Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7f410204-155a-436a-a343-5a74a7999df6.roa
File: 7f410204-155a-436a-a343-5a74a7999df6.roa (raw, json)
Hash identifier: CMhp5QfKoLcCN5Mq7HJp4SBDwfrZsB/08eCDC4FDuJ4=
Subject key identifier: AB:8B:4D:C7:B5:32:BC:73:5A:16:9E:6C:27:86:E1:13:83:D3:D4:B6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3671520A638C4DF0F017B794D22C917683BC15E6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7f410204-155a-436a-a343-5a74a7999df6.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d070:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:71:52:0a:63:8c:4d:f0:f0:17:b7:94:d2:2c:91:76:83:bc:15:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=11422108a9f161c60bb0e4ef49497f8730715191fa60e19c4662ec9dcd9b9110, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:20:47:ea:fa:85:0f:29:0f:3b:65:99:3a:ad:
4b:68:5c:d1:9a:ff:9c:ad:b6:74:22:fb:77:c9:94:
de:b4:1e:1b:33:23:62:9c:fa:de:db:76:c0:c1:ec:
61:d9:65:65:47:ce:42:ed:1d:29:63:a3:50:d6:ed:
e3:44:26:e0:b3:89:96:50:27:f7:db:b2:f7:f9:5d:
7f:0c:dc:7e:7d:be:9a:3b:a5:de:2f:14:f5:0b:40:
62:20:f0:a1:62:fa:bc:1e:25:56:74:54:9e:6b:ec:
ec:9a:c4:f4:97:52:ac:81:8f:be:0b:5d:aa:81:75:
91:1f:d0:4a:1b:a2:8d:bb:ba:f2:df:60:36:f9:3e:
cf:1c:b7:5d:e8:20:ba:8c:64:cb:54:85:32:20:6c:
a8:66:a1:3a:ab:a0:4e:57:53:7e:a9:2d:db:82:c9:
ca:e6:bd:1f:78:51:12:2d:e8:ea:96:c4:71:fe:84:
93:24:49:17:ba:af:1b:65:70:60:a2:c9:cd:87:a4:
e0:e8:03:67:fb:d3:c1:cc:54:1c:30:3c:e0:08:60:
c2:d2:46:37:5d:bd:78:7c:78:e9:89:6c:18:33:49:
b6:79:6e:f2:1d:44:9e:fd:ca:81:29:b4:c2:75:87:
aa:a3:33:5c:79:04:74:6d:06:80:73:d4:69:3f:ff:
cb:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:8B:4D:C7:B5:32:BC:73:5A:16:9E:6C:27:86:E1:13:83:D3:D4:B6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7f410204-155a-436a-a343-5a74a7999df6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d070:6000::/40
Signature Algorithm: sha256WithRSAEncryption
3c:fe:ee:06:52:ed:de:d7:f5:9a:fe:82:65:d7:99:89:d2:cc:
41:19:6c:04:c7:d9:36:cc:1e:38:f2:0f:0b:98:9f:3f:a4:d1:
53:0d:94:1f:6f:88:7c:6a:a5:59:b2:4c:1d:71:92:14:7c:18:
d7:e9:c5:f9:b4:96:88:1b:bd:89:4a:81:5a:c8:e8:1c:c8:f3:
68:fc:57:d4:b8:0b:81:18:fd:36:69:cb:1f:81:8f:0c:c0:24:
df:0d:fb:01:be:a4:f3:58:ea:a3:59:8b:e6:08:a9:53:8d:93:
e6:26:7f:59:49:05:ae:b1:46:63:4e:37:bb:65:09:7c:e2:22:
70:27:43:f8:fd:17:e2:2f:be:c2:40:51:a3:8a:4b:36:49:ec:
b5:b1:57:1c:9a:dc:c7:d2:2c:77:e3:83:33:5d:85:c3:eb:93:
d1:64:bb:fd:e7:31:e1:f4:aa:9e:f4:6f:54:f1:2a:17:c7:65:
78:4d:fb:d8:af:f8:a8:0d:6d:ea:0c:98:43:88:60:58:09:08:
55:89:f6:93:7d:00:bb:0e:8a:14:79:a5:58:98:d3:08:37:3d:
3b:d7:36:61:64:c0:b2:9f:57:99:5c:6f:75:0c:34:fe:7c:a6:
59:c7:13:18:29:81:a9:43:b4:53:42:22:eb:a7:93:b7:60:2c:
77:06:87:0e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNnFSCmOMTfDwF7eU0iyRdoO8FeYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDExNDIyMTA4YTlmMTYxYzYwYmIwZTRlZjQ5NDk3Zjg3MzA3MTUxOTFmYTYw
ZTE5YzQ2NjJlYzlkY2Q5YjkxMTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0gR+r6hQ8pDztlmTqtS2hc0Zr/nK22dCL7d8mU3rQeGzMjYpz63tt2wMHs
YdllZUfOQu0dKWOjUNbt40Qm4LOJllAn99uy9/ldfwzcfn2+mjul3i8U9QtAYiDw
oWL6vB4lVnRUnmvs7JrE9JdSrIGPvgtdqoF1kR/QShuijbu68t9gNvk+zxy3Xegg
uoxky1SFMiBsqGahOqugTldTfqkt24LJyua9H3hREi3o6pbEcf6EkyRJF7qvG2Vw
YKLJzYek4OgDZ/vTwcxUHDA84AhgwtJGN129eHx46YlsGDNJtnlu8h1Env3KgSm0
wnWHqqMzXHkEdG0GgHPUaT//y0kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSri03H
tTK8c1oWnmwnhuETg9PUtjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2Y0MTAyMDQtMTU1YS00MzZhLWEzNDMtNWE3NGE3OTk5ZGY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HBg
MA0GCSqGSIb3DQEBCwUAA4IBAQA8/u4GUu3e1/Wa/oJl15mJ0sxBGWwEx9k2zB44
8g8LmJ8/pNFTDZQfb4h8aqVZskwdcZIUfBjX6cX5tJaIG72JSoFayOgcyPNo/FfU
uAuBGP02acsfgY8MwCTfDfsBvqTzWOqjWYvmCKlTjZPmJn9ZSQWusUZjTje7ZQl8
4iJwJ0P4/RfiL77CQFGjiks2Sey1sVccmtzH0ix344MzXYXD65PRZLv95zHh9Kqe
9G9U8SoXx2V4TfvYr/ioDW3qDJhDiGBYCQhVifaTfQC7DooUeaVYmNMINz071zZh
ZMCyn1eZXG91DDT+fKZZxxMYKYGpQ7RTQiLrp5O3YCx3BocO
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org