Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87659113-4050-43f4-ade6-cfd7a3483d5c.roa
File: 87659113-4050-43f4-ade6-cfd7a3483d5c.roa (raw, json)
Hash identifier: Jap6cCcIaliLMIEQJezTw2XMI2xrGZqlVyHzWah66IU=
Subject key identifier: 5D:6A:E0:6B:23:F9:DA:3C:84:82:5D:4D:D8:E8:CA:1D:92:9D:FD:3D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 078459B00630DA7E2ECAACEC9605C1FA913E3A91
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87659113-4050-43f4-ade6-cfd7a3483d5c.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:84:59:b0:06:30:da:7e:2e:ca:ac:ec:96:05:c1:fa:91:3e:3a:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=c12802c29fcd1a42b02a5e9bb4067b106293dfb4dd000e11b2d4ffb5997ad5ae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:13:81:b3:67:6a:f2:80:8e:8c:58:69:87:13:
ff:c7:77:0a:f4:38:b6:6f:df:c6:11:96:18:c9:74:
91:ce:d5:25:85:80:fb:7d:d4:b6:79:0e:e8:15:28:
7b:77:6c:07:b4:35:1f:b9:4e:34:1a:20:4b:d2:67:
79:ac:84:ab:46:25:60:53:d2:aa:63:a9:81:4b:4f:
b7:44:52:d0:ae:9a:b7:d3:6b:59:d8:26:d8:1e:b3:
3e:f5:92:73:b0:9c:e2:6d:1c:95:2b:e3:a8:ed:fe:
3e:ea:fd:24:11:c1:a0:af:0a:65:6e:53:a9:79:2c:
1c:ad:46:33:c9:ca:c2:c7:51:e5:45:e9:1e:08:95:
0f:f3:60:26:2a:ae:fa:83:16:10:b5:fe:32:7b:be:
5a:0d:d6:62:49:0e:67:6b:37:03:4a:06:f3:15:4c:
6c:25:90:43:78:82:76:24:71:25:50:b4:df:30:10:
67:64:35:62:34:0d:c3:21:9a:c2:61:2b:92:bc:4c:
5d:c3:e5:1e:42:7c:85:a0:54:c6:c6:86:d7:f1:e1:
32:40:46:af:c9:15:2a:d3:ad:d6:24:4a:f7:b8:8e:
d4:61:41:cd:1d:0a:9c:e3:bc:21:e7:62:56:3a:96:
91:9a:59:74:58:69:90:74:0a:52:65:1d:40:9c:86:
53:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:6A:E0:6B:23:F9:DA:3C:84:82:5D:4D:D8:E8:CA:1D:92:9D:FD:3D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87659113-4050-43f4-ade6-cfd7a3483d5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:8000::/40
Signature Algorithm: sha256WithRSAEncryption
67:75:f7:3f:6a:0b:17:9c:94:2e:60:95:8e:13:b2:d7:06:a2:
d4:c8:2e:d8:de:0a:60:33:b8:13:96:1e:19:86:ca:59:f9:4e:
60:ae:6b:0a:7b:73:09:a9:50:b1:d8:a7:7f:75:31:68:89:0c:
ce:c5:c8:be:0e:65:50:c0:35:73:25:4a:b4:8d:15:41:34:7d:
d4:a0:b1:8f:27:19:85:3a:c8:4c:69:b9:3c:f5:fa:87:4a:1f:
3e:40:57:a7:27:f1:d7:6f:c8:40:9c:8a:dc:34:8d:30:fe:ec:
30:14:7d:5d:87:5b:c7:71:e7:f7:23:3a:a0:9d:0a:f0:3a:5a:
13:89:32:71:ef:58:b3:8c:c1:76:13:73:fe:41:79:ea:2f:c5:
c6:90:d7:ad:2b:85:71:52:36:c9:f4:e9:64:0c:de:21:0b:08:
25:5c:8b:bc:8f:f2:60:14:fe:f5:eb:07:fe:c9:17:86:7d:4d:
64:20:53:3c:65:3f:81:99:c1:63:a9:4a:9f:4e:d2:48:78:cc:
9f:17:ff:d6:7f:8b:99:0e:84:13:0b:e4:ed:d0:d0:d0:5e:dc:
f6:f5:a7:7b:d5:7f:d8:7e:7c:f2:81:e7:e6:42:ee:97:1e:7a:
b1:ad:64:10:f3:ff:0a:0e:39:11:4f:08:94:50:31:11:82:fc:
8e:e8:71:28
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUB4RZsAYw2n4uyqzslgXB+pE+OpEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxMjgwMmMyOWZjZDFhNDJiMDJhNWU5YmI0MDY3YjEwNjI5M2RmYjRkZDAw
MGUxMWIyZDRmZmI1OTk3YWQ1YWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8TgbNnavKAjoxYaYcT/8d3CvQ4tm/fxhGWGMl0kc7VJYWA+33UtnkO6BUo
e3dsB7Q1H7lONBogS9JneayEq0YlYFPSqmOpgUtPt0RS0K6at9NrWdgm2B6zPvWS
c7Cc4m0clSvjqO3+Pur9JBHBoK8KZW5TqXksHK1GM8nKwsdR5UXpHgiVD/NgJiqu
+oMWELX+Mnu+Wg3WYkkOZ2s3A0oG8xVMbCWQQ3iCdiRxJVC03zAQZ2Q1YjQNwyGa
wmErkrxMXcPlHkJ8haBUxsaG1/HhMkBGr8kVKtOt1iRK97iO1GFBzR0KnOO8Iedi
VjqWkZpZdFhpkHQKUmUdQJyGU10CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRdauBr
I/naPISCXU3Y6Modkp39PTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODc2NTkxMTMtNDA1MC00M2Y0LWFkZTYtY2ZkN2EzNDgzZDVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HiA
MA0GCSqGSIb3DQEBCwUAA4IBAQBndfc/agsXnJQuYJWOE7LXBqLUyC7Y3gpgM7gT
lh4ZhspZ+U5grmsKe3MJqVCx2Kd/dTFoiQzOxci+DmVQwDVzJUq0jRVBNH3UoLGP
JxmFOshMabk89fqHSh8+QFenJ/HXb8hAnIrcNI0w/uwwFH1dh1vHcef3IzqgnQrw
OloTiTJx71izjMF2E3P+QXnqL8XGkNetK4VxUjbJ9OlkDN4hCwglXIu8j/JgFP71
6wf+yReGfU1kIFM8ZT+BmcFjqUqfTtJIeMyfF//Wf4uZDoQTC+Tt0NDQXtz29ad7
1X/YfnzygefmQu6XHnqxrWQQ8/8KDjkRTwiUUDERgvyO6HEo
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:30 2023 by rpki-client on console-fra.rpki-client.org