Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c176d4fe-de46-4300-a277-59c0c15d8d82.roa
File: c176d4fe-de46-4300-a277-59c0c15d8d82.roa (raw, json)
Hash identifier: K+bw9dX1Im7TgO9gVczCN2eS74afy2qA9BLKwibJ0n4=
Subject key identifier: 8F:60:AD:1C:ED:B2:7C:50:0D:B3:70:64:47:61:AC:64:FB:A8:55:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0EB1A4638B7593A2619F203656E58B40AB0333DE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c176d4fe-de46-4300-a277-59c0c15d8d82.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:b1:a4:63:8b:75:93:a2:61:9f:20:36:56:e5:8b:40:ab:03:33:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=4d9197db04f6239ad3bc5d32bba4183c4f5fd0560336c23a61b3ec71793661ed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:66:30:60:fe:9e:ba:b8:44:1c:69:77:98:90:
6e:f5:59:45:bc:30:34:92:fb:c0:6f:8f:1a:bd:66:
eb:5f:b0:eb:6d:12:58:ac:07:a4:fa:3b:ac:d6:f8:
03:16:76:14:80:bd:68:54:b3:4e:de:3c:bd:46:ee:
62:45:ba:4c:7c:b5:b2:1a:4d:4a:5f:de:75:d0:da:
62:46:7c:49:5e:71:ee:f9:9b:89:7d:d1:e4:8a:c6:
47:45:c4:8a:c8:ec:08:12:3d:64:1c:3a:d7:f1:de:
98:a9:49:c4:74:93:a2:7b:17:7f:8f:e5:1d:83:8b:
90:c1:60:af:d7:8d:7e:a3:ff:5e:01:23:a5:b1:f9:
88:9a:d8:79:21:87:27:d5:61:0d:dc:4c:38:df:73:
b0:9d:11:c1:70:33:b4:c5:fe:cb:a3:26:05:1c:3e:
42:c2:42:f1:62:13:33:d9:53:af:f4:3b:5b:d5:cf:
7a:16:61:0a:9e:2a:bf:5a:cb:44:44:29:6d:37:da:
e8:18:06:04:5d:e6:51:e6:c2:10:a0:3c:ea:ab:90:
b7:8e:98:58:2f:53:a7:29:f4:92:3a:b1:48:21:22:
b9:fe:ba:9e:27:95:cb:d0:52:be:41:0b:11:68:24:
f2:11:69:05:13:44:63:6e:ba:eb:eb:07:94:f2:0a:
c1:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:60:AD:1C:ED:B2:7C:50:0D:B3:70:64:47:61:AC:64:FB:A8:55:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c176d4fe-de46-4300-a277-59c0c15d8d82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:2000::/40
Signature Algorithm: sha256WithRSAEncryption
b7:93:34:b2:f4:14:e7:66:a6:c6:70:9c:09:7c:50:23:3b:c3:
1c:f9:26:8c:95:5c:f8:39:3f:e1:65:f8:0c:27:c6:f0:37:1f:
88:ea:b7:d9:aa:c9:e1:9e:59:27:92:b3:62:3c:6b:6a:18:cf:
bf:5f:a9:34:ef:23:b1:14:a3:64:d6:4d:80:08:28:ee:f1:fc:
69:ac:4b:1b:e0:3e:ca:71:9e:74:6b:18:f4:bd:4f:0f:e0:f2:
34:e0:f5:b3:aa:03:63:7b:7d:6d:0d:b0:03:72:a3:be:12:84:
47:23:84:59:e4:e9:dd:f7:97:05:ae:c1:5a:7f:4c:f7:14:e4:
c3:f2:f0:3e:72:52:49:47:c4:9f:e8:e6:77:f4:61:35:14:b8:
c8:8c:3d:80:6b:c5:78:81:42:ed:ab:b9:55:19:1c:d6:0d:e9:
f6:a4:d6:72:c3:32:10:ff:1c:bd:db:6d:f0:29:5d:39:f2:81:
51:06:ca:9f:2c:f7:ce:66:db:b9:fb:22:26:7f:26:ab:f4:1a:
bb:10:46:fc:52:ca:e0:75:ee:23:98:ce:b2:f7:c9:c1:d2:b2:
77:c8:b0:05:73:7d:9c:7c:2d:37:7a:15:f2:c8:a5:2a:4b:85:
88:7c:66:e0:09:bc:9d:cd:66:7c:42:ff:d2:d3:38:62:bc:0e:
69:ed:89:e8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDrGkY4t1k6JhnyA2VuWLQKsDM94wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkOTE5N2RiMDRmNjIzOWFkM2JjNWQzMmJiYTQxODNjNGY1ZmQwNTYwMzM2
YzIzYTYxYjNlYzcxNzkzNjYxZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhmMGD+nrq4RBxpd5iQbvVZRbwwNJL7wG+PGr1m61+w620SWKwHpPo7rNb4
AxZ2FIC9aFSzTt48vUbuYkW6THy1shpNSl/eddDaYkZ8SV5x7vmbiX3R5IrGR0XE
isjsCBI9ZBw61/HemKlJxHSTonsXf4/lHYOLkMFgr9eNfqP/XgEjpbH5iJrYeSGH
J9VhDdxMON9zsJ0RwXAztMX+y6MmBRw+QsJC8WITM9lTr/Q7W9XPehZhCp4qv1rL
REQpbTfa6BgGBF3mUebCEKA86quQt46YWC9Tpyn0kjqxSCEiuf66nieVy9BSvkEL
EWgk8hFpBRNEY2666+sHlPIKwQsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSPYK0c
7bJ8UA2zcGRHYaxk+6hVvTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzE3NmQ0ZmUtZGU0Ni00MzAwLWEyNzctNTljMGMxNWQ4ZDgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAg
MA0GCSqGSIb3DQEBCwUAA4IBAQC3kzSy9BTnZqbGcJwJfFAjO8Mc+SaMlVz4OT/h
ZfgMJ8bwNx+I6rfZqsnhnlknkrNiPGtqGM+/X6k07yOxFKNk1k2ACCju8fxprEsb
4D7KcZ50axj0vU8P4PI04PWzqgNje31tDbADcqO+EoRHI4RZ5Ond95cFrsFaf0z3
FOTD8vA+clJJR8Sf6OZ39GE1FLjIjD2Aa8V4gULtq7lVGRzWDen2pNZywzIQ/xy9
223wKV058oFRBsqfLPfOZtu5+yImfyar9Bq7EEb8Usrgde4jmM6y98nB0rJ3yLAF
c32cfC03ehXyyKUqS4WIfGbgCbydzWZ8Qv/S0zhivA5p7Yno
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:27 2023 by rpki-client on console-ams.rpki-client.org