Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa
File: aa679cd8-5924-43d7-8928-c65bc2ec3659.roa (raw, json)
Hash identifier: VaHGcDae5nnCbusSbVDPj3XdYpde3D1SM4VicEniDwI=
Subject key identifier: 17:22:CB:EC:63:0B:66:69:7A:82:85:92:CF:4D:8B:D6:C5:44:95:D7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45E61A11A2FCC9B93D470F1D5EF481ADFBC61C33
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:e6:1a:11:a2:fc:c9:b9:3d:47:0f:1d:5e:f4:81:ad:fb:c6:1c:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=b8be0634bcf40669d159d107f6249e69198570060d93fd3ab2f31c0c9fbf0e36, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5a:4f:68:69:71:3c:78:34:67:34:76:e7:59:
00:43:d3:cd:5c:4b:ba:96:b0:70:52:58:45:0d:0b:
8d:89:f1:82:6b:71:8a:a6:f3:3d:11:e6:03:11:fb:
fb:b5:5f:8f:22:e4:be:11:2a:77:a3:53:7b:7e:55:
9e:a0:a2:8b:0e:49:ed:57:96:1d:a9:a1:21:37:28:
a8:e1:53:a3:f2:97:b4:00:49:e8:37:71:0e:f6:a2:
ae:4a:99:5d:33:33:a6:09:f1:08:70:6e:18:2d:c4:
db:09:b1:37:9b:30:d1:45:84:1f:b5:a9:31:a7:7c:
02:d4:1f:32:5a:65:84:4b:4d:4c:88:54:fe:f3:12:
25:6d:4e:1d:5e:9f:e0:e5:13:e3:27:51:2a:f4:1a:
5a:e4:6f:ac:39:f1:fe:9a:6d:19:40:2a:a7:d4:61:
5c:d6:09:f4:e2:a2:33:71:b2:13:c5:35:6d:a3:bf:
9c:95:0e:96:8b:99:02:b7:7d:07:4c:07:0e:4a:bf:
c4:70:51:5e:fb:33:ff:9f:30:ec:7d:34:9b:74:24:
f9:71:55:0e:6a:1c:64:62:34:c2:37:19:9b:27:cb:
92:86:ed:32:c6:92:71:06:d2:71:f2:93:fb:7f:07:
50:93:c7:ab:5b:6f:f4:30:c9:66:0a:c0:f8:4a:4d:
69:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:22:CB:EC:63:0B:66:69:7A:82:85:92:CF:4D:8B:D6:C5:44:95:D7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:c000::/40
Signature Algorithm: sha256WithRSAEncryption
ae:97:ae:9c:4e:38:45:18:55:0c:89:ce:5b:b5:60:50:ee:37:
97:27:05:58:e6:a7:3e:39:f9:bb:5b:40:ee:23:03:fa:31:08:
c9:d2:72:21:c9:e0:a1:5e:97:a5:0b:c4:7a:7c:e1:da:75:2b:
19:48:00:99:65:fa:fb:53:dc:df:42:c7:9a:8f:c2:13:fa:9d:
31:e2:f3:07:20:a0:f2:af:cf:f1:9c:c0:68:29:03:db:ca:c4:
7f:f8:31:b8:98:48:c9:cf:80:17:39:24:20:ca:5e:1e:0e:bd:
40:a8:7e:f1:a2:0a:89:00:d5:59:1a:ed:ee:2b:82:b2:4c:2c:
23:15:0a:04:a1:80:46:44:08:eb:82:bc:6e:61:66:02:e1:6f:
ad:fe:7d:90:7b:d3:8b:b0:99:77:30:91:0f:8c:29:a8:18:d3:
67:d0:78:98:dc:7f:b8:7d:68:44:2f:11:e1:54:a0:dd:76:92:
0e:d3:11:0c:46:80:47:b3:12:10:7d:90:c8:bf:14:03:bd:30:
0a:7b:81:5e:d7:f5:dd:54:73:4f:28:ba:06:2b:93:e4:d6:c9:
e8:8f:14:62:69:a9:50:db:07:73:13:1a:66:27:c3:a5:03:f5:
1f:15:39:fa:75:0f:f0:7e:45:2d:89:df:5b:e6:53:44:50:48:
5e:63:b1:30
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUReYaEaL8ybk9Rw8dXvSBrfvGHDMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4YmUwNjM0YmNmNDA2NjlkMTU5ZDEwN2Y2MjQ5ZTY5MTk4NTcwMDYwZDkz
ZmQzYWIyZjMxYzBjOWZiZjBlMzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJJaT2hpcTx4NGc0dudZAEPTzVxLupawcFJYRQ0LjYnxgmtxiqbzPRHmAxH7
+7VfjyLkvhEqd6NTe35VnqCiiw5J7VeWHamhITcoqOFTo/KXtABJ6DdxDvairkqZ
XTMzpgnxCHBuGC3E2wmxN5sw0UWEH7WpMad8AtQfMlplhEtNTIhU/vMSJW1OHV6f
4OUT4ydRKvQaWuRvrDnx/pptGUAqp9RhXNYJ9OKiM3GyE8U1baO/nJUOlouZArd9
B0wHDkq/xHBRXvsz/58w7H00m3Qk+XFVDmocZGI0wjcZmyfLkobtMsaScQbScfKT
+38HUJPHq1tv9DDJZgrA+EpNaZcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQXIsvs
YwtmaXqChZLPTYvWxUSV1zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWE2NzljZDgtNTkyNC00M2Q3LTg5MjgtYzY1YmMyZWMzNjU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HjA
MA0GCSqGSIb3DQEBCwUAA4IBAQCul66cTjhFGFUMic5btWBQ7jeXJwVY5qc+Ofm7
W0DuIwP6MQjJ0nIhyeChXpelC8R6fOHadSsZSACZZfr7U9zfQseaj8IT+p0x4vMH
IKDyr8/xnMBoKQPbysR/+DG4mEjJz4AXOSQgyl4eDr1AqH7xogqJANVZGu3uK4Ky
TCwjFQoEoYBGRAjrgrxuYWYC4W+t/n2Qe9OLsJl3MJEPjCmoGNNn0HiY3H+4fWhE
LxHhVKDddpIO0xEMRoBHsxIQfZDIvxQDvTAKe4Fe1/XdVHNPKLoGK5Pk1snojxRi
aalQ2wdzExpmJ8OlA/UfFTn6dQ/wfkUtid9b5lNEUEheY7Ew
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:30 2023 by rpki-client on console-fra.rpki-client.org