Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868bb3c8-7825-4e79-8a14-42d9fac4e917.roa
File: 868bb3c8-7825-4e79-8a14-42d9fac4e917.roa (raw, json)
Hash identifier: lv8nTDTXx77Hr2ZT8VCD30a+AAmixX9EVirI+ZUetI0=
Subject key identifier: 5F:45:FF:E2:9B:46:5E:67:10:CB:A8:DE:44:D5:7E:22:FF:A2:19:37
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 781A9FB67C79CE06F960F96002C761FF2433984E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868bb3c8-7825-4e79-8a14-42d9fac4e917.roa
Signing time: Mon 04 Sep 2023 00:00:00 +0000
ROA not before: Mon 04 Sep 2023 00:00:00 +0000
ROA not after: Mon 09 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Sep 2023 14:44:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:1a:9f:b6:7c:79:ce:06:f9:60:f9:60:02:c7:61:ff:24:33:98:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 4 00:00:00 2023 GMT
Not After : Oct 9 23:59:59 2023 GMT
Subject: serialNumber=eb0cd2231e5ac2a5189a7cb3075ddd0261a5b358fe2d2d90d636f7a817019c81, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ad:ec:05:67:20:71:20:cf:98:f5:da:04:d8:
cd:12:1b:d1:98:df:46:6e:72:97:bd:cf:ce:74:1b:
79:a8:c9:78:c5:dc:b2:4c:63:a2:b3:05:39:7c:64:
72:a6:88:f6:d4:3d:05:6e:ff:b0:3d:6c:30:42:1e:
d6:ac:00:39:7c:29:97:44:e2:26:9f:39:c9:cd:09:
16:b5:66:39:09:94:63:a1:90:bd:d1:f8:b9:c4:b4:
14:04:ec:dd:b7:c6:a9:07:d2:a4:60:b7:86:62:32:
84:7e:75:a6:61:9c:2f:18:dd:4b:a3:31:d5:4f:08:
22:b8:e3:7c:bc:42:3b:38:44:a8:a9:c3:d4:e8:bd:
a3:50:ba:61:72:74:de:5a:44:d7:6d:20:16:58:89:
72:cd:12:c0:ca:0a:be:c2:1c:77:6c:02:7f:ae:3a:
59:9d:f6:72:4d:c5:2b:85:d8:4e:e2:55:1d:d6:c8:
e2:13:4e:f9:0a:af:b2:db:10:4a:75:e2:59:87:04:
dc:87:64:27:6c:8e:e0:0b:fb:87:15:db:0f:65:d3:
ab:f8:9d:02:0e:97:5d:8b:1d:95:f3:da:88:e8:7f:
cc:df:0a:99:e7:8d:a1:a3:ff:62:45:7a:4a:ac:cd:
f0:68:fd:21:86:66:f4:66:3a:80:29:1e:12:32:37:
0a:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:45:FF:E2:9B:46:5E:67:10:CB:A8:DE:44:D5:7E:22:FF:A2:19:37
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868bb3c8-7825-4e79-8a14-42d9fac4e917.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.0.0/17
Signature Algorithm: sha256WithRSAEncryption
9c:60:3f:e7:23:2b:3b:6c:d5:f6:73:43:5c:4b:76:20:21:76:
81:f9:bd:6e:e3:b6:0b:b4:f6:a6:21:fa:13:f8:17:7a:f0:b9:
ad:8d:7b:9f:b2:22:22:e7:78:73:2e:32:9d:c2:ab:7e:77:ca:
98:16:2f:fa:84:81:7b:5e:af:d8:ad:ef:f0:89:95:6d:aa:5a:
c2:ac:c9:69:33:e2:ce:dc:6f:95:dc:3a:9b:a5:5c:a9:1a:08:
49:97:65:c3:04:67:8e:8c:c2:ee:29:bc:62:f4:52:35:84:cd:
85:95:0b:7c:89:9e:6a:dc:7a:56:f0:77:2b:40:2c:4e:a0:8c:
24:bb:33:db:91:a6:b2:32:c3:17:00:a3:6b:02:5d:28:8f:11:
44:3d:8e:c2:c6:e3:5c:00:1f:01:f8:e8:7f:25:1b:44:dc:c4:
3c:d6:49:2b:b1:28:04:33:3c:ec:ac:a3:49:25:f5:e0:a7:db:
2d:44:d2:48:6e:86:f8:b5:d5:fb:5e:f7:74:87:f1:fb:98:ab:
79:10:ae:a3:9b:03:b4:b9:9d:51:56:1a:a8:f6:28:35:c2:58:
e3:b0:d4:69:84:a7:fa:f9:ad:f0:79:28:54:ab:9b:4e:32:d5:
56:17:08:03:f9:d7:46:4f:b3:7b:5f:39:81:8b:cb:fa:3c:3b:
78:57:aa:5c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeBqftnx5zgb5YPlgAsdh/yQzmE4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDQwMDAwMDBaFw0yMzEwMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGViMGNkMjIzMWU1YWMyYTUxODlhN2NiMzA3NWRkZDAyNjFhNWIzNThmZTJk
MmQ5MGQ2MzZmN2E4MTcwMTljODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWt7AVnIHEgz5j12gTYzRIb0ZjfRm5yl73PznQbeajJeMXcskxjorMFOXxk
cqaI9tQ9BW7/sD1sMEIe1qwAOXwpl0TiJp85yc0JFrVmOQmUY6GQvdH4ucS0FATs
3bfGqQfSpGC3hmIyhH51pmGcLxjdS6Mx1U8IIrjjfLxCOzhEqKnD1Oi9o1C6YXJ0
3lpE120gFliJcs0SwMoKvsIcd2wCf646WZ32ck3FK4XYTuJVHdbI4hNO+QqvstsQ
SnXiWYcE3IdkJ2yO4Av7hxXbD2XTq/idAg6XXYsdlfPaiOh/zN8KmeeNoaP/YkV6
SqzN8Gj9IYZm9GY6gCkeEjI3CicCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRfRf/i
m0ZeZxDLqN5E1X4i/6IZNzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODY4YmIzYzgtNzgyNS00ZTc5LThhMTQtNDJkOWZhYzRlOTE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB099ADAN
BgkqhkiG9w0BAQsFAAOCAQEAnGA/5yMrO2zV9nNDXEt2ICF2gfm9buO2C7T2piH6
E/gXevC5rY17n7IiIud4cy4yncKrfnfKmBYv+oSBe16v2K3v8ImVbapawqzJaTPi
ztxvldw6m6VcqRoISZdlwwRnjozC7im8YvRSNYTNhZULfImeatx6VvB3K0AsTqCM
JLsz25GmsjLDFwCjawJdKI8RRD2OwsbjXAAfAfjofyUbRNzEPNZJK7EoBDM87Kyj
SSX14KfbLUTSSG6G+LXV+173dIfx+5ireRCuo5sDtLmdUVYaqPYoNcJY47DUaYSn
+vmt8HkoVKubTjLVVhcIA/nXRk+ze185gYvL+jw7eFeqXA==
-----END CERTIFICATE-----
Generated at Mon Sep 4 15:46:39 2023 by rpki-client on console-ams.rpki-client.org