Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/807af5d9-1ea1-407f-a2a9-39ad687146ec.roa
File: 807af5d9-1ea1-407f-a2a9-39ad687146ec.roa (raw, json)
Hash identifier: JldR105wA5jWhu6IKSArIR8ESavRmK4u58dZm1L3hJk=
Subject key identifier: 95:E6:45:3E:C9:A4:77:51:69:5C:AA:B6:21:C1:A9:E1:1C:5D:83:58
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 209131B43FD41A24771A5F036FA882EFE0239172
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/807af5d9-1ea1-407f-a2a9-39ad687146ec.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:91:31:b4:3f:d4:1a:24:77:1a:5f:03:6f:a8:82:ef:e0:23:91:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=210c1a8a1df87da88b47db2cbd450ad0c359d0f4b783beeb10b78b1b8a9778f8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f5:3c:24:be:ff:d5:ba:cd:20:51:37:ab:86:
5d:fc:0e:ee:51:7a:fe:e0:4a:f5:fc:04:a9:a6:6c:
0d:05:90:67:4c:78:aa:46:a8:04:13:6d:95:f5:2b:
a7:12:af:01:13:1d:c8:c7:35:a0:a6:cb:82:4b:7a:
cf:b2:09:7f:a1:84:ba:a2:85:5d:1f:0f:63:6e:f0:
5d:24:52:22:15:8b:6c:d0:a9:09:fa:be:c0:e8:d1:
9d:f2:74:e3:b3:58:3c:9b:f5:9a:41:84:e4:9b:51:
7d:82:ca:28:b2:30:e5:3a:6b:a5:ac:21:ff:ed:06:
04:34:67:3d:f9:3a:1a:2e:c9:3d:93:7c:1d:ec:0b:
21:bb:b0:23:39:af:c2:5e:da:aa:6c:6d:f2:28:dd:
09:1e:83:c0:cc:ec:0f:76:33:cd:91:13:b4:8e:5d:
c1:4e:1a:73:42:50:db:22:7e:3c:5b:7d:2f:6f:77:
e8:4c:ed:0c:f5:6b:99:c3:94:3b:3c:41:90:6a:fc:
55:e9:ae:93:1b:73:4b:49:12:29:33:5d:b8:cd:ed:
9b:d6:5f:12:e5:cb:21:c7:34:04:5c:c4:33:67:aa:
13:09:e5:e2:da:d6:32:fd:84:19:f6:94:6b:aa:03:
ca:70:db:69:67:80:33:33:d9:0e:a2:f7:4a:28:ac:
44:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:E6:45:3E:C9:A4:77:51:69:5C:AA:B6:21:C1:A9:E1:1C:5D:83:58
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/807af5d9-1ea1-407f-a2a9-39ad687146ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:8000::/40
Signature Algorithm: sha256WithRSAEncryption
8c:79:34:f4:be:ca:cf:d0:dd:ea:e7:60:b0:36:dc:5a:04:8f:
88:30:56:27:0d:46:43:e2:23:1f:78:f5:37:87:0c:e5:54:3c:
e8:c6:71:62:f7:b9:7d:6f:07:bd:30:6a:e7:52:f0:7b:65:30:
e7:3a:40:46:f5:3e:59:ed:52:40:4f:7d:55:1f:ec:85:e7:6f:
43:02:81:0f:61:0e:a5:2e:ad:24:3c:67:49:e8:63:f0:94:ff:
05:aa:9c:8d:bf:69:d1:81:a1:4b:a9:ce:d6:f1:91:05:2e:de:
a4:83:42:0c:df:de:4e:47:1a:11:20:26:11:a3:33:d8:2a:8e:
68:42:61:8c:92:17:77:5f:e7:2a:97:31:b2:14:11:71:fb:9f:
10:a8:01:89:2b:fe:52:21:40:4a:6f:8c:1b:e6:c6:27:9d:5f:
d3:15:2e:ee:b3:96:2f:5d:d0:46:82:a7:aa:0e:97:f8:32:d5:
98:3b:25:ce:04:a8:09:7d:39:ba:f8:ba:ed:5b:40:e3:d5:89:
a4:f5:09:82:30:77:2c:15:30:35:2f:45:01:e7:e4:e9:f4:6d:
a2:97:5a:c2:06:d7:ec:e8:5e:c2:5e:37:ac:4c:80:5d:c0:48:
ab:89:b1:98:21:e4:90:88:e2:2e:61:7f:aa:3f:c4:33:19:6d:
53:6f:0a:04
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIJExtD/UGiR3Gl8Db6iC7+AjkXIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxMGMxYThhMWRmODdkYTg4YjQ3ZGIyY2JkNDUwYWQwYzM1OWQwZjRiNzgz
YmVlYjEwYjc4YjFiOGE5Nzc4ZjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALT1PCS+/9W6zSBRN6uGXfwO7lF6/uBK9fwEqaZsDQWQZ0x4qkaoBBNtlfUr
pxKvARMdyMc1oKbLgkt6z7IJf6GEuqKFXR8PY27wXSRSIhWLbNCpCfq+wOjRnfJ0
47NYPJv1mkGE5JtRfYLKKLIw5Tprpawh/+0GBDRnPfk6Gi7JPZN8HewLIbuwIzmv
wl7aqmxt8ijdCR6DwMzsD3YzzZETtI5dwU4ac0JQ2yJ+PFt9L2936EztDPVrmcOU
OzxBkGr8VemukxtzS0kSKTNduM3tm9ZfEuXLIcc0BFzEM2eqEwnl4trWMv2EGfaU
a6oDynDbaWeAMzPZDqL3SiisREcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSV5kU+
yaR3UWlcqrYhwanhHF2DWDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODA3YWY1ZDktMWVhMS00MDdmLWEyYTktMzlhZDY4NzE0NmVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWA
MA0GCSqGSIb3DQEBCwUAA4IBAQCMeTT0vsrP0N3q52CwNtxaBI+IMFYnDUZD4iMf
ePU3hwzlVDzoxnFi97l9bwe9MGrnUvB7ZTDnOkBG9T5Z7VJAT31VH+yF529DAoEP
YQ6lLq0kPGdJ6GPwlP8FqpyNv2nRgaFLqc7W8ZEFLt6kg0IM395ORxoRICYRozPY
Ko5oQmGMkhd3X+cqlzGyFBFx+58QqAGJK/5SIUBKb4wb5sYnnV/TFS7us5YvXdBG
gqeqDpf4MtWYOyXOBKgJfTm6+LrtW0Dj1Ymk9QmCMHcsFTA1L0UB5+Tp9G2il1rC
Btfs6F7CXjesTIBdwEiribGYIeSQiOIuYX+qP8QzGW1TbwoE
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org