Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ddb8169-a0ba-4989-b488-a344085c56c9.roa
File: 6ddb8169-a0ba-4989-b488-a344085c56c9.roa (raw, json)
Hash identifier: rIB9MYMdfXTByefvz/Zxag+TkbL5hgH6OWxdxHJbI/E=
Subject key identifier: 54:FD:19:06:66:5F:FC:A8:FA:58:45:04:B6:DD:41:A4:56:F5:91:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 745DE4EAA52769BEC1867E42960F9AAAE3AEFE33
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ddb8169-a0ba-4989-b488-a344085c56c9.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:5d:e4:ea:a5:27:69:be:c1:86:7e:42:96:0f:9a:aa:e3:ae:fe:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=8144a59ea891799576388a8799e8941406e677d29996e3f24eb102b9bfb6c790, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:45:ed:29:38:ac:00:c0:50:a8:2c:ee:54:76:
17:9d:86:22:34:b0:83:27:d7:98:c6:65:36:e6:1b:
76:52:fe:64:cf:38:3b:4e:14:62:6a:96:3b:07:fc:
71:6b:af:ba:4e:f3:b5:51:36:38:95:6a:aa:1b:67:
bf:8c:68:e4:7a:8b:30:4d:e5:df:67:82:e9:2b:16:
9a:8b:1b:fb:74:db:7b:f7:d3:ab:c7:42:4b:6a:0a:
ee:5f:17:2d:f2:5b:15:55:03:8b:b8:ea:ab:d8:25:
2d:ae:ce:0b:14:9f:44:d7:e2:93:c2:36:c5:d6:df:
2e:bc:f6:b2:73:16:1b:6c:42:79:6b:9b:5a:14:bf:
b7:53:1b:f6:2f:ca:ac:1a:34:b1:fd:61:cd:56:1c:
46:0a:88:fd:a0:64:db:64:4d:64:0b:ef:2f:76:11:
da:35:a8:e1:8a:dd:e9:6e:74:d5:8a:e1:be:05:98:
74:66:24:cc:80:42:5a:83:1e:a0:14:21:5a:3d:6f:
d3:6c:81:2a:b0:73:3a:02:43:26:8d:ec:bb:e0:4f:
00:2b:26:2f:d1:70:1a:5d:00:13:83:af:ae:fa:5d:
5b:ba:c7:ce:5c:81:a2:ae:7c:ed:da:b1:66:e6:08:
60:f2:f9:f5:ab:73:b4:5d:01:23:1b:38:5e:c1:55:
47:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:FD:19:06:66:5F:FC:A8:FA:58:45:04:B6:DD:41:A4:56:F5:91:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6ddb8169-a0ba-4989-b488-a344085c56c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:c000::/40
Signature Algorithm: sha256WithRSAEncryption
b6:e3:7e:2b:c4:ac:af:b3:8a:77:3a:70:58:9d:7f:1c:e4:bb:
f2:d5:8f:1c:59:be:52:e7:86:e9:9f:73:57:a8:4b:3c:93:04:
62:bb:7e:93:62:f8:4b:8f:dc:f9:68:53:5d:bf:5e:9a:95:0f:
1e:73:f1:6b:e6:eb:0e:eb:ae:26:64:4f:c8:ca:4b:24:f0:33:
85:06:83:17:66:3a:ef:db:f6:5d:28:fb:5e:55:52:86:84:45:
26:da:7c:dc:b6:33:a6:ac:49:62:55:a6:53:9a:eb:10:94:ed:
64:ce:aa:48:c1:4b:65:1b:4f:d9:cd:33:e3:31:a5:4a:cb:7d:
42:c7:c3:b8:88:67:33:2a:b3:16:22:fd:5d:85:c8:60:86:81:
bb:eb:a2:76:56:f6:69:49:ee:1b:c8:8a:5c:42:0e:29:9a:8b:
e6:40:79:d9:2b:ba:eb:a0:38:38:9a:9b:f5:7c:ce:ca:2c:38:
9c:b5:62:7c:8a:7c:3f:ce:eb:a5:57:de:27:d1:90:ef:65:44:
20:7b:79:fe:9c:f9:47:cf:39:8b:9e:11:f6:b5:a0:c2:30:85:
29:56:87:a1:33:20:22:1e:62:42:2b:67:2f:37:5f:10:73:02:
01:20:2c:f9:5c:34:0d:8d:01:24:19:9a:52:66:30:a5:33:66:
33:7d:d5:c2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdF3k6qUnab7Bhn5Clg+aquOu/jMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxNDRhNTllYTg5MTc5OTU3NjM4OGE4Nzk5ZTg5NDE0MDZlNjc3ZDI5OTk2
ZTNmMjRlYjEwMmI5YmZiNmM3OTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZF7Sk4rADAUKgs7lR2F52GIjSwgyfXmMZlNuYbdlL+ZM84O04UYmqWOwf8
cWuvuk7ztVE2OJVqqhtnv4xo5HqLME3l32eC6SsWmosb+3Tbe/fTq8dCS2oK7l8X
LfJbFVUDi7jqq9glLa7OCxSfRNfik8I2xdbfLrz2snMWG2xCeWubWhS/t1Mb9i/K
rBo0sf1hzVYcRgqI/aBk22RNZAvvL3YR2jWo4Yrd6W501YrhvgWYdGYkzIBCWoMe
oBQhWj1v02yBKrBzOgJDJo3su+BPACsmL9FwGl0AE4OvrvpdW7rHzlyBoq587dqx
ZuYIYPL59atztF0BIxs4XsFVR3cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRU/RkG
Zl/8qPpYRQS23UGkVvWRGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmRkYjgxNjktYTBiYS00OTg5LWI0ODgtYTM0NDA4NWM1NmM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HHA
MA0GCSqGSIb3DQEBCwUAA4IBAQC2434rxKyvs4p3OnBYnX8c5Lvy1Y8cWb5S54bp
n3NXqEs8kwRiu36TYvhLj9z5aFNdv16alQ8ec/Fr5usO664mZE/Iyksk8DOFBoMX
Zjrv2/ZdKPteVVKGhEUm2nzctjOmrEliVaZTmusQlO1kzqpIwUtlG0/ZzTPjMaVK
y31Cx8O4iGczKrMWIv1dhchghoG766J2VvZpSe4byIpcQg4pmovmQHnZK7rroDg4
mpv1fM7KLDictWJ8inw/zuulV94n0ZDvZUQge3n+nPlHzzmLnhH2taDCMIUpVoeh
MyAiHmJCK2cvN18QcwIBICz5XDQNjQEkGZpSZjClM2YzfdXC
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org