Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
File: 739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa (raw, json)
Hash identifier: vRjHrrkQC91r/pJM/kaQz1q7Hzm7orBgE8XOxokFWlQ=
Subject key identifier: 60:73:A8:3A:DC:AF:A3:EE:BD:EF:76:86:FC:A8:51:45:B8:EB:CA:54
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 148CB8D8EA9228EA95D1CB0D953C10F99B3D5269
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:8c:b8:d8:ea:92:28:ea:95:d1:cb:0d:95:3c:10:f9:9b:3d:52:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=5038d85a222a5737758a3a57fa33e23d5031f46715eb0efebf244efe57de05cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d1:82:be:22:41:cd:9b:8a:65:c4:eb:40:d7:
d5:a3:6d:c4:5a:c1:10:63:d2:b7:2d:93:76:a2:bb:
e5:b3:3c:11:cd:93:8c:60:3a:fb:92:9f:43:4c:ad:
43:09:50:60:7d:3a:c4:2e:9a:78:ac:c0:d9:30:1e:
40:62:dc:c4:d6:77:fd:37:5f:fe:18:23:e5:11:56:
d9:a5:6a:c8:96:f7:e2:d9:a6:58:79:71:3a:1e:b1:
5b:c4:12:57:9b:6c:7b:35:d3:93:e9:5e:02:dc:b2:
a0:a5:b8:85:23:92:26:b7:96:b8:23:17:f5:d3:e0:
c2:bd:12:75:4e:8a:ec:27:1b:40:f0:79:f6:84:7c:
eb:17:e2:2f:d2:6d:45:68:a6:d6:67:49:63:0e:a3:
a7:16:1e:0a:82:c1:e1:d9:c2:e4:fa:42:ba:fa:54:
1f:24:8b:6e:05:01:90:94:ea:14:e7:57:97:2b:82:
69:67:bf:94:74:0a:64:95:83:29:e4:72:05:96:8d:
76:91:97:bd:85:d3:ac:e7:34:3d:15:5a:11:dd:22:
43:a1:85:16:79:74:97:f5:3c:92:7c:50:34:50:20:
92:b1:69:5a:11:df:3c:65:74:f7:43:d8:92:c8:11:
99:1b:e9:98:ef:c1:ae:e1:d0:8b:0a:4d:4a:9d:b8:
aa:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:73:A8:3A:DC:AF:A3:EE:BD:EF:76:86:FC:A8:51:45:B8:EB:CA:54
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:9000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:e8:72:fa:c3:07:54:04:ea:48:95:8b:2e:51:3f:1b:4f:55:
e5:c9:63:1a:f5:2f:77:30:1e:22:7b:c9:72:57:2e:41:c0:2e:
a1:4e:62:a8:65:74:69:82:f5:aa:24:2b:15:7b:ba:7d:c0:c1:
bb:96:38:cc:62:16:87:72:d0:4f:a8:5c:c2:c9:f9:6c:50:04:
00:bd:b4:18:e4:67:ed:98:6e:27:66:2c:cf:dc:ae:fa:23:ad:
53:cc:ef:18:5a:7d:d6:54:1e:7e:0b:77:8f:4b:fb:97:28:38:
99:4d:be:05:fc:cf:77:47:5b:b0:b9:fb:bd:cf:12:4f:f3:d2:
37:4b:00:5b:df:93:62:ee:f9:a6:83:c9:12:58:69:30:66:17:
0a:75:8e:b9:97:c1:83:42:5b:5d:0e:7f:9f:a1:86:80:32:fa:
35:bd:7e:e2:e7:3a:06:59:5b:7f:f2:18:21:d9:28:4a:39:bc:
ea:22:ec:8e:3c:53:02:ef:0b:29:21:fc:c2:34:f6:ef:7a:76:
7c:68:94:9e:b7:42:0c:8c:7c:78:a4:a1:e8:b7:b7:65:13:c5:
63:45:0b:af:4d:ad:66:49:5e:54:00:9b:de:cf:ad:94:64:99:
f6:b7:fa:f6:ff:1f:60:ed:6e:c3:7e:70:12:20:e1:6f:2f:a1:
b2:58:a9:11
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFIy42OqSKOqV0csNlTwQ+Zs9UmkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwMzhkODVhMjIyYTU3Mzc3NThhM2E1N2ZhMzNlMjNkNTAzMWY0NjcxNWVi
MGVmZWJmMjQ0ZWZlNTdkZTA1Y2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/Rgr4iQc2bimXE60DX1aNtxFrBEGPSty2TdqK75bM8Ec2TjGA6+5KfQ0yt
QwlQYH06xC6aeKzA2TAeQGLcxNZ3/Tdf/hgj5RFW2aVqyJb34tmmWHlxOh6xW8QS
V5tsezXTk+leAtyyoKW4hSOSJreWuCMX9dPgwr0SdU6K7CcbQPB59oR86xfiL9Jt
RWim1mdJYw6jpxYeCoLB4dnC5PpCuvpUHySLbgUBkJTqFOdXlyuCaWe/lHQKZJWD
KeRyBZaNdpGXvYXTrOc0PRVaEd0iQ6GFFnl0l/U8knxQNFAgkrFpWhHfPGV090PY
ksgRmRvpmO/BruHQiwpNSp24qr8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRgc6g6
3K+j7r3vdob8qFFFuOvKVDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzM5ZDhiMDgtZjgyYi00YTJhLTg0MWMtMmZhZjdhMzMxZmZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6Q
MA0GCSqGSIb3DQEBCwUAA4IBAQDB6HL6wwdUBOpIlYsuUT8bT1XlyWMa9S93MB4i
e8lyVy5BwC6hTmKoZXRpgvWqJCsVe7p9wMG7ljjMYhaHctBPqFzCyflsUAQAvbQY
5GftmG4nZizP3K76I61TzO8YWn3WVB5+C3ePS/uXKDiZTb4F/M93R1uwufu9zxJP
89I3SwBb35Ni7vmmg8kSWGkwZhcKdY65l8GDQltdDn+foYaAMvo1vX7i5zoGWVt/
8hgh2ShKObzqIuyOPFMC7wspIfzCNPbvenZ8aJSet0IMjHx4pKHot7dlE8VjRQuv
Ta1mSV5UAJvez62UZJn2t/r2/x9g7W7DfnASIOFvL6GyWKkR
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org