Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa
File: bad2460c-8206-4534-9b9b-355c2d524858.roa (raw, json)
Hash identifier: NIzWPJC9qTiRO5ito+M9LCIlWbqVenFfLn+2Zd7GjBs=
Subject key identifier: 6B:32:B4:21:F7:30:84:69:B4:12:97:E1:C6:8A:F9:E9:A8:4E:3E:4F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1AF5A5C694EB3FFF952755E50225CE991E3119F7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:f5:a5:c6:94:eb:3f:ff:95:27:55:e5:02:25:ce:99:1e:31:19:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=8eec62396cf447ba0dcffb1303cd779de282b917cb4273deb4e900de1972d809, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:40:9a:ab:d8:c9:31:21:df:dd:cf:d2:31:45:
94:14:95:d9:8b:40:1a:83:14:f8:cc:fb:46:12:53:
cf:9b:9b:08:d7:27:a9:2d:f3:cd:15:55:43:c1:3c:
5f:f2:53:3f:9c:6f:2f:33:95:99:d1:4c:07:de:bf:
6c:69:b6:90:18:4a:3b:dd:f6:06:f7:da:df:60:d7:
31:3c:05:20:79:99:ae:39:62:43:53:22:d1:17:1f:
af:bb:cc:80:0e:e2:a6:2b:9a:3d:66:b9:ef:b1:6a:
65:75:18:6e:c8:7a:4f:d9:a0:32:19:07:85:ce:48:
51:ad:fb:fc:1d:c2:c7:cc:97:f9:4e:92:e3:36:97:
a3:e3:d1:bb:6f:65:36:01:88:19:ef:4f:3d:f7:4b:
1c:4a:59:ef:49:00:de:8f:93:a9:d2:9c:81:14:96:
89:4a:50:62:c4:dd:d3:b5:a0:d6:6d:1c:5e:e7:60:
97:a0:b3:b2:76:4f:f3:de:f3:51:fd:5c:69:93:df:
78:1a:0a:4d:41:68:4d:44:48:af:ab:75:99:06:20:
96:56:4a:2b:28:3f:dc:ca:d4:ff:b4:89:86:14:7c:
0c:69:34:53:1e:8f:59:41:85:cb:4b:64:ac:2d:fc:
ce:e4:fa:aa:12:b1:9a:1c:09:90:88:6e:e5:2d:cc:
c4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:32:B4:21:F7:30:84:69:B4:12:97:E1:C6:8A:F9:E9:A8:4E:3E:4F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:6000::/40
Signature Algorithm: sha256WithRSAEncryption
68:39:75:98:8d:75:a2:56:18:c5:b8:df:7e:4e:9a:c6:e3:3d:
f0:76:90:fb:cb:4c:d7:fa:8c:a1:21:88:92:6d:c5:3d:c9:f9:
f5:34:29:0b:a2:ea:5e:44:7a:f3:70:a8:ad:98:c1:a4:4e:34:
ab:f1:5f:76:64:0b:ab:99:43:24:a2:28:0a:c6:3c:22:36:45:
30:90:c4:ef:c8:c7:45:44:19:c1:3b:b3:99:b2:ce:ef:d2:33:
26:38:eb:18:21:0a:3f:5c:da:c2:85:f8:29:3e:49:a2:d7:5d:
1f:03:43:28:a4:2e:6d:64:ed:60:07:58:7d:68:6b:1e:a7:77:
66:19:2b:41:a2:d7:0d:64:3e:6a:84:ee:e1:8d:df:e3:b4:3d:
a3:a4:b1:2f:10:c3:6e:11:91:49:e5:7a:e9:d7:99:64:11:39:
c3:e5:5c:0d:32:1e:4b:82:00:66:4d:4f:5c:6c:d4:eb:9d:f7:
7a:9c:f5:7f:42:70:f2:10:7f:21:f9:5e:81:c3:22:ca:c5:cc:
e9:f0:aa:11:1f:53:2b:aa:c6:d7:4e:a4:51:09:7a:46:e8:7a:
b5:c6:03:df:a6:56:98:79:d9:d7:86:09:51:a8:ba:fa:9d:fd:
a5:8f:a8:6d:a2:25:a7:05:54:43:50:48:32:b0:35:2e:cf:b3:
ae:d7:fc:9d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGvWlxpTrP/+VJ1XlAiXOmR4xGfcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlZWM2MjM5NmNmNDQ3YmEwZGNmZmIxMzAzY2Q3NzlkZTI4MmI5MTdjYjQy
NzNkZWI0ZTkwMGRlMTk3MmQ4MDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJdAmqvYyTEh393P0jFFlBSV2YtAGoMU+Mz7RhJTz5ubCNcnqS3zzRVVQ8E8
X/JTP5xvLzOVmdFMB96/bGm2kBhKO932Bvfa32DXMTwFIHmZrjliQ1Mi0Rcfr7vM
gA7ipiuaPWa577FqZXUYbsh6T9mgMhkHhc5IUa37/B3Cx8yX+U6S4zaXo+PRu29l
NgGIGe9PPfdLHEpZ70kA3o+TqdKcgRSWiUpQYsTd07Wg1m0cXudgl6CzsnZP897z
Uf1caZPfeBoKTUFoTURIr6t1mQYgllZKKyg/3MrU/7SJhhR8DGk0Ux6PWUGFy0tk
rC38zuT6qhKxmhwJkIhu5S3MxD0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRrMrQh
9zCEabQSl+HGivnpqE4+TzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmFkMjQ2MGMtODIwNi00NTM0LTliOWItMzU1YzJkNTI0ODU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5g
MA0GCSqGSIb3DQEBCwUAA4IBAQBoOXWYjXWiVhjFuN9+TprG4z3wdpD7y0zX+oyh
IYiSbcU9yfn1NCkLoupeRHrzcKitmMGkTjSr8V92ZAurmUMkoigKxjwiNkUwkMTv
yMdFRBnBO7OZss7v0jMmOOsYIQo/XNrChfgpPkmi110fA0MopC5tZO1gB1h9aGse
p3dmGStBotcNZD5qhO7hjd/jtD2jpLEvEMNuEZFJ5Xrp15lkETnD5VwNMh5LggBm
TU9cbNTrnfd6nPV/QnDyEH8h+V6BwyLKxczp8KoRH1MrqsbXTqRRCXpG6Hq1xgPf
plaYednXhglRqLr6nf2lj6htoiWnBVRDUEgysDUuz7Ou1/yd
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:27 2023 by rpki-client on console-ams.rpki-client.org