Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
File: 8eb63ceb-3350-490c-9a1a-85b2563a8947.roa (raw, json)
Hash identifier: Kt913MSoa5LD9AbtJ6v/+lLqNcft+Mpx4bgTFuhSjj4=
Subject key identifier: B4:D8:23:FB:42:DB:6C:C5:F9:8E:C3:6B:E4:B3:1E:5A:8D:0F:E4:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 773B04120A924FB44AEA218511739FD8B1F4B6FB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:3b:04:12:0a:92:4f:b4:4a:ea:21:85:11:73:9f:d8:b1:f4:b6:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=7b19132894168ec5194e7bf4c37d7871d74a5604922077cb6b6884bfbf638027, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c4:b9:5e:aa:6d:02:2b:a7:df:55:65:98:66:
78:b0:18:4d:0d:ce:a1:89:fd:75:a4:19:23:ef:1e:
d0:a1:f6:3b:db:9d:4c:f7:c6:40:17:a7:ea:5f:7c:
bc:45:fe:eb:87:44:2a:16:96:71:d5:a6:bd:7f:27:
68:68:35:9d:b2:d2:96:ef:b2:72:c4:69:77:c3:1d:
97:c0:69:81:bd:94:1d:77:3e:48:e4:ef:36:1f:3f:
7f:d3:4f:a4:62:d5:f3:d6:fc:ee:e2:f5:55:a7:de:
03:f3:7d:69:f9:a1:4a:a7:8d:ea:6a:50:42:45:f2:
01:44:1e:4c:41:ea:9a:4a:06:c4:b7:ec:f5:1d:78:
51:b9:3d:83:3d:ba:6b:f8:9c:4a:1a:d9:e1:e9:35:
6a:59:cf:80:ab:a9:fa:53:85:cf:45:bf:e2:d7:ef:
c2:d1:77:47:ce:dd:2f:a9:f9:98:d7:91:03:4e:4d:
f1:97:87:21:ce:53:47:44:ae:65:e1:d1:8a:70:e2:
3d:eb:d1:3f:31:74:66:4c:a7:12:86:d2:d3:5a:5a:
14:19:bd:87:88:49:89:70:f6:76:36:23:07:23:e2:
47:da:d3:ec:a8:63:1e:e0:2c:57:da:56:fd:47:24:
dd:75:b0:35:59:55:22:c9:ce:b2:8f:68:77:1d:a5:
e3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:D8:23:FB:42:DB:6C:C5:F9:8E:C3:6B:E4:B3:1E:5A:8D:0F:E4:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:4000::/40
Signature Algorithm: sha256WithRSAEncryption
08:d0:05:7a:82:8b:a7:9d:36:97:32:75:78:db:38:69:f1:79:
18:6d:18:fa:34:80:6a:f3:b4:f9:f6:21:53:bc:19:97:3f:ba:
7c:9d:c2:ef:34:db:24:63:60:76:9e:a6:ff:dc:5d:4f:a8:08:
5f:73:08:a0:a5:4c:28:e8:db:e2:7f:75:bb:4d:5c:9f:6c:24:
7d:7d:d7:2e:83:7c:99:1e:51:29:49:a5:a3:64:4f:5f:c0:6e:
5d:7b:c9:af:d7:a2:27:37:4c:f0:a6:50:a8:f5:85:52:42:2c:
06:80:b8:8b:3f:5f:96:ea:2a:d6:79:03:d4:eb:cc:9f:00:60:
12:3f:77:d6:92:c3:04:c4:93:57:f8:a8:cb:be:ee:56:72:a3:
9b:8a:ef:71:8b:d9:40:9a:94:10:ad:a3:4c:0c:f9:1d:5c:69:
b5:79:7e:7e:54:07:b0:ba:32:57:d1:8a:a1:aa:d7:fb:aa:5a:
95:b7:c7:17:c3:b4:69:97:13:11:22:ae:78:8c:1d:29:c0:54:
57:df:45:67:48:a2:d4:7a:5d:fa:2d:36:49:cf:00:dc:a7:3b:
8b:7b:87:b8:85:d2:71:51:05:e8:6d:1f:dd:7b:37:1f:b0:f7:
18:a2:01:62:06:b4:51:8f:fe:ef:6a:93:c7:07:76:4e:14:d1:
44:e7:61:b3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdzsEEgqST7RK6iGFEXOf2LH0tvswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiMTkxMzI4OTQxNjhlYzUxOTRlN2JmNGMzN2Q3ODcxZDc0YTU2MDQ5MjIw
NzdjYjZiNjg4NGJmYmY2MzgwMjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOrEuV6qbQIrp99VZZhmeLAYTQ3OoYn9daQZI+8e0KH2O9udTPfGQBen6l98
vEX+64dEKhaWcdWmvX8naGg1nbLSlu+ycsRpd8Mdl8Bpgb2UHXc+SOTvNh8/f9NP
pGLV89b87uL1VafeA/N9afmhSqeN6mpQQkXyAUQeTEHqmkoGxLfs9R14Ubk9gz26
a/icShrZ4ek1alnPgKup+lOFz0W/4tfvwtF3R87dL6n5mNeRA05N8ZeHIc5TR0Su
ZeHRinDiPevRPzF0ZkynEobS01paFBm9h4hJiXD2djYjByPiR9rT7KhjHuAsV9pW
/Uck3XWwNVlVIsnOso9odx2l4xMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS02CP7
QttsxfmOw2vksx5ajQ/kGDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGViNjNjZWItMzM1MC00OTBjLTlhMWEtODViMjU2M2E4OTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFA
MA0GCSqGSIb3DQEBCwUAA4IBAQAI0AV6gounnTaXMnV42zhp8XkYbRj6NIBq87T5
9iFTvBmXP7p8ncLvNNskY2B2nqb/3F1PqAhfcwigpUwo6Nvif3W7TVyfbCR9fdcu
g3yZHlEpSaWjZE9fwG5de8mv16InN0zwplCo9YVSQiwGgLiLP1+W6irWeQPU68yf
AGASP3fWksMExJNX+KjLvu5WcqObiu9xi9lAmpQQraNMDPkdXGm1eX5+VAewujJX
0Yqhqtf7qlqVt8cXw7RplxMRIq54jB0pwFRX30VnSKLUel36LTZJzwDcpzuLe4e4
hdJxUQXobR/dezcfsPcYogFiBrRRj/7vapPHB3ZOFNFE52Gz
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:27 2023 by rpki-client on console-ams.rpki-client.org