5:
2c:8b:05:15:b5:66:d9:70:6c:64:df:b7:5f:fe:25:e9:b0:69:
ba:55:9b:ec:58:d5:ca:5d:45:b1:b8:7b:b5:b0:b0:e3:14:0f:
6b:95:96:93:ef:1c:91:6a:4a:7e:c4:18:d7:e5:80:35:12:e9:
9e:1e:d2:f0:30:0f:3e:d4:df:69:93:86:80:af:fd:c8:f1:58:
ef:c2:8e:d8:d8:d3:ea:64:c1:d4:00:6e:ec:77:2e:f2:f1:5d:
95:b7:3e:75:59:25:df:f6:3d:2f:9f:15:83:bc:30:95:6d:e1:
f7:79:a7:8a:9c:c5:c8:8d:23:d7:d3:c0:b4:80:4d:56:25:60:
2f:0a:38:7f:bd:a2:08:53:57:db:54:35:7e:8d:1e:09:ac:6e:
09:20:e6:e9:7c:31:3f:a8:47:44:ed:c0:98:b5:c2:65:c2:30:
91:6b:48:e1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSr4XPj1iyUDpDKi5JDBohlii55gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlMjI5ZmEwNWI1MmMzOTA1YTk4OTMyOTU4N2NhN2FhNjQ5YjJmNjMyMzRh
YjNmYjNiNDk5MTkxNzU3Nzg3M2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKN17WwXfr9AmQXkMr0pZ+s/GFnTFnzupxqVCksDEWnnahin/0OqTV1L81cV
WpWIaE0DY5yoW9kKz4OJnbXHGDfL7pGEkCsvAOb0YH07Y3TCQnXmaW52rOHDILQF
QZXinFblZ2l58OIMiuVkWnuQHuQwl5TQlQtFRUCj8MIxXVKw7g8JMSlVAGoHxPFV
yYqR/xNx22x0nJ42Zml+0LHWzG7BmYI1+lZgDX4H02OVNPSt84JnY51s9hTJdHZx
LuHZZDVVhTCF0HnuIZGf6mhTP5OwcNo88MrPnIVC5FPsX6ZkDQdW3RyGISFusM3p
vkABdpiOTxwttzbA+T4v42LGV9kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQlxhNP
I4W4NQ8qaLZd0iM4eDOa7zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGRjMmM5NTgtYzc0OS00ZjJmLWE4M2MtYjQxOWY3ZjQ1NDg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hrg
MA0GCSqGSIb3DQEBCwUAA4IBAQBzZxmr8BrJKM+17wEwB6nqLp2bnaKEOJ2PZ5Rr
IeTNQUadN9/NL84yQTGQQgIh5KMWWpr6u8MC0hGgZuGjFe/DfKZ0CfeDrCgEfUQM
wsyUw+YgRr8pzQS29PUsiwUVtWbZcGxk37df/iXpsGm6VZvsWNXKXUWxuHu1sLDj
FA9rlZaT7xyRakp+xBjX5YA1EumeHtLwMA8+1N9pk4aAr/3I8Vjvwo7Y2NPqZMHU
AG7sdy7y8V2Vtz51WSXf9j0vnxWDvDCVbeH3eaeKnMXIjSPX08C0gE1WJWAvCjh/
vaIIU1fbVDV+jR4JrG4JIObpfDE/qEdE7cCYtcJlwjCRa0jh
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org