Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90bd72ba-b30d-4433-a47e-e0543a4ea451.roa
File: 90bd72ba-b30d-4433-a47e-e0543a4ea451.roa (raw, json)
Hash identifier: FlZewphUPkHZtUL7U81XQC8eXQNlPynn6wjA9ry+nS8=
Subject key identifier: BA:D7:F5:FD:56:FB:76:FC:7F:A5:33:AD:5A:61:B3:10:43:04:72:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 468BCBE34915D97B78E8EB7A1B6206E3FA078279
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90bd72ba-b30d-4433-a47e-e0543a4ea451.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:8b:cb:e3:49:15:d9:7b:78:e8:eb:7a:1b:62:06:e3:fa:07:82:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=35cca3a7d86311a934fe997ea5e09b6d779420af120d3a4dfae77de80641d40c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:41:0e:30:53:f3:66:84:c8:5a:fb:5a:bb:d0:
e3:8b:cb:61:6b:67:46:2a:bc:f5:63:05:4c:3e:66:
52:70:d9:ff:7c:71:51:85:09:02:6d:df:36:bd:d9:
cb:ab:a3:b8:b8:72:c8:7d:fd:26:cf:75:25:17:31:
ff:56:9d:8b:b2:ff:32:67:08:2b:27:a2:20:a4:26:
cf:01:40:9c:fd:77:dd:8f:cf:2b:60:d7:a2:7b:90:
30:a5:8b:5b:f9:ec:91:21:da:87:ca:72:ab:f2:db:
b2:e6:ea:cf:5d:7e:4f:61:57:4a:d4:8c:1b:64:07:
98:25:59:36:ff:67:f3:3c:b6:23:3e:63:53:8c:f1:
50:0b:9e:f9:15:36:60:5c:e1:1e:56:f5:11:cf:64:
fd:e8:76:7e:2f:b0:e4:be:de:1e:5e:3f:06:7c:e0:
0f:e1:ba:0e:e1:2b:ff:d9:79:ef:ba:39:4d:85:a1:
a6:e5:d5:2b:92:8c:ed:20:62:06:b5:da:25:7a:c9:
b3:d9:ae:18:de:bb:66:70:33:a9:99:c1:61:95:44:
1e:4d:0e:30:d1:05:85:ed:62:2b:53:74:fd:9d:f5:
b7:f1:a5:d8:1c:4d:18:ae:79:19:e4:cf:52:c6:ee:
63:6e:73:54:6d:ba:6b:6b:68:28:b1:72:d9:d8:5a:
59:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:D7:F5:FD:56:FB:76:FC:7F:A5:33:AD:5A:61:B3:10:43:04:72:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90bd72ba-b30d-4433-a47e-e0543a4ea451.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:e000::/40
Signature Algorithm: sha256WithRSAEncryption
3c:ef:f9:39:0b:08:e4:ea:70:15:c2:2a:26:91:56:78:99:f4:
d1:d2:0a:74:a8:77:36:98:ec:6c:7b:3b:fa:87:88:96:cc:ed:
6a:4b:5c:63:d4:6a:76:b0:26:94:5b:46:0f:00:bc:97:f8:ad:
b2:62:52:71:c3:9a:b8:03:88:4e:d0:df:e7:22:9f:1c:09:6b:
9e:ee:ee:c6:20:f5:47:6f:a7:c1:d1:81:55:49:47:c7:9a:bf:
86:97:75:3a:cb:c7:4a:c1:c9:5a:d8:fe:ce:94:91:2d:a6:a2:
d3:11:4d:27:aa:4b:25:25:b3:fe:3f:7e:cd:dd:60:88:88:35:
87:8f:4e:93:27:b0:c8:ee:40:fe:5d:08:74:8b:c9:90:e4:b9:
bf:75:d7:5c:9b:f8:1e:d3:c9:84:e5:28:b5:0f:d5:c3:aa:1d:
ac:7f:7f:07:29:00:db:1e:a2:c4:42:74:a8:5b:fe:3d:f1:e4:
4e:32:72:c7:8d:d1:8e:cb:b4:6c:c0:1a:99:0b:ac:cf:f5:7b:
6e:a5:40:c5:0d:40:53:49:43:12:c6:0c:df:7f:cc:af:47:f2:
cc:0a:73:47:0f:ae:98:d5:3b:55:87:3a:05:66:82:33:fb:a2:
b2:f6:df:fb:c9:4f:57:7c:4f:1b:25:f6:71:75:3b:cf:4e:1c:
90:4c:82:68
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURovL40kV2Xt46Ot6G2IG4/oHgnkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1Y2NhM2E3ZDg2MzExYTkzNGZlOTk3ZWE1ZTA5YjZkNzc5NDIwYWYxMjBk
M2E0ZGZhZTc3ZGU4MDY0MWQ0MGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJxBDjBT82aEyFr7WrvQ44vLYWtnRiq89WMFTD5mUnDZ/3xxUYUJAm3fNr3Z
y6ujuLhyyH39Js91JRcx/1adi7L/MmcIKyeiIKQmzwFAnP133Y/PK2DXonuQMKWL
W/nskSHah8pyq/Lbsubqz11+T2FXStSMG2QHmCVZNv9n8zy2Iz5jU4zxUAue+RU2
YFzhHlb1Ec9k/eh2fi+w5L7eHl4/BnzgD+G6DuEr/9l577o5TYWhpuXVK5KM7SBi
BrXaJXrJs9muGN67ZnAzqZnBYZVEHk0OMNEFhe1iK1N0/Z31t/Gl2BxNGK55GeTP
UsbuY25zVG26a2toKLFy2dhaWSUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS61/X9
Vvt2/H+lM61aYbMQQwRyMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTBiZDcyYmEtYjMwZC00NDMzLWE0N2UtZTA1NDNhNGVhNDUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DTg
MA0GCSqGSIb3DQEBCwUAA4IBAQA87/k5Cwjk6nAVwiomkVZ4mfTR0gp0qHc2mOxs
ezv6h4iWzO1qS1xj1Gp2sCaUW0YPALyX+K2yYlJxw5q4A4hO0N/nIp8cCWue7u7G
IPVHb6fB0YFVSUfHmr+Gl3U6y8dKwcla2P7OlJEtpqLTEU0nqkslJbP+P37N3WCI
iDWHj06TJ7DI7kD+XQh0i8mQ5Lm/dddcm/ge08mE5Si1D9XDqh2sf38HKQDbHqLE
QnSoW/498eROMnLHjdGOy7RswBqZC6zP9XtupUDFDUBTSUMSxgzff8yvR/LMCnNH
D66Y1TtVhzoFZoIz+6Ky9t/7yU9XfE8bJfZxdTvPThyQTIJo
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:30 2023 by rpki-client on console-fra.rpki-client.org