Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bb38644-80df-4860-b82a-121044191ffa.roa
File: 6bb38644-80df-4860-b82a-121044191ffa.roa (raw, json)
Hash identifier: 2br7N8/2Li4JXAPxddnQfgyo+j978ss534er/2lF49Q=
Subject key identifier: 1C:AE:B6:4F:86:A0:CE:5B:6E:A3:DD:F3:CD:98:A9:64:F8:85:82:A5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2DF5790F64EA342ACA94B8F7427AEC9B7C06599F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bb38644-80df-4860-b82a-121044191ffa.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:f5:79:0f:64:ea:34:2a:ca:94:b8:f7:42:7a:ec:9b:7c:06:59:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=f36ecb99408e7d7292eaa0bf8501b59f5477c8ae41b1468503dfd5a5a603d35a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:db:c7:5e:0b:a5:da:cd:d0:11:38:fb:df:e3:
d5:1a:88:d3:b3:01:24:61:63:bd:ea:7a:f3:1b:8a:
22:a8:8d:58:41:7a:12:87:a2:55:22:25:e9:1e:8e:
a5:af:8f:4e:2c:05:f4:73:dc:cc:db:86:3c:be:97:
da:4a:33:3a:a6:27:b5:d0:33:4d:1f:96:7c:cc:df:
2a:f1:cd:d8:c7:98:de:42:83:dd:c3:98:43:d2:72:
36:36:8e:51:81:e0:07:cf:8f:e6:e1:55:fb:e0:c7:
7e:4f:7b:74:49:89:3f:bf:92:da:c2:be:65:84:af:
ad:94:f4:45:d6:4d:c3:ae:e8:11:56:12:d2:20:74:
cb:d6:7e:bb:52:56:9b:4a:b6:bc:d1:59:a7:ed:87:
9b:af:bc:81:e0:84:f2:cc:77:8c:98:8d:3a:62:a0:
d0:e9:8a:e7:ef:d7:3b:d1:c0:c5:70:ad:3f:28:d7:
68:12:95:70:fa:ce:d2:bc:d8:e4:c9:9f:bb:7d:d9:
9e:b2:ed:74:48:46:91:8a:a5:a1:6e:f2:f8:5d:ae:
50:d5:8c:fd:fa:c3:ae:41:b6:89:f4:b4:37:54:9e:
58:aa:8c:e4:e2:52:75:15:62:6d:92:f4:99:d2:9c:
a2:a2:42:d5:85:32:af:1d:b2:df:54:b5:9a:88:e2:
b1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:AE:B6:4F:86:A0:CE:5B:6E:A3:DD:F3:CD:98:A9:64:F8:85:82:A5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bb38644-80df-4860-b82a-121044191ffa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:2000::/40
Signature Algorithm: sha256WithRSAEncryption
19:de:ef:b1:a2:5f:47:bd:ed:e4:67:19:6e:c1:46:4e:31:44:
8d:26:3b:44:21:56:4e:82:ff:c6:5c:04:bf:d1:0c:16:96:87:
56:04:0e:63:40:40:6c:87:83:f6:59:06:ce:b7:3e:8d:bd:52:
3c:51:4f:2a:25:f0:fa:6a:52:dc:65:6c:9c:fb:73:51:59:6e:
64:c1:56:00:ac:47:3f:68:03:3a:ff:ca:ee:cd:77:39:83:dd:
1f:6f:7e:42:59:01:ba:f3:52:fd:c1:16:31:81:37:f1:ac:43:
09:16:fc:ab:e6:4a:85:5f:df:9e:23:5a:fb:67:ae:d5:e3:8c:
60:04:c8:f4:35:41:1e:1f:f6:3a:69:a7:2d:25:18:40:90:bb:
8e:94:4a:6e:b3:6f:9f:de:5b:d7:37:e3:dc:26:81:03:98:6e:
18:d2:dc:a0:b1:8b:25:32:73:48:5a:89:19:f4:e9:5c:17:92:
1d:f9:09:77:0c:02:26:85:21:37:8a:4f:d4:1d:24:85:7f:9a:
0a:c7:03:6e:a7:35:1f:0b:2d:58:95:ee:8c:09:74:88:22:ab:
10:4c:9a:79:3c:19:d9:9c:21:7a:b9:18:04:cb:cc:35:b2:35:
d5:54:45:ff:3e:d3:54:cf:56:a5:02:2a:4b:de:3f:2b:58:ff:
77:35:1a:91
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULfV5D2TqNCrKlLj3Qnrsm3wGWZ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzNmVjYjk5NDA4ZTdkNzI5MmVhYTBiZjg1MDFiNTlmNTQ3N2M4YWU0MWIx
NDY4NTAzZGZkNWE1YTYwM2QzNWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnbx14LpdrN0BE4+9/j1RqI07MBJGFjvep68xuKIqiNWEF6EoeiVSIl6R6O
pa+PTiwF9HPczNuGPL6X2kozOqYntdAzTR+WfMzfKvHN2MeY3kKD3cOYQ9JyNjaO
UYHgB8+P5uFV++DHfk97dEmJP7+S2sK+ZYSvrZT0RdZNw67oEVYS0iB0y9Z+u1JW
m0q2vNFZp+2Hm6+8geCE8sx3jJiNOmKg0OmK5+/XO9HAxXCtPyjXaBKVcPrO0rzY
5Mmfu33ZnrLtdEhGkYqloW7y+F2uUNWM/frDrkG2ifS0N1SeWKqM5OJSdRVibZL0
mdKcoqJC1YUyrx2y31S1mojisRsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQcrrZP
hqDOW26j3fPNmKlk+IWCpTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmJiMzg2NDQtODBkZi00ODYwLWI4MmEtMTIxMDQ0MTkxZmZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dog
MA0GCSqGSIb3DQEBCwUAA4IBAQAZ3u+xol9Hve3kZxluwUZOMUSNJjtEIVZOgv/G
XAS/0QwWlodWBA5jQEBsh4P2WQbOtz6NvVI8UU8qJfD6alLcZWyc+3NRWW5kwVYA
rEc/aAM6/8ruzXc5g90fb35CWQG681L9wRYxgTfxrEMJFvyr5kqFX9+eI1r7Z67V
44xgBMj0NUEeH/Y6aactJRhAkLuOlEpus2+f3lvXN+PcJoEDmG4Y0tygsYslMnNI
WokZ9OlcF5Id+Ql3DAImhSE3ik/UHSSFf5oKxwNupzUfCy1Yle6MCXSIIqsQTJp5
PBnZnCF6uRgEy8w1sjXVVEX/PtNUz1alAipL3j8rWP93NRqR
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org