Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b4179d9-6f47-4699-ac59-d57ba5ebbe0b.roa
File: 9b4179d9-6f47-4699-ac59-d57ba5ebbe0b.roa (raw, json)
Hash identifier: s7wMFWLJ7wMtPylIZ7HVNnrpv/NqMalxTB2TucBAHWU=
Subject key identifier: 85:E9:D0:85:3F:F5:69:B4:6B:C9:8A:EA:C3:A2:41:96:13:88:53:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0D15C96D433BCD14473F0A2CACA0A603DDCBED58
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b4179d9-6f47-4699-ac59-d57ba5ebbe0b.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:15:c9:6d:43:3b:cd:14:47:3f:0a:2c:ac:a0:a6:03:dd:cb:ed:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=bb9f96a362686bba05df50a9794bceec9456e5e9c3620d3276730895127d44a7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d6:01:80:53:2f:05:ac:2a:1c:cd:b7:cf:4e:
83:33:f4:04:9b:1c:c7:60:6c:4c:f0:b1:15:ee:7e:
3b:31:1e:4b:6d:00:55:3f:6d:df:87:c6:95:7e:77:
df:78:ea:5a:ac:be:88:fc:f6:8f:db:a7:99:aa:28:
b5:91:e0:e4:97:07:cf:38:4e:08:6a:66:3e:ac:7e:
16:ce:53:3a:6a:d6:6e:b8:f4:c4:a6:22:ad:f2:ac:
2c:a2:b9:5f:95:60:e0:c9:77:0c:6b:70:0b:f8:0a:
f1:a4:cf:8b:ae:39:d1:6d:97:ef:06:38:85:eb:78:
bd:a6:ca:80:ca:e1:bb:61:86:c9:fc:e2:e2:0e:74:
35:7c:fd:85:b1:3f:c5:67:ca:18:df:df:e7:c0:3f:
9b:ec:9f:eb:1a:83:47:4d:33:26:32:b6:e2:6c:c4:
99:18:91:1b:be:5f:61:16:86:95:71:7c:d9:c6:70:
ee:bb:aa:83:f4:4f:04:27:d4:00:45:b0:d4:da:01:
ea:6e:46:02:63:b0:e5:65:d2:ad:99:96:3b:08:09:
b6:ed:68:b0:ec:a2:56:07:74:73:fb:17:23:bc:6f:
2b:d5:5f:08:71:19:a0:3c:f4:e6:c5:42:bf:9b:17:
dc:ad:8e:4d:a0:2d:69:0a:76:39:af:b3:47:9b:90:
f7:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E9:D0:85:3F:F5:69:B4:6B:C9:8A:EA:C3:A2:41:96:13:88:53:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b4179d9-6f47-4699-ac59-d57ba5ebbe0b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:2000::/40
Signature Algorithm: sha256WithRSAEncryption
05:25:05:ff:0d:0b:9b:da:b4:0f:3b:5c:1c:ef:93:41:41:bf:
91:e9:7e:3c:ed:1a:eb:91:43:8d:a3:7d:47:88:25:a1:da:88:
87:92:98:cf:5c:fe:dc:ed:33:42:6c:dc:35:67:22:de:d0:dc:
af:71:76:0b:86:12:0f:84:ec:d8:8c:eb:d7:c9:bb:ed:af:a4:
58:08:7b:e2:b1:49:87:01:3c:c7:91:ca:ae:fa:37:8f:27:50:
9f:49:a5:20:3a:f2:43:f0:0e:24:02:7c:a7:eb:5e:3c:60:1b:
75:29:d3:b1:8c:54:43:68:8f:14:21:f4:03:f4:e1:40:c9:cb:
56:3e:58:19:0c:98:09:34:60:ab:15:a3:b0:3b:44:1e:45:8c:
d9:6c:9e:cc:ef:6b:fd:aa:78:df:77:e3:3f:ce:44:b1:e1:7a:
fc:f6:56:11:b8:1b:a4:e1:4b:ce:a6:cd:de:5d:6a:07:8d:19:
0c:18:85:04:0f:12:90:db:19:7d:4c:7d:b5:3f:40:ec:a5:60:
31:c0:44:c7:02:eb:ed:a2:c9:9c:cd:b1:e2:56:a6:13:1b:2a:
6e:f0:4a:f2:16:7a:75:4e:73:7d:8f:55:c8:c7:92:0d:fe:f7:
b4:42:1b:df:08:d2:26:d3:b4:37:21:ea:73:17:e8:6d:83:8d:
3e:fb:d7:24
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDRXJbUM7zRRHPwosrKCmA93L7VgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiOWY5NmEzNjI2ODZiYmEwNWRmNTBhOTc5NGJjZWVjOTQ1NmU1ZTljMzYy
MGQzMjc2NzMwODk1MTI3ZDQ0YTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOLWAYBTLwWsKhzNt89OgzP0BJscx2BsTPCxFe5+OzEeS20AVT9t34fGlX53
33jqWqy+iPz2j9unmaootZHg5JcHzzhOCGpmPqx+Fs5TOmrWbrj0xKYirfKsLKK5
X5Vg4Ml3DGtwC/gK8aTPi6450W2X7wY4het4vabKgMrhu2GGyfzi4g50NXz9hbE/
xWfKGN/f58A/m+yf6xqDR00zJjK24mzEmRiRG75fYRaGlXF82cZw7ruqg/RPBCfU
AEWw1NoB6m5GAmOw5WXSrZmWOwgJtu1osOyiVgd0c/sXI7xvK9VfCHEZoDz05sVC
v5sX3K2OTaAtaQp2Oa+zR5uQ9+cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSF6dCF
P/VptGvJiurDokGWE4hTYzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWI0MTc5ZDktNmY0Ny00Njk5LWFjNTktZDU3YmE1ZWJiZTBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DEg
MA0GCSqGSIb3DQEBCwUAA4IBAQAFJQX/DQub2rQPO1wc75NBQb+R6X487RrrkUON
o31HiCWh2oiHkpjPXP7c7TNCbNw1ZyLe0NyvcXYLhhIPhOzYjOvXybvtr6RYCHvi
sUmHATzHkcqu+jePJ1CfSaUgOvJD8A4kAnyn6148YBt1KdOxjFRDaI8UIfQD9OFA
yctWPlgZDJgJNGCrFaOwO0QeRYzZbJ7M72v9qnjfd+M/zkSx4Xr89lYRuBuk4UvO
ps3eXWoHjRkMGIUEDxKQ2xl9TH21P0DspWAxwETHAuvtosmczbHiVqYTGypu8Ery
Fnp1TnN9j1XIx5IN/ve0QhvfCNIm07Q3IepzF+htg40++9ck
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:30 2023 by rpki-client on console-fra.rpki-client.org