Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55747491-79c7-4415-bf2a-87d19100b399.roa
File: 55747491-79c7-4415-bf2a-87d19100b399.roa (raw, json)
Hash identifier: ly4Jr8VFkKAKfowVK+9uQHsJHlgrzY0HL4xdrOw7u9g=
Subject key identifier: C5:FE:D4:D1:B0:EE:53:71:DF:C1:C2:E3:69:8E:BF:A9:BA:A1:B0:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 23FC378049165E6B7D822AB7B827A59E2BF930D4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55747491-79c7-4415-bf2a-87d19100b399.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:fc:37:80:49:16:5e:6b:7d:82:2a:b7:b8:27:a5:9e:2b:f9:30:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=bbab8b7f30eb9e8b828e438cce78de9a040d59201ffed838e77d93506b7c0f9d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:75:53:a7:06:8d:41:66:94:29:08:3e:bf:7f:
7e:c1:77:09:bf:13:89:a2:bc:2c:4f:e4:23:a4:69:
1b:e3:82:48:b5:ec:86:85:d3:82:f8:a2:33:be:af:
8e:25:96:b3:90:a6:fe:75:1b:e0:ca:86:32:66:17:
95:35:28:d9:81:e0:a0:1d:3e:3c:cb:42:60:08:ce:
aa:4d:de:30:ec:bd:d7:5e:7a:0f:1f:d3:2e:4c:99:
ce:47:2e:08:32:c5:cb:78:ca:96:f3:db:01:54:cf:
f0:b4:50:bb:e5:f6:d0:96:67:92:5e:8e:9b:58:9e:
a5:54:17:21:32:95:f7:cb:52:b3:cf:08:fa:6e:79:
97:99:47:54:f0:ff:36:a3:ca:56:7c:37:8e:7b:2b:
62:51:3d:b6:c0:2c:c2:b5:5e:4f:99:10:d6:9f:a3:
7e:fa:d1:b1:ef:b0:1e:52:af:f5:f0:08:98:1a:1a:
a3:7d:76:1d:41:df:4d:0d:43:31:3a:f4:7a:b0:1b:
7c:3e:c5:40:6e:14:21:fd:3e:a8:a0:d3:f8:49:35:
bf:f7:04:fa:21:76:1a:db:ac:28:29:9f:ab:0e:ff:
d2:d0:f7:99:fc:d2:8e:9d:55:89:7c:3f:c5:48:3c:
69:d0:56:5b:12:8f:03:78:bf:36:30:1c:56:e6:b5:
6d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:FE:D4:D1:B0:EE:53:71:DF:C1:C2:E3:69:8E:BF:A9:BA:A1:B0:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55747491-79c7-4415-bf2a-87d19100b399.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012::/36
Signature Algorithm: sha256WithRSAEncryption
7a:ff:bf:ba:e9:34:02:6a:96:b6:5d:cd:25:a1:c7:8b:fc:a2:
a3:01:69:cb:1d:c2:5e:75:8e:95:06:0d:49:c0:b1:4e:57:5e:
49:cd:10:f8:dd:1f:24:67:a4:fc:04:ac:da:2e:3a:96:50:f7:
5b:58:dd:33:34:f9:68:29:1b:28:61:eb:b1:af:15:13:d6:15:
21:bd:a9:20:c8:98:91:47:fd:d7:bd:5b:d7:35:65:e1:85:c4:
88:7b:e2:f3:b8:93:47:8f:75:47:9a:6a:d9:73:21:91:71:9d:
1d:89:68:d0:78:40:a4:c4:cb:e3:08:49:6b:fd:cf:e2:8a:31:
d3:e4:c3:91:11:34:c2:f8:e2:d1:51:b6:d8:bd:df:7d:58:e2:
9b:32:e4:d9:09:21:8c:de:13:f0:aa:50:b3:92:fb:2f:68:c6:
fe:71:74:4b:88:76:8c:19:e0:b6:9a:95:b2:05:90:7d:76:e1:
96:9c:04:6b:7d:1f:99:0b:8a:85:dc:88:77:24:08:1f:d7:12:
4d:25:0d:ca:e4:b5:06:34:ce:be:1e:bb:7d:88:40:38:49:ae:
87:bb:fe:94:45:b9:a7:e6:8e:f3:2e:3d:ea:12:c1:9c:02:00:
d5:6a:1a:9a:f2:b8:b0:25:eb:34:25:c8:fd:69:eb:98:6f:24:
f8:72:68:17
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUI/w3gEkWXmt9giq3uCelniv5MNQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiYWI4YjdmMzBlYjllOGI4MjhlNDM4Y2NlNzhkZTlhMDQwZDU5MjAxZmZl
ZDgzOGU3N2Q5MzUwNmI3YzBmOWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKN1U6cGjUFmlCkIPr9/fsF3Cb8TiaK8LE/kI6RpG+OCSLXshoXTgviiM76v
jiWWs5Cm/nUb4MqGMmYXlTUo2YHgoB0+PMtCYAjOqk3eMOy91156Dx/TLkyZzkcu
CDLFy3jKlvPbAVTP8LRQu+X20JZnkl6Om1iepVQXITKV98tSs88I+m55l5lHVPD/
NqPKVnw3jnsrYlE9tsAswrVeT5kQ1p+jfvrRse+wHlKv9fAImBoao312HUHfTQ1D
MTr0erAbfD7FQG4UIf0+qKDT+Ek1v/cE+iF2GtusKCmfqw7/0tD3mfzSjp1ViXw/
xUg8adBWWxKPA3i/NjAcVua1bakCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTF/tTR
sO5Tcd/BwuNpjr+puqGwuzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTU3NDc0OTEtNzljNy00NDE1LWJmMmEtODdkMTkxMDBiMzk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BIA
MA0GCSqGSIb3DQEBCwUAA4IBAQB6/7+66TQCapa2Xc0loceL/KKjAWnLHcJedY6V
Bg1JwLFOV15JzRD43R8kZ6T8BKzaLjqWUPdbWN0zNPloKRsoYeuxrxUT1hUhvakg
yJiRR/3XvVvXNWXhhcSIe+LzuJNHj3VHmmrZcyGRcZ0diWjQeECkxMvjCElr/c/i
ijHT5MORETTC+OLRUbbYvd99WOKbMuTZCSGM3hPwqlCzkvsvaMb+cXRLiHaMGeC2
mpWyBZB9duGWnARrfR+ZC4qF3Ih3JAgf1xJNJQ3K5LUGNM6+Hrt9iEA4Sa6Hu/6U
Rbmn5o7zLj3qEsGcAgDVahqa8riwJes0Jcj9aeuYbyT4cmgX
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org