Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/651dabbc-ea96-4696-a874-5fa7163b0e4f.roa
File: 651dabbc-ea96-4696-a874-5fa7163b0e4f.roa (raw, json)
Hash identifier: a4GVNsKk+jVqnIsX5p1qNChHDQXngu7incZPDm+gRVI=
Subject key identifier: FB:F3:DD:FC:32:43:67:D4:37:27:1F:96:2A:33:AB:65:25:71:87:93
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E3BAAACD3C3F7211A87A49538F43B6D5AC83DED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/651dabbc-ea96-4696-a874-5fa7163b0e4f.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:3b:aa:ac:d3:c3:f7:21:1a:87:a4:95:38:f4:3b:6d:5a:c8:3d:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=63ce36deb08241c4753c441658f6c21d97f81082244bd3536dbc7a1216eab45f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f2:47:0a:49:79:68:aa:ea:22:c3:28:25:fe:
f0:53:95:9e:0c:de:a0:97:86:26:19:99:23:56:b2:
3e:04:2c:be:62:f0:e1:0e:b4:48:68:d5:e9:c0:c7:
d1:7a:fa:28:cf:ed:4d:e1:e5:b0:e0:d6:ae:64:8a:
9e:ee:43:83:39:a8:ae:a4:a4:98:19:0d:e2:37:85:
67:e6:0b:83:a8:bf:0b:fc:3b:87:59:2c:11:7c:4b:
51:82:3d:32:26:36:6d:3f:b5:14:6f:ef:7f:40:b6:
b0:46:7b:20:ca:c8:60:fe:c0:6b:83:f5:f5:02:20:
21:a2:7f:29:78:ec:38:73:de:44:12:a9:79:3c:59:
a3:e9:63:81:78:ee:6e:cb:7d:11:19:da:bf:23:bd:
ad:16:7f:cf:14:31:a8:bf:89:b7:4f:b7:6a:e2:e4:
07:05:f3:25:1f:39:bb:97:de:1d:d1:35:06:7b:0a:
30:8a:34:72:cc:e2:10:43:a1:a1:88:4b:3c:c4:44:
45:55:99:f8:e5:eb:ee:a5:47:2f:01:9b:5f:d7:80:
bc:6c:8c:b2:96:c7:3b:71:1e:b4:e8:da:1e:59:9d:
80:ca:d9:67:86:e6:63:22:09:18:e4:43:b4:43:88:
e8:a5:3b:74:36:77:45:ad:06:85:c8:81:9a:32:f7:
9e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:F3:DD:FC:32:43:67:D4:37:27:1F:96:2A:33:AB:65:25:71:87:93
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/651dabbc-ea96-4696-a874-5fa7163b0e4f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:9000::/40
Signature Algorithm: sha256WithRSAEncryption
0c:e4:af:e6:0b:0d:f2:2b:4e:7d:8a:69:73:f2:7e:29:50:57:
aa:d9:51:f6:a8:53:18:1d:59:18:a2:f9:85:52:18:16:ea:d4:
70:76:ba:0e:14:3e:cf:94:7a:f0:1c:17:47:28:e3:c3:d8:87:
d4:eb:11:d9:3b:43:e2:aa:71:f2:2f:ba:e5:b3:6d:2d:a2:23:
b3:1b:23:db:c4:3e:34:f6:e5:42:3b:23:3d:8e:33:cb:21:23:
5f:85:a8:35:37:46:10:32:57:de:48:56:4f:cb:7d:36:89:45:
ad:b5:e0:a6:79:0a:54:89:43:57:a8:e1:43:4d:47:e7:f0:ff:
60:2a:22:6c:46:ca:cc:89:30:a6:ab:38:46:62:74:b4:91:6c:
49:32:5c:cc:79:5f:3b:aa:0b:c7:33:d9:57:1d:af:5d:b5:ac:
14:98:1d:a4:4b:9b:40:75:e6:a4:d7:1e:39:4f:71:9f:a9:0b:
77:d4:b0:90:11:7c:b9:38:6b:3e:f6:6e:3a:f2:9e:75:7b:b0:
9f:8f:38:46:0d:b7:06:c9:5c:a5:38:d3:09:76:1f:a6:f7:e9:
cc:db:92:a6:cd:cb:ed:d3:84:ec:27:29:3d:9e:0d:25:c3:b5:
0e:39:2d:d7:34:bc:ad:7b:52:e2:a5:e1:99:da:09:04:b2:09:
0a:b9:26:d9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfjuqrNPD9yEah6SVOPQ7bVrIPe0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzY2UzNmRlYjA4MjQxYzQ3NTNjNDQxNjU4ZjZjMjFkOTdmODEwODIyNDRi
ZDM1MzZkYmM3YTEyMTZlYWI0NWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKTyRwpJeWiq6iLDKCX+8FOVngzeoJeGJhmZI1ayPgQsvmLw4Q60SGjV6cDH
0Xr6KM/tTeHlsODWrmSKnu5DgzmorqSkmBkN4jeFZ+YLg6i/C/w7h1ksEXxLUYI9
MiY2bT+1FG/vf0C2sEZ7IMrIYP7Aa4P19QIgIaJ/KXjsOHPeRBKpeTxZo+ljgXju
bst9ERnavyO9rRZ/zxQxqL+Jt0+3auLkBwXzJR85u5feHdE1BnsKMIo0csziEEOh
oYhLPMRERVWZ+OXr7qVHLwGbX9eAvGyMspbHO3EetOjaHlmdgMrZZ4bmYyIJGORD
tEOI6KU7dDZ3Ra0GhciBmjL3nh8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT78938
MkNn1DcnH5YqM6tlJXGHkzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjUxZGFiYmMtZWE5Ni00Njk2LWE4NzQtNWZhNzE2M2IwZTRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAM5K/mCw3yK059imlz8n4pUFeq2VH2qFMYHVkY
ovmFUhgW6tRwdroOFD7PlHrwHBdHKOPD2IfU6xHZO0PiqnHyL7rls20toiOzGyPb
xD409uVCOyM9jjPLISNfhag1N0YQMlfeSFZPy302iUWtteCmeQpUiUNXqOFDTUfn
8P9gKiJsRsrMiTCmqzhGYnS0kWxJMlzMeV87qgvHM9lXHa9dtawUmB2kS5tAdeak
1x45T3GfqQt31LCQEXy5OGs+9m468p51e7CfjzhGDbcGyVylONMJdh+m9+nM25Km
zcvt04TsJyk9ng0lw7UOOS3XNLyte1LipeGZ2gkEsgkKuSbZ
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:30 2023 by rpki-client on console-fra.rpki-client.org