Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5082df94-4660-4774-b6d0-01ed17f52832.roa
File: 5082df94-4660-4774-b6d0-01ed17f52832.roa (raw, json)
Hash identifier: /mUBeDk3cMfiqyACwgZMvq0eOdFNPB8hZv4SMVXNFqg=
Subject key identifier: A7:3F:E8:D2:6C:7D:8F:D4:43:B9:F4:A1:95:4C:C3:31:AE:C3:4A:2F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4EA34CEDCBD3C7605F894C5ADD52D0C9C7D80D98
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5082df94-4660-4774-b6d0-01ed17f52832.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d025::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:a3:4c:ed:cb:d3:c7:60:5f:89:4c:5a:dd:52:d0:c9:c7:d8:0d:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=1af4319d2da235fbc8e1454897febdd279c4069ab393c6d6797c3a6bb3f027a3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7f:16:e2:38:65:a1:7c:30:cb:d0:ec:02:20:
03:9c:78:8e:89:35:ae:24:6c:af:b2:87:24:24:2b:
71:94:e8:7f:58:b3:92:e9:ac:8b:0a:d1:e0:0e:d5:
10:bf:66:67:e9:22:7a:40:57:02:11:39:5f:b8:5e:
e9:25:5d:15:7d:13:d8:6d:bf:2e:7a:4b:58:d0:ba:
46:59:cc:e1:b5:a6:5e:f8:67:a6:07:71:2f:d7:c3:
9d:5d:0a:69:4a:b2:35:58:67:53:8c:a0:9d:79:06:
2f:ab:62:ee:5b:07:f8:3e:c9:22:3c:78:56:c2:d2:
dc:85:6d:2b:02:fb:1c:05:4b:7f:78:c6:40:82:9a:
34:8e:39:82:27:dd:93:fa:d8:b0:7b:fe:23:a7:e4:
19:a6:7d:d0:12:90:f9:97:1b:7b:53:d1:f2:46:f8:
71:5e:86:13:73:35:1a:36:e6:fb:9b:30:88:46:81:
9f:e5:3c:33:75:11:14:4e:ba:b8:69:35:5b:01:16:
9b:5f:ae:42:81:75:0a:b6:b2:43:39:91:07:a5:ef:
a1:f3:3b:e7:a2:9d:ed:c9:ad:40:75:7f:90:2e:c7:
6e:ad:5f:e1:96:fc:c3:0f:27:ca:f8:14:75:6c:31:
36:08:4a:7b:4f:81:e2:10:64:61:3b:4b:c2:cc:1a:
70:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:3F:E8:D2:6C:7D:8F:D4:43:B9:F4:A1:95:4C:C3:31:AE:C3:4A:2F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5082df94-4660-4774-b6d0-01ed17f52832.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d025::/36
Signature Algorithm: sha256WithRSAEncryption
0f:34:cc:49:e9:66:f5:c6:ee:b5:de:86:ce:cc:b5:f6:ee:6f:
49:ee:cc:80:a0:b3:c5:60:c1:f3:e5:06:60:77:91:4a:4f:c5:
93:80:77:ab:e9:5b:71:06:a9:3f:7e:68:17:5b:c3:8d:4f:4f:
f4:50:02:19:02:4e:07:d0:31:d6:e0:91:71:b6:b0:fa:7d:3f:
bc:98:fc:bd:ef:60:fd:d8:e1:38:18:42:c0:ca:4a:52:27:d7:
2d:5b:ea:11:36:84:d5:db:94:bf:dc:e4:f7:fe:5a:a9:b7:65:
05:55:69:7b:4e:fc:b0:f3:bf:2c:c1:fb:12:ac:b5:b1:1c:e9:
69:34:cc:82:b8:0d:69:e8:b9:99:a7:86:88:53:21:57:4f:e9:
d5:d7:5b:12:96:ba:07:32:52:f4:a7:68:02:d9:00:fa:d5:8b:
4c:37:80:27:65:8e:7f:e7:23:1d:ff:33:a9:09:f0:c9:68:85:
df:35:55:73:2c:69:e5:f1:06:b5:d6:45:84:d3:88:88:20:26:
a0:49:e9:04:06:5f:de:3c:83:90:2a:c0:b0:75:7c:ca:68:64:
16:03:dc:78:ce:4d:71:0a:b2:08:7a:92:4c:25:86:85:89:c0:
03:62:1a:98:89:f2:ff:72:a6:d4:e9:41:db:2a:46:fc:75:32:
e5:89:aa:5a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTqNM7cvTx2BfiUxa3VLQycfYDZgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhZjQzMTlkMmRhMjM1ZmJjOGUxNDU0ODk3ZmViZGQyNzljNDA2OWFiMzkz
YzZkNjc5N2MzYTZiYjNmMDI3YTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM5/FuI4ZaF8MMvQ7AIgA5x4jok1riRsr7KHJCQrcZTof1izkumsiwrR4A7V
EL9mZ+kiekBXAhE5X7he6SVdFX0T2G2/LnpLWNC6RlnM4bWmXvhnpgdxL9fDnV0K
aUqyNVhnU4ygnXkGL6ti7lsH+D7JIjx4VsLS3IVtKwL7HAVLf3jGQIKaNI45gifd
k/rYsHv+I6fkGaZ90BKQ+Zcbe1PR8kb4cV6GE3M1Gjbm+5swiEaBn+U8M3URFE66
uGk1WwEWm1+uQoF1CrayQzmRB6XvofM756Kd7cmtQHV/kC7Hbq1f4Zb8ww8nyvgU
dWwxNghKe0+B4hBkYTtLwswacJ8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSnP+jS
bH2P1EO59KGVTMMxrsNKLzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTA4MmRmOTQtNDY2MC00Nzc0LWI2ZDAtMDFlZDE3ZjUyODMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUA
MA0GCSqGSIb3DQEBCwUAA4IBAQAPNMxJ6Wb1xu613obOzLX27m9J7syAoLPFYMHz
5QZgd5FKT8WTgHer6VtxBqk/fmgXW8ONT0/0UAIZAk4H0DHW4JFxtrD6fT+8mPy9
72D92OE4GELAykpSJ9ctW+oRNoTV25S/3OT3/lqpt2UFVWl7Tvyw878swfsSrLWx
HOlpNMyCuA1p6LmZp4aIUyFXT+nV11sSlroHMlL0p2gC2QD61YtMN4AnZY5/5yMd
/zOpCfDJaIXfNVVzLGnl8Qa11kWE04iIICagSekEBl/ePIOQKsCwdXzKaGQWA9x4
zk1xCrIIepJMJYaFicADYhqYifL/cqbU6UHbKkb8dTLliapa
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org