Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a8f701ff-5301-42b0-952d-8fdd27a23bac.roa
File: a8f701ff-5301-42b0-952d-8fdd27a23bac.roa (raw, json)
Hash identifier: 4l7fVdUiQ+sncV0iQN1budwbI8B+eSbUjtSdzQkqHEw=
Subject key identifier: 9A:09:CB:09:F7:0F:4F:3C:E3:47:03:0F:11:2D:F0:95:B0:1E:B6:D8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 73E3A34A22FF86964CDB201CBB36C39B122D6DEB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a8f701ff-5301-42b0-952d-8fdd27a23bac.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:e3:a3:4a:22:ff:86:96:4c:db:20:1c:bb:36:c3:9b:12:2d:6d:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=dd5fb6f2bf62f700d4f359ed5b070e72fe8369ee686c65f1042d5ea229755959, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7d:02:33:24:7f:d1:b8:b9:00:82:70:44:37:
da:0d:09:4e:c4:bb:83:c5:9c:c7:b0:0d:e6:e0:12:
b7:b7:b9:60:a8:62:a7:09:4b:66:7e:a8:47:12:e2:
16:ef:cc:51:27:ad:ba:a8:39:70:37:08:28:55:b8:
61:1c:6f:af:e1:b6:ba:04:84:dd:19:71:04:68:1d:
8c:d9:b5:11:3a:65:23:ae:22:19:33:cc:a1:75:ce:
f8:e0:cb:86:61:6f:e0:09:af:25:64:ff:9a:e1:97:
c5:09:c3:70:c8:4a:06:57:34:fd:fc:9e:e6:34:55:
e4:90:75:92:f0:12:f8:c5:f8:a4:2c:89:23:2a:ab:
c1:5e:9a:ab:d6:d9:cb:65:1c:72:9f:d0:7c:1d:54:
c1:5f:22:13:c1:ea:4f:49:bd:d3:c3:55:d7:c0:76:
1d:ed:c2:a7:ea:7c:82:81:bd:29:05:3d:71:fe:c9:
e6:dd:60:01:06:d1:66:c2:c8:67:5a:2b:67:4d:9e:
45:b6:c6:a4:7f:b6:22:21:54:62:93:ff:d9:eb:22:
a0:0e:15:76:24:0c:09:13:93:46:e8:6c:bb:4c:07:
b5:12:be:59:4a:3d:25:a5:6a:1e:03:e9:9a:38:d9:
56:e2:9e:dd:00:82:26:09:ef:9c:17:34:e3:5c:ac:
a8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:09:CB:09:F7:0F:4F:3C:E3:47:03:0F:11:2D:F0:95:B0:1E:B6:D8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a8f701ff-5301-42b0-952d-8fdd27a23bac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:c000::/40
Signature Algorithm: sha256WithRSAEncryption
79:d7:c1:05:7c:71:b0:be:04:98:b2:6a:46:48:e6:e4:7b:da:
05:c2:e8:68:8d:97:d6:b9:d5:f6:f0:6a:6b:78:fb:8b:52:a0:
6a:78:ff:33:d5:f2:59:62:b9:72:5a:72:dd:cf:39:d1:57:81:
9e:66:fa:81:87:44:f9:13:43:a2:87:07:ef:14:77:ea:ea:49:
93:5f:aa:fa:1f:dc:8d:5b:0a:1c:46:c2:cc:90:db:9c:a7:0b:
c6:91:70:ba:71:e0:67:f8:96:e9:8b:70:e9:b9:1c:1b:30:e1:
b3:d3:24:e8:e9:78:4e:fd:48:ff:37:58:c6:c2:29:c3:07:ea:
e7:1a:31:28:7f:52:7a:87:f3:9e:0c:36:d9:7f:66:9f:85:90:
8c:4b:96:43:be:14:35:14:93:e7:16:c0:3a:6b:45:46:ba:70:
83:19:8b:b3:38:b8:7a:d3:47:68:d3:f2:13:50:48:55:06:b6:
07:73:e8:99:13:2e:17:80:fe:dc:d8:80:cf:9d:5c:bb:79:e2:
2f:b9:7c:2f:11:2d:a2:62:57:8c:cd:2f:3a:16:74:b4:55:9c:
ee:e2:5e:98:53:ea:80:f5:d2:60:22:cf:cd:b1:f3:63:8b:34:
ce:23:13:22:85:5b:d3:7d:d8:f8:0d:e0:b6:51:50:54:59:f2:
6c:ed:d2:3f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc+OjSiL/hpZM2yAcuzbDmxItbeswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkNWZiNmYyYmY2MmY3MDBkNGYzNTllZDViMDcwZTcyZmU4MzY5ZWU2ODZj
NjVmMTA0MmQ1ZWEyMjk3NTU5NTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKx9AjMkf9G4uQCCcEQ32g0JTsS7g8Wcx7AN5uASt7e5YKhipwlLZn6oRxLi
Fu/MUSetuqg5cDcIKFW4YRxvr+G2ugSE3RlxBGgdjNm1ETplI64iGTPMoXXO+ODL
hmFv4AmvJWT/muGXxQnDcMhKBlc0/fye5jRV5JB1kvAS+MX4pCyJIyqrwV6aq9bZ
y2Uccp/QfB1UwV8iE8HqT0m908NV18B2He3Cp+p8goG9KQU9cf7J5t1gAQbRZsLI
Z1orZ02eRbbGpH+2IiFUYpP/2esioA4VdiQMCROTRuhsu0wHtRK+WUo9JaVqHgPp
mjjZVuKe3QCCJgnvnBc041ysqGsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSaCcsJ
9w9PPONHAw8RLfCVsB622DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YThmNzAxZmYtNTMwMS00MmIwLTk1MmQtOGZkZDI3YTIzYmFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HfA
MA0GCSqGSIb3DQEBCwUAA4IBAQB518EFfHGwvgSYsmpGSObke9oFwuhojZfWudX2
8GprePuLUqBqeP8z1fJZYrlyWnLdzznRV4GeZvqBh0T5E0OihwfvFHfq6kmTX6r6
H9yNWwocRsLMkNucpwvGkXC6ceBn+Jbpi3DpuRwbMOGz0yTo6XhO/Uj/N1jGwinD
B+rnGjEof1J6h/OeDDbZf2afhZCMS5ZDvhQ1FJPnFsA6a0VGunCDGYuzOLh600do
0/ITUEhVBrYHc+iZEy4XgP7c2IDPnVy7eeIvuXwvES2iYleMzS86FnS0VZzu4l6Y
U+qA9dJgIs/NsfNjizTOIxMihVvTfdj4DeC2UVBUWfJs7dI/
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org