Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
File: 5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa (raw, json)
Hash identifier: uLj7ODa+XwdX8JDD84OqIxqLS+QUzQ7iCtD3E1Qnbqs=
Subject key identifier: D6:0D:17:5D:A6:A4:EE:0F:35:F2:FF:D3:32:47:7D:BB:1D:B7:8D:93
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B299B41EC9C1FA0ED82518F92D63D04D871C9D3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:29:9b:41:ec:9c:1f:a0:ed:82:51:8f:92:d6:3d:04:d8:71:c9:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=e7c52211ba25b06ec59d934679c215ca56e101703f84ca4216c8e165bfc0b2b5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:62:6f:06:99:a5:54:b9:c5:33:b9:7c:81:c8:
53:c3:43:f4:a7:8f:ce:56:37:aa:d4:10:9e:28:3d:
56:78:c1:df:46:64:5c:1d:8b:05:f0:32:c3:ae:31:
15:98:01:54:f6:25:3f:83:07:9d:c9:95:28:7d:03:
5f:bc:50:ad:08:b1:1f:06:c4:76:1d:b2:8d:c6:c0:
13:52:79:90:81:e7:28:4d:1f:11:51:b4:8e:c6:8d:
d9:1e:b2:59:0e:e3:63:09:e7:0a:42:b9:e9:0e:2e:
7a:22:bb:c2:f7:b0:e2:75:3e:9b:85:dc:72:0d:77:
2c:88:e6:ff:21:b3:36:17:85:e3:76:8f:d0:99:59:
70:7c:e5:65:51:11:e5:a6:f4:7d:29:5a:66:be:e3:
74:53:fc:19:9b:d3:5a:77:fb:22:f3:6e:7e:a3:f9:
d3:ca:21:2c:84:5e:8f:95:b7:d0:4d:1c:58:0a:50:
75:67:8b:4e:82:a0:c1:bb:0a:76:44:65:84:a5:31:
7b:99:c1:40:7f:14:6d:09:8d:c0:6e:b0:35:3d:ca:
f9:bd:e6:f3:d4:b7:1e:f4:9a:77:4b:25:3d:34:40:
54:e3:81:06:35:82:09:21:a0:1c:30:0f:ac:d5:a7:
e8:29:d5:61:86:4d:c8:34:c1:9b:80:35:d2:b2:99:
b9:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:0D:17:5D:A6:A4:EE:0F:35:F2:FF:D3:32:47:7D:BB:1D:B7:8D:93
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:8000::/40
Signature Algorithm: sha256WithRSAEncryption
41:3d:a8:e2:33:94:ff:a5:43:65:42:57:9a:a9:b3:14:93:9f:
bb:16:6b:b2:e8:7f:b9:88:99:8e:23:76:b1:28:3d:ca:1a:1e:
60:6a:e2:f7:ef:bc:37:0b:95:07:63:b1:d3:67:af:37:66:da:
0e:e7:8b:9e:cd:91:de:4a:20:01:83:8b:c4:62:ee:1d:7c:94:
d1:ee:27:27:06:ab:c8:ce:c8:e5:c4:c9:4e:98:f2:fa:b9:78:
45:89:1f:2a:5d:b3:b0:15:41:4e:1a:2d:32:7e:6e:c4:7c:1a:
6b:92:d6:c3:bf:a8:a1:3b:f5:60:2d:11:9e:1c:e0:e2:a4:68:
b2:10:02:0a:33:98:67:0c:4f:f4:5c:b6:1b:6a:3b:d6:b5:09:
61:d9:4d:14:aa:67:87:4a:c2:85:af:09:f6:96:5b:2d:4f:df:
e0:93:96:0a:95:bd:bc:b1:ef:56:8e:13:52:b4:56:e9:98:22:
ae:c6:89:06:7a:09:6a:21:28:e4:b0:46:14:21:4d:f4:ab:d9:
63:9b:51:5d:8c:86:1b:a7:bb:d2:d3:42:c7:8b:6f:5d:1f:a0:
28:78:b5:41:ba:f8:5a:cf:98:20:08:7a:01:38:ae:bf:4c:12:
59:9e:9d:a8:8c:1f:5f:7d:f4:2b:48:a5:ab:7b:7f:5b:b7:7c:
5a:57:3a:53
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeymbQeycH6DtglGPktY9BNhxydMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3YzUyMjExYmEyNWIwNmVjNTlkOTM0Njc5YzIxNWNhNTZlMTAxNzAzZjg0
Y2E0MjE2YzhlMTY1YmZjMGIyYjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9ibwaZpVS5xTO5fIHIU8ND9KePzlY3qtQQnig9VnjB30ZkXB2LBfAyw64x
FZgBVPYlP4MHncmVKH0DX7xQrQixHwbEdh2yjcbAE1J5kIHnKE0fEVG0jsaN2R6y
WQ7jYwnnCkK56Q4ueiK7wvew4nU+m4Xccg13LIjm/yGzNheF43aP0JlZcHzlZVER
5ab0fSlaZr7jdFP8GZvTWnf7IvNufqP508ohLIRej5W30E0cWApQdWeLToKgwbsK
dkRlhKUxe5nBQH8UbQmNwG6wNT3K+b3m89S3HvSad0slPTRAVOOBBjWCCSGgHDAP
rNWn6CnVYYZNyDTBm4A10rKZuaMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTWDRdd
pqTuDzXy/9MyR327HbeNkzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWYzMDU0YjgtNTRlZS00YjhiLWFmYzgtNTMxZjI0ZDU5ZmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSA
MA0GCSqGSIb3DQEBCwUAA4IBAQBBPajiM5T/pUNlQleaqbMUk5+7Fmuy6H+5iJmO
I3axKD3KGh5gauL377w3C5UHY7HTZ683ZtoO54uezZHeSiABg4vEYu4dfJTR7icn
BqvIzsjlxMlOmPL6uXhFiR8qXbOwFUFOGi0yfm7EfBprktbDv6ihO/VgLRGeHODi
pGiyEAIKM5hnDE/0XLYbajvWtQlh2U0UqmeHSsKFrwn2llstT9/gk5YKlb28se9W
jhNStFbpmCKuxokGeglqISjksEYUIU30q9ljm1FdjIYbp7vS00LHi29dH6AoeLVB
uvhaz5ggCHoBOK6/TBJZnp2ojB9fffQrSKWre39bt3xaVzpT
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org