Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b176a187-5863-4413-a001-74ccc0321be5.roa
File: b176a187-5863-4413-a001-74ccc0321be5.roa (raw, json)
Hash identifier: nyxqQLeQ8onMnUuYldUvLlrl50Bi3TtO182zsCWlaVs=
Subject key identifier: 21:24:0A:45:BE:CB:03:79:75:6C:51:A2:31:FA:A2:82:A2:A5:E5:BC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0BFB4E667AEA502C2163D5436F2448F316EE1064
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b176a187-5863-4413-a001-74ccc0321be5.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02c::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:fb:4e:66:7a:ea:50:2c:21:63:d5:43:6f:24:48:f3:16:ee:10:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=91b9351fbffdb51a1fedfa42b0cd18bfa542c3ce4fd26ea44b339bc16a582da6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b5:1c:46:6a:43:22:a2:31:8d:5a:45:3a:e0:
38:42:ad:f4:fc:7a:8d:3a:6f:aa:12:d0:54:dc:72:
49:41:89:76:e9:c3:b4:43:73:a1:4f:e4:ba:d3:04:
b9:31:69:1f:a8:a4:5e:e0:1a:77:b8:94:6c:53:9b:
5a:8f:23:93:3d:30:5f:69:37:b2:73:ad:5c:d9:8e:
40:80:8b:79:b8:82:b9:18:8e:b1:bd:0b:e2:5f:81:
eb:4b:aa:84:40:95:02:93:cf:e6:d7:9f:ab:3d:b8:
9e:16:a7:cd:35:20:01:cb:71:f4:bd:45:ca:e8:d2:
41:aa:8e:06:11:bf:bc:a7:a9:67:69:57:e0:cb:ce:
b6:d4:f8:cb:11:9a:8d:cb:cd:b7:bf:bf:33:fc:3b:
ae:4e:2a:1c:95:00:35:8d:c2:a0:c7:ce:ce:74:10:
1f:2a:4f:ba:7d:ce:93:0c:7c:4d:01:db:92:4b:6e:
ec:71:bc:c0:77:e5:5c:84:ca:69:e1:81:98:04:b6:
9e:dd:f2:4b:99:8d:80:fb:d1:c7:4a:d5:f3:51:53:
e9:a2:76:fd:02:f5:f8:cc:ee:52:10:b3:77:45:0e:
1c:db:da:d6:42:52:b4:31:c4:9c:5f:2d:40:0c:bd:
37:67:27:ae:1c:c5:ed:3a:2d:78:9f:67:4b:53:90:
2b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:24:0A:45:BE:CB:03:79:75:6C:51:A2:31:FA:A2:82:A2:A5:E5:BC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b176a187-5863-4413-a001-74ccc0321be5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02c::/36
Signature Algorithm: sha256WithRSAEncryption
1f:63:a2:6b:af:e4:9c:af:dd:73:ef:44:5b:cb:ff:76:a6:b5:
fb:7f:25:ca:c6:41:a1:80:35:ce:1b:60:d1:c2:7d:ae:92:bc:
22:1e:0b:85:93:e6:b1:68:c2:27:21:ef:b2:4e:3d:d7:70:fe:
98:84:b0:66:60:a8:b9:c6:99:38:cd:95:53:7f:b4:ee:d7:6f:
db:92:f5:38:f3:4a:90:6f:6d:8b:e5:f8:37:29:ec:1b:ff:25:
10:13:05:46:50:7b:6b:ee:77:d7:d3:c2:89:47:a4:79:36:38:
24:4a:20:0e:59:f6:8a:1e:67:57:7c:eb:8d:13:f8:0d:7d:8a:
f5:3e:e3:5a:d5:48:31:f7:9c:c4:3a:e0:6d:f0:77:3b:1f:9a:
3a:c7:eb:67:67:89:df:22:a0:54:bf:ee:4a:3d:85:a3:c7:f5:
c9:2d:ae:e9:83:a4:70:02:0f:61:f2:e5:b7:b3:f5:f1:58:fd:
b6:b4:38:35:a2:91:9e:43:f6:23:63:91:f8:84:3c:0c:2b:a3:
0a:20:d3:1b:70:2c:6f:87:55:68:97:cf:ec:d7:5f:62:f9:9d:
d5:71:5d:c0:32:3f:cb:0b:2b:ba:20:7f:43:b5:2d:15:bd:68:
0b:3f:51:d7:f8:47:3c:9e:f7:09:75:f8:8e:5e:8e:dd:5b:74:
53:ac:39:8a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUC/tOZnrqUCwhY9VDbyRI8xbuEGQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxYjkzNTFmYmZmZGI1MWExZmVkZmE0MmIwY2QxOGJmYTU0MmMzY2U0ZmQy
NmVhNDRiMzM5YmMxNmE1ODJkYTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL61HEZqQyKiMY1aRTrgOEKt9Px6jTpvqhLQVNxySUGJdunDtENzoU/kutME
uTFpH6ikXuAad7iUbFObWo8jkz0wX2k3snOtXNmOQICLebiCuRiOsb0L4l+B60uq
hECVApPP5tefqz24nhanzTUgActx9L1FyujSQaqOBhG/vKepZ2lX4MvOttT4yxGa
jcvNt7+/M/w7rk4qHJUANY3CoMfOznQQHypPun3Okwx8TQHbkktu7HG8wHflXITK
aeGBmAS2nt3yS5mNgPvRx0rV81FT6aJ2/QL1+MzuUhCzd0UOHNva1kJStDHEnF8t
QAy9N2cnrhzF7ToteJ9nS1OQK7kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQhJApF
vssDeXVsUaIx+qKCoqXlvDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjE3NmExODctNTg2My00NDEzLWEwMDEtNzRjY2MwMzIxYmU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CwA
MA0GCSqGSIb3DQEBCwUAA4IBAQAfY6Jrr+Scr91z70Rby/92prX7fyXKxkGhgDXO
G2DRwn2ukrwiHguFk+axaMInIe+yTj3XcP6YhLBmYKi5xpk4zZVTf7Tu12/bkvU4
80qQb22L5fg3Kewb/yUQEwVGUHtr7nfX08KJR6R5NjgkSiAOWfaKHmdXfOuNE/gN
fYr1PuNa1Ugx95zEOuBt8Hc7H5o6x+tnZ4nfIqBUv+5KPYWjx/XJLa7pg6RwAg9h
8uW3s/XxWP22tDg1opGeQ/YjY5H4hDwMK6MKINMbcCxvh1Vol8/s119i+Z3VcV3A
Mj/LCyu6IH9DtS0VvWgLP1HX+Ec8nvcJdfiOXo7dW3RTrDmK
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org