Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad8623fa-dde5-4517-9b7e-52f4b0b1f32c.roa
File: ad8623fa-dde5-4517-9b7e-52f4b0b1f32c.roa (raw, json)
Hash identifier: IhY6OzkubAbJ0sOHfqy8hdAtWlGL2X7piPEuuPkTHF0=
Subject key identifier: F6:44:03:C0:1D:15:A5:BB:FA:40:0B:74:2A:3A:F0:C2:F1:D0:F7:27
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A8D6C485EBDD1CC9496A856FFE34569F51C9EA1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad8623fa-dde5-4517-9b7e-52f4b0b1f32c.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:8d:6c:48:5e:bd:d1:cc:94:96:a8:56:ff:e3:45:69:f5:1c:9e:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=beec315c10e0fc633b5250cae68c943056cd5f3758ef318408efe74109c25d7f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:7b:df:c6:2a:83:5a:35:30:83:19:39:19:86:
4d:e5:9e:f2:6b:5a:7a:76:c2:41:b5:31:a0:b5:e7:
52:3f:71:90:06:48:b7:6c:d1:7f:9b:00:98:09:8a:
dc:96:ae:27:f1:0e:11:56:cd:fb:66:95:fc:77:80:
e3:ce:41:9e:4d:6b:ba:5b:5a:4b:09:07:c3:b4:13:
c2:4f:28:80:f8:f5:10:36:88:30:99:14:f4:a0:cf:
00:dd:60:59:db:8f:a2:6c:4b:1c:fc:c2:81:61:82:
06:84:5f:33:22:24:6a:b2:a0:75:8a:4d:e3:f2:58:
14:c0:83:f7:2f:13:1b:00:1a:05:41:56:ba:b8:f4:
e8:c1:b7:ff:c2:4e:41:0a:2a:3f:c0:d4:66:5f:11:
64:87:ca:dd:c5:df:0d:a2:41:77:3d:a8:66:d0:8c:
3e:5a:fd:e2:6b:e0:08:63:0f:28:a3:ac:51:be:a3:
9b:21:70:fe:07:14:7d:04:42:97:18:bb:47:0f:1f:
f2:ba:e5:75:90:04:e5:00:e6:fd:48:63:63:28:00:
3c:56:ab:e6:e1:fb:63:10:d8:4a:17:ea:5d:a0:b7:
b1:81:90:fa:6f:de:c7:21:50:ef:77:72:64:99:6d:
b3:0c:42:46:bf:89:ff:f2:47:91:e9:de:8e:33:00:
a8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:44:03:C0:1D:15:A5:BB:FA:40:0B:74:2A:3A:F0:C2:F1:D0:F7:27
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad8623fa-dde5-4517-9b7e-52f4b0b1f32c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:c000::/40
Signature Algorithm: sha256WithRSAEncryption
8a:cc:1e:42:88:26:99:75:32:75:a6:58:45:dd:16:73:ed:db:
f8:bf:0e:5f:22:54:ec:c9:cc:f4:55:58:0d:0e:77:a5:cd:96:
2e:c9:19:4a:36:b1:cd:42:f4:5e:9a:14:eb:e1:79:5e:c1:9d:
6c:07:63:c3:0c:0a:ac:b1:b3:ee:27:38:76:39:34:10:38:7a:
f1:f9:9c:c7:a2:1b:b4:82:b3:69:51:e3:83:33:5c:d5:ea:a5:
35:c1:3a:d4:da:82:c9:d7:ad:91:dc:cd:a1:7d:30:91:4a:56:
69:9f:e7:29:ba:0c:51:9e:90:29:5b:74:c3:29:a8:4b:e3:d0:
f3:2a:b7:c6:81:e0:89:87:7e:2d:df:ef:cc:38:c0:a6:97:34:
52:cb:7c:2d:e5:c4:80:5b:0f:ec:75:dd:e3:ee:69:23:6d:4a:
6b:3a:c0:36:f8:9c:05:25:82:23:b2:87:8f:ac:fd:16:16:3d:
13:6a:78:db:96:ea:b9:70:c3:7e:b1:54:09:bb:86:44:21:c2:
6d:b1:37:b1:8e:61:81:16:68:ac:f6:5a:6b:17:66:81:e5:51:
fc:62:69:91:e5:ea:44:cb:5b:90:9a:60:81:ec:29:42:fc:17:
a6:27:72:79:c2:de:f7:79:c0:99:93:9e:96:3a:fb:02:8c:25:
20:11:01:be
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGo1sSF690cyUlqhW/+NFafUcnqEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlZWMzMTVjMTBlMGZjNjMzYjUyNTBjYWU2OGM5NDMwNTZjZDVmMzc1OGVm
MzE4NDA4ZWZlNzQxMDljMjVkN2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPJ738Yqg1o1MIMZORmGTeWe8mtaenbCQbUxoLXnUj9xkAZIt2zRf5sAmAmK
3JauJ/EOEVbN+2aV/HeA485Bnk1rultaSwkHw7QTwk8ogPj1EDaIMJkU9KDPAN1g
WduPomxLHPzCgWGCBoRfMyIkarKgdYpN4/JYFMCD9y8TGwAaBUFWurj06MG3/8JO
QQoqP8DUZl8RZIfK3cXfDaJBdz2oZtCMPlr94mvgCGMPKKOsUb6jmyFw/gcUfQRC
lxi7Rw8f8rrldZAE5QDm/UhjYygAPFar5uH7YxDYShfqXaC3sYGQ+m/exyFQ73dy
ZJltswxCRr+J//JHkenejjMAqN0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT2RAPA
HRWlu/pAC3QqOvDC8dD3JzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWQ4NjIzZmEtZGRlNS00NTE3LTliN2UtNTJmNGIwYjFmMzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HnA
MA0GCSqGSIb3DQEBCwUAA4IBAQCKzB5CiCaZdTJ1plhF3RZz7dv4vw5fIlTsycz0
VVgNDnelzZYuyRlKNrHNQvRemhTr4XlewZ1sB2PDDAqssbPuJzh2OTQQOHrx+ZzH
ohu0grNpUeODM1zV6qU1wTrU2oLJ162R3M2hfTCRSlZpn+cpugxRnpApW3TDKahL
49DzKrfGgeCJh34t3+/MOMCmlzRSy3wt5cSAWw/sdd3j7mkjbUprOsA2+JwFJYIj
soePrP0WFj0Tanjbluq5cMN+sVQJu4ZEIcJtsTexjmGBFmis9lprF2aB5VH8YmmR
5epEy1uQmmCB7ClC/BemJ3J5wt73ecCZk56WOvsCjCUgEQG+
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:30 2023 by rpki-client on console-fra.rpki-client.org