Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
File: be1170a3-5a68-4c9c-8b51-b7efde64b945.roa (raw, json)
Hash identifier: QLdKzFGkI6NVgrQHKJz04AU99aDy0a/nPrOmkk9VAUI=
Subject key identifier: 62:50:AB:80:F0:5D:73:24:E8:2B:0C:F9:75:40:AA:9A:81:41:48:2E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 195E462E592D34D5FEA34881973F7B2D1BCBAB46
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:5e:46:2e:59:2d:34:d5:fe:a3:48:81:97:3f:7b:2d:1b:cb:ab:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=c5f14bfe27ac6288f01ef7323e86b3b6bd9f74ff77d9b212ba2466df6e19c554, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8e:1d:ca:85:25:98:04:5a:83:58:91:05:b9:
65:6e:86:b6:c5:a2:bd:9b:12:99:e5:ba:4f:fd:52:
a3:dd:be:95:f4:bd:5d:23:10:f4:76:d2:21:02:9b:
a9:a7:37:f4:13:8f:f6:29:9f:55:f4:00:85:4c:53:
bf:1a:dd:0c:6a:06:2d:d7:70:55:79:9b:5e:72:f9:
e5:89:80:fe:d1:ec:4e:e8:f1:08:83:9d:e0:cb:84:
e2:6f:0c:3f:ec:8b:a4:73:0d:25:1f:1c:57:d9:3a:
07:05:06:ec:47:9d:10:55:be:d0:6f:2b:a8:ef:2c:
f2:b2:9d:46:c9:91:a8:d7:98:cb:e3:6d:1a:ca:2a:
85:2b:a1:0e:ef:96:4d:da:ae:12:07:da:df:b3:cc:
9b:86:ed:a6:6e:0e:28:9f:ab:7b:a9:70:ee:96:91:
43:5e:20:76:00:a5:a3:c9:7e:ed:93:d6:e7:59:c6:
fc:fa:ae:69:2e:91:33:de:f8:db:d0:8b:6d:bf:aa:
8b:6b:67:0a:db:a5:8c:c4:74:c6:36:0e:f4:06:e5:
d9:78:37:ab:f0:88:96:fb:e5:40:c6:8d:88:17:61:
18:6b:c6:b3:e6:f6:0d:c9:36:05:6a:60:b9:94:1f:
ce:7b:a9:59:6e:00:93:b2:75:dc:2e:ec:90:c4:0c:
9f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:50:AB:80:F0:5D:73:24:E8:2B:0C:F9:75:40:AA:9A:81:41:48:2E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:6000::/40
Signature Algorithm: sha256WithRSAEncryption
7f:64:26:31:d9:64:d3:db:d7:bb:aa:bd:1e:23:4a:0e:71:78:
bb:84:a6:e4:f8:1f:10:39:c6:6c:7e:c8:9a:34:22:05:08:82:
89:81:bd:02:b3:67:7a:1a:b6:40:de:58:9f:3d:8e:de:8d:52:
ff:3e:37:97:bb:dc:b9:f3:2b:56:81:f7:fc:d4:a1:ad:c4:2c:
45:ba:a4:fc:9a:d6:db:13:a9:06:45:ff:a7:b5:00:40:ae:45:
fd:d4:03:15:1f:4a:a7:f4:92:68:47:ea:ea:9e:30:6f:16:0e:
6e:31:03:bf:d8:32:b0:16:f4:4c:dd:eb:89:c6:79:a3:88:e7:
01:94:75:8b:23:78:c3:a6:64:1e:03:e0:f0:8d:52:3c:91:bb:
ef:de:f8:ac:78:b5:61:2c:b4:90:5d:ee:c1:14:81:05:3e:04:
55:2d:88:ec:5d:5e:6f:f0:6b:8b:d8:50:68:47:5e:f9:c2:2b:
c5:9b:a2:6e:f6:fc:49:43:91:27:54:50:b1:60:c2:0e:78:04:
72:18:8b:f7:ac:23:71:86:fa:88:73:c9:ac:e7:a3:95:af:ba:
29:c4:39:b6:79:73:35:ba:d6:0f:8c:aa:12:fc:a8:4f:8b:91:
79:ea:fc:ed:9f:40:20:d4:e6:08:32:79:99:a6:85:da:71:e6:
0e:71:be:e5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGV5GLlktNNX+o0iBlz97LRvLq0YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1ZjE0YmZlMjdhYzYyODhmMDFlZjczMjNlODZiM2I2YmQ5Zjc0ZmY3N2Q5
YjIxMmJhMjQ2NmRmNmUxOWM1NTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKeOHcqFJZgEWoNYkQW5ZW6GtsWivZsSmeW6T/1So92+lfS9XSMQ9HbSIQKb
qac39BOP9imfVfQAhUxTvxrdDGoGLddwVXmbXnL55YmA/tHsTujxCIOd4MuE4m8M
P+yLpHMNJR8cV9k6BwUG7EedEFW+0G8rqO8s8rKdRsmRqNeYy+NtGsoqhSuhDu+W
TdquEgfa37PMm4btpm4OKJ+re6lw7paRQ14gdgClo8l+7ZPW51nG/PquaS6RM974
29CLbb+qi2tnCtuljMR0xjYO9Abl2Xg3q/CIlvvlQMaNiBdhGGvGs+b2Dck2BWpg
uZQfznupWW4Ak7J13C7skMQMnyMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRiUKuA
8F1zJOgrDPl1QKqagUFILjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmUxMTcwYTMtNWE2OC00YzljLThiNTEtYjdlZmRlNjRiOTQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFg
MA0GCSqGSIb3DQEBCwUAA4IBAQB/ZCYx2WTT29e7qr0eI0oOcXi7hKbk+B8QOcZs
fsiaNCIFCIKJgb0Cs2d6GrZA3lifPY7ejVL/PjeXu9y58ytWgff81KGtxCxFuqT8
mtbbE6kGRf+ntQBArkX91AMVH0qn9JJoR+rqnjBvFg5uMQO/2DKwFvRM3euJxnmj
iOcBlHWLI3jDpmQeA+DwjVI8kbvv3viseLVhLLSQXe7BFIEFPgRVLYjsXV5v8GuL
2FBoR175wivFm6Ju9vxJQ5EnVFCxYMIOeARyGIv3rCNxhvqIc8ms56OVr7opxDm2
eXM1utYPjKoS/KhPi5F56vztn0Ag1OYIMnmZpoXaceYOcb7l
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:27 2023 by rpki-client on console-ams.rpki-client.org