Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a5c899e-1564-4329-8939-7004d7b754c8.roa
File: 7a5c899e-1564-4329-8939-7004d7b754c8.roa (raw, json)
Hash identifier: szFKkBtzFYBIv4ir6OemcSzCmK77DE7zOf7xiqjZjYA=
Subject key identifier: 4B:B3:CF:B4:61:DB:61:A1:45:D4:F5:92:5F:D2:56:BD:64:D6:CC:C0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 54B1CCF41729A645537E8D5C372E6802C0185A03
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a5c899e-1564-4329-8939-7004d7b754c8.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:b1:cc:f4:17:29:a6:45:53:7e:8d:5c:37:2e:68:02:c0:18:5a:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=8d80071e782e82e630f3d9ef0a2fdff3ed92d3f412f681006ba909a6488072ec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:56:76:88:b6:2d:ab:e9:0e:08:3d:da:20:d5:
79:46:f5:09:37:fc:ad:60:05:ae:f1:df:b4:bd:29:
d1:a5:38:01:fc:fa:60:be:16:1c:09:9a:83:14:08:
0d:ab:a3:09:36:97:e3:94:ba:d8:ea:27:f3:1a:88:
3e:87:84:fe:ef:18:1b:69:48:8b:0a:58:5d:a9:b3:
2b:1e:cb:4e:09:d5:5d:60:7f:30:27:72:e8:0f:3e:
75:0e:db:6a:3c:09:8d:4e:97:82:78:ea:16:90:57:
d4:37:bf:2c:27:fb:7a:e6:b8:e5:58:db:8e:64:49:
30:de:8e:3d:88:1c:18:78:0a:2e:88:bc:0f:eb:52:
cc:40:f0:da:26:1e:f3:51:bc:20:75:13:85:a3:2e:
ef:e3:99:42:04:52:66:f6:21:b6:f0:62:ed:7a:eb:
c7:9c:91:8d:40:60:4c:76:b0:05:45:47:19:89:fa:
06:9d:77:65:05:da:38:37:db:c6:8f:19:47:58:5c:
7e:38:59:49:e7:48:19:1c:f0:cb:50:08:57:0e:68:
a9:d3:99:e1:4e:a9:65:75:64:18:80:2f:0b:53:77:
b6:c1:e5:d2:4e:b9:ff:10:5b:ef:f5:6d:8c:73:d2:
c7:a2:1b:3a:58:b0:fd:51:15:7f:68:a2:06:b7:bb:
ed:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:B3:CF:B4:61:DB:61:A1:45:D4:F5:92:5F:D2:56:BD:64:D6:CC:C0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a5c899e-1564-4329-8939-7004d7b754c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:9000::/40
Signature Algorithm: sha256WithRSAEncryption
81:b0:42:ab:fc:ed:47:f8:76:15:93:a4:56:5c:15:91:0a:9e:
29:c4:fc:43:0f:dd:c4:e0:73:83:7f:dd:38:75:1c:04:78:59:
d9:7c:f8:ed:7d:43:8a:50:af:ae:f0:3d:0a:2c:d3:1b:6d:6d:
61:0d:39:eb:ad:9b:d1:fa:c8:8d:69:ff:e2:f9:52:ea:62:8a:
66:5c:f3:eb:b2:b9:47:83:0f:e7:de:44:6b:37:ec:16:36:7b:
f3:96:31:ae:e2:6b:a9:08:78:15:c0:80:31:19:7e:dd:d0:a8:
85:e4:2d:c3:3e:ea:e4:05:a2:99:ee:98:6e:9b:c7:48:ef:12:
86:c2:55:26:10:9a:51:37:26:a9:ff:c2:2d:b5:6e:1b:29:e3:
d9:03:9d:d4:5b:be:e6:5f:7b:5e:67:d8:9e:13:9e:94:8d:11:
79:2c:bd:a1:db:48:dd:fc:ed:f7:44:7e:25:fa:00:90:c1:b3:
ae:e1:8b:3d:43:46:74:1b:9d:16:a1:13:d3:8a:6b:27:b0:18:
18:8c:d9:e5:64:22:90:6f:c3:c0:17:a1:0a:37:51:af:d1:ee:
34:86:0f:80:58:eb:11:4d:c6:0e:2e:84:0d:1c:29:07:88:7b:
66:2d:f6:9a:7c:0e:0d:81:38:cc:0c:f8:61:10:ce:6a:07:b9:
5b:eb:67:da
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVLHM9BcppkVTfo1cNy5oAsAYWgMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkODAwNzFlNzgyZTgyZTYzMGYzZDllZjBhMmZkZmYzZWQ5MmQzZjQxMmY2
ODEwMDZiYTkwOWE2NDg4MDcyZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRWdoi2LavpDgg92iDVeUb1CTf8rWAFrvHftL0p0aU4Afz6YL4WHAmagxQI
DaujCTaX45S62Oon8xqIPoeE/u8YG2lIiwpYXamzKx7LTgnVXWB/MCdy6A8+dQ7b
ajwJjU6XgnjqFpBX1De/LCf7eua45VjbjmRJMN6OPYgcGHgKLoi8D+tSzEDw2iYe
81G8IHUThaMu7+OZQgRSZvYhtvBi7Xrrx5yRjUBgTHawBUVHGYn6Bp13ZQXaODfb
xo8ZR1hcfjhZSedIGRzwy1AIVw5oqdOZ4U6pZXVkGIAvC1N3tsHl0k65/xBb7/Vt
jHPSx6IbOliw/VEVf2iiBre77RsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRLs8+0
YdthoUXU9ZJf0la9ZNbMwDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2E1Yzg5OWUtMTU2NC00MzI5LTg5MzktNzAwNGQ3Yjc1NGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCBsEKr/O1H+HYVk6RWXBWRCp4pxPxDD93E4HOD
f904dRwEeFnZfPjtfUOKUK+u8D0KLNMbbW1hDTnrrZvR+siNaf/i+VLqYopmXPPr
srlHgw/n3kRrN+wWNnvzljGu4mupCHgVwIAxGX7d0KiF5C3DPurkBaKZ7phum8dI
7xKGwlUmEJpRNyap/8IttW4bKePZA53UW77mX3teZ9ieE56UjRF5LL2h20jd/O33
RH4l+gCQwbOu4Ys9Q0Z0G50WoRPTimsnsBgYjNnlZCKQb8PAF6EKN1Gv0e40hg+A
WOsRTcYOLoQNHCkHiHtmLfaafA4NgTjMDPhhEM5qB7lb62fa
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:26 2023 by rpki-client on console-ams.rpki-client.org