Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6de7ce05-e2a4-4c90-9025-5ec5a64a098c.roa
File: 6de7ce05-e2a4-4c90-9025-5ec5a64a098c.roa (raw, json)
Hash identifier: AuOYn18aq0I1S71BmzHA0E+4RIef0IMESAD4Tj34bJE=
Subject key identifier: BA:6A:55:89:B4:95:2A:58:36:ED:90:E3:0F:5F:28:3E:2C:B5:CA:BF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 70CB944E644FBB54F64CC85D2399585A89B0D06B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6de7ce05-e2a4-4c90-9025-5ec5a64a098c.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:cb:94:4e:64:4f:bb:54:f6:4c:c8:5d:23:99:58:5a:89:b0:d0:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=a8174ea2c2b1dd4fa251eb6572a6b20fd52eacc54809e02a969c4550ffceb13d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:dd:35:5d:ab:57:5a:b0:17:24:de:71:7f:51:
d9:16:67:23:e6:59:83:32:66:27:c9:ed:76:ff:21:
08:b7:e3:ef:cd:f8:63:fc:4a:cf:64:c6:93:05:7c:
44:b3:c2:3e:68:a5:08:a2:1d:6e:5b:57:5b:14:17:
d3:5e:ac:7d:d8:f6:57:0a:ff:6f:a7:c3:1a:49:12:
0c:2d:27:21:85:ac:37:14:5b:ea:ed:c2:9f:ca:af:
d1:17:df:17:3c:36:a5:79:a0:1e:74:70:f4:48:83:
ef:4a:f9:09:92:38:57:f8:f6:4a:98:73:6d:db:74:
6d:54:c1:92:a3:ac:68:39:29:79:da:32:fc:48:54:
4d:bb:1f:c4:58:01:4d:63:ef:04:63:ff:1c:38:43:
66:81:18:f0:a4:a1:96:3c:55:32:7c:57:48:13:bf:
54:c6:e5:ed:6e:cb:16:58:81:d5:12:65:b1:83:a8:
7d:ce:ae:6e:e0:87:52:e3:b3:b5:e5:c0:53:fa:8c:
90:fb:8d:0d:04:dd:70:ec:4a:0b:2f:ee:4d:61:b0:
61:19:c8:93:17:9b:8d:02:fb:f3:ec:c9:3a:2a:35:
88:b0:a0:79:3d:30:2d:3a:64:ae:03:58:d5:d5:d5:
1f:b2:3a:0c:a2:2a:87:af:94:50:0d:31:9d:c8:19:
67:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:6A:55:89:B4:95:2A:58:36:ED:90:E3:0F:5F:28:3E:2C:B5:CA:BF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6de7ce05-e2a4-4c90-9025-5ec5a64a098c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:1000::/40
Signature Algorithm: sha256WithRSAEncryption
2a:a8:fa:52:11:62:e4:1d:43:10:f9:c7:ac:05:a0:6a:68:e3:
20:6a:80:a3:4d:10:c0:29:5a:ee:ce:f5:7b:7c:64:6b:f3:e6:
d8:e1:5f:5f:bf:80:98:a9:00:4d:59:f9:ad:24:7f:d2:b1:a0:
a2:d2:48:f3:85:ac:99:4e:e3:52:7b:72:d9:b6:fb:85:17:c9:
29:70:da:c9:49:3d:ea:fe:60:2c:94:9c:aa:0f:1b:7f:bf:df:
11:11:bb:9c:31:92:78:63:f4:d4:62:c2:32:69:40:19:50:29:
20:c6:59:32:bc:35:64:f4:3f:bf:25:b8:f3:26:b2:45:d4:53:
8a:3e:fe:01:03:4f:57:ec:f6:09:51:c5:85:32:d5:bc:29:ee:
66:ba:ea:25:ba:16:4c:c5:c8:b0:e6:27:01:a9:55:09:5c:a1:
f1:f1:34:64:d2:ee:62:42:4a:3a:c5:61:14:1c:a6:81:aa:4b:
57:76:31:81:68:f5:df:90:89:30:5b:fb:f0:f0:90:36:80:ec:
52:c2:5b:77:9b:f7:c0:95:11:f8:b3:a0:cb:24:c4:76:60:6d:
13:3b:24:24:ac:e1:f6:de:ca:00:5c:b6:4c:0c:0b:af:59:14:
6a:86:8e:54:e5:18:98:dd:88:89:fd:65:3f:91:87:86:a5:26:
09:09:71:10
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcMuUTmRPu1T2TMhdI5lYWomw0GswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4MTc0ZWEyYzJiMWRkNGZhMjUxZWI2NTcyYTZiMjBmZDUyZWFjYzU0ODA5
ZTAyYTk2OWM0NTUwZmZjZWIxM2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOfdNV2rV1qwFyTecX9R2RZnI+ZZgzJmJ8ntdv8hCLfj7834Y/xKz2TGkwV8
RLPCPmilCKIdbltXWxQX016sfdj2Vwr/b6fDGkkSDC0nIYWsNxRb6u3Cn8qv0Rff
Fzw2pXmgHnRw9EiD70r5CZI4V/j2Sphzbdt0bVTBkqOsaDkpedoy/EhUTbsfxFgB
TWPvBGP/HDhDZoEY8KShljxVMnxXSBO/VMbl7W7LFliB1RJlsYOofc6ubuCHUuOz
teXAU/qMkPuNDQTdcOxKCy/uTWGwYRnIkxebjQL78+zJOio1iLCgeT0wLTpkrgNY
1dXVH7I6DKIqh6+UUA0xncgZZysCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS6alWJ
tJUqWDbtkOMPXyg+LLXKvzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmRlN2NlMDUtZTJhNC00YzkwLTkwMjUtNWVjNWE2NGEwOThjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HIQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAqqPpSEWLkHUMQ+cesBaBqaOMgaoCjTRDAKVru
zvV7fGRr8+bY4V9fv4CYqQBNWfmtJH/SsaCi0kjzhayZTuNSe3LZtvuFF8kpcNrJ
ST3q/mAslJyqDxt/v98REbucMZJ4Y/TUYsIyaUAZUCkgxlkyvDVk9D+/JbjzJrJF
1FOKPv4BA09X7PYJUcWFMtW8Ke5muuoluhZMxciw5icBqVUJXKHx8TRk0u5iQko6
xWEUHKaBqktXdjGBaPXfkIkwW/vw8JA2gOxSwlt3m/fAlRH4s6DLJMR2YG0TOyQk
rOH23soAXLZMDAuvWRRqho5U5RiY3YiJ/WU/kYeGpSYJCXEQ
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:30 2023 by rpki-client on console-fra.rpki-client.org