Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/706b4d5a-dbff-436a-9e9a-0c243ef12d01.roa
File: 706b4d5a-dbff-436a-9e9a-0c243ef12d01.roa (raw, json)
Hash identifier: d8mM8AWP8iB8bKnW2+euFPZaFOig+ZoGZF/9rd8gKFU=
Subject key identifier: B4:95:4C:3C:0E:99:A3:8F:D6:DD:9C:27:13:88:1E:F9:58:A1:20:9E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 637E25B4B9017DCB61B2EDA16DB11EB0E488FD72
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/706b4d5a-dbff-436a-9e9a-0c243ef12d01.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:7e:25:b4:b9:01:7d:cb:61:b2:ed:a1:6d:b1:1e:b0:e4:88:fd:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=a1cb283256137471f7c5ee279349884fea8656475a52d0bd22c519d0e9b37567, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c2:37:98:10:37:52:7b:9e:9c:d1:d0:22:98:
9c:be:30:0c:71:b0:92:b0:0a:56:d0:84:7b:9f:2c:
7d:21:41:1f:11:4a:0b:f1:85:2e:f4:84:2d:ee:11:
a7:53:15:e5:af:af:1d:58:f3:b6:38:eb:38:28:f3:
d5:d4:1f:d4:0c:75:8a:c4:fd:8a:49:04:3a:da:e8:
49:27:a0:dd:17:7a:80:db:cc:1f:ae:3a:70:86:e7:
a9:00:84:7a:99:d5:93:75:9e:ed:b3:02:c4:a5:41:
d7:c9:98:db:c2:17:a7:e2:cd:b0:48:39:6e:29:c5:
80:2c:4d:8d:c3:85:8a:05:30:aa:0c:48:3f:1c:73:
54:5e:cd:9f:bc:e8:43:a4:7b:ed:d1:b3:40:c1:bd:
3f:35:6f:90:51:65:22:f6:88:ac:66:8e:fe:31:aa:
e8:ab:b6:e5:a4:1c:52:4f:11:f3:ed:55:7c:98:92:
a5:81:2f:29:bd:88:35:c2:9b:bf:87:ff:5b:65:30:
ef:b6:69:f4:08:c3:1d:c7:07:e5:a7:ec:bd:b4:d0:
7b:91:34:99:7a:b3:1f:48:75:43:46:51:40:e5:f1:
23:0b:77:77:c3:97:75:e8:0d:cc:85:09:0e:f8:02:
a8:53:1a:03:0b:ff:d6:36:59:11:d5:77:74:ea:d3:
c9:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:95:4C:3C:0E:99:A3:8F:D6:DD:9C:27:13:88:1E:F9:58:A1:20:9E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/706b4d5a-dbff-436a-9e9a-0c243ef12d01.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:9000::/40
Signature Algorithm: sha256WithRSAEncryption
71:ab:ed:18:74:b8:16:12:c1:3e:e9:c7:a2:e8:aa:a9:22:06:
db:7d:2b:6c:b3:5d:ec:6c:92:d1:33:40:90:4c:d5:e2:c6:a3:
e5:77:f5:80:17:71:ca:87:d7:e9:ac:a7:4b:08:06:03:ea:1b:
b1:ce:44:2e:ed:b7:86:ef:f7:f2:55:e1:c1:61:1b:70:54:22:
8b:65:43:6f:5c:fa:da:fc:69:c8:41:5c:60:c7:43:05:d4:56:
39:92:16:d8:a2:91:ed:34:cb:3b:d9:e0:44:af:f9:f5:51:d6:
ff:1b:85:55:7f:05:ff:cd:06:d9:03:72:d1:c5:e3:9a:7b:82:
5a:db:24:55:1b:55:90:26:ed:74:62:3b:85:4e:a1:b1:59:f8:
7a:5b:c0:73:a2:2b:c4:59:0e:02:99:58:ac:e0:e7:ff:9e:8c:
59:41:60:55:4a:4e:71:0c:0e:c3:bb:7c:e4:78:79:70:67:af:
8a:bf:a6:af:00:67:be:22:11:d9:30:e8:3e:39:86:2e:5f:49:
67:75:64:41:9e:34:1b:1f:2b:16:36:85:95:e8:03:84:22:81:
1f:8d:49:0c:68:16:48:eb:cb:3b:27:20:86:6a:f7:8e:78:3b:
0a:03:11:f4:f9:1a:1b:63:21:d8:38:54:9e:3e:05:bc:66:76:
19:2c:f6:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY34ltLkBfcthsu2hbbEesOSI/XIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGExY2IyODMyNTYxMzc0NzFmN2M1ZWUyNzkzNDk4ODRmZWE4NjU2NDc1YTUy
ZDBiZDIyYzUxOWQwZTliMzc1NjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMvCN5gQN1J7npzR0CKYnL4wDHGwkrAKVtCEe58sfSFBHxFKC/GFLvSELe4R
p1MV5a+vHVjztjjrOCjz1dQf1Ax1isT9ikkEOtroSSeg3Rd6gNvMH646cIbnqQCE
epnVk3We7bMCxKVB18mY28IXp+LNsEg5binFgCxNjcOFigUwqgxIPxxzVF7Nn7zo
Q6R77dGzQMG9PzVvkFFlIvaIrGaO/jGq6Ku25aQcUk8R8+1VfJiSpYEvKb2INcKb
v4f/W2Uw77Zp9AjDHccH5afsvbTQe5E0mXqzH0h1Q0ZRQOXxIwt3d8OXdegNzIUJ
DvgCqFMaAwv/1jZZEdV3dOrTyakCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS0lUw8
Dpmjj9bdnCcTiB75WKEgnjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzA2YjRkNWEtZGJmZi00MzZhLTllOWEtMGMyNDNlZjEyZDAxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HmQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBxq+0YdLgWEsE+6cei6KqpIgbbfStss13sbJLR
M0CQTNXixqPld/WAF3HKh9fprKdLCAYD6huxzkQu7beG7/fyVeHBYRtwVCKLZUNv
XPra/GnIQVxgx0MF1FY5khbYopHtNMs72eBEr/n1Udb/G4VVfwX/zQbZA3LRxeOa
e4Ja2yRVG1WQJu10YjuFTqGxWfh6W8BzoivEWQ4CmVis4Of/noxZQWBVSk5xDA7D
u3zkeHlwZ6+Kv6avAGe+IhHZMOg+OYYuX0lndWRBnjQbHysWNoWV6AOEIoEfjUkM
aBZI68s7JyCGaveOeDsKAxH0+RobYyHYOFSePgW8ZnYZLPac
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:30 2023 by rpki-client on console-fra.rpki-client.org