Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c1f61529-4ff8-4380-a3cb-87884046881d.roa
File: c1f61529-4ff8-4380-a3cb-87884046881d.roa (raw, json)
Hash identifier: I0WpLVLV45xFDPXjcV8PA064WTvYLsciTrCObQ71gO4=
Subject key identifier: 95:6A:47:9B:7E:A8:50:E1:AD:2C:78:64:30:E7:9E:55:B3:88:FE:10
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5617D039C5399CFC18681E819986F5E183CEBE37
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c1f61529-4ff8-4380-a3cb-87884046881d.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:17:d0:39:c5:39:9c:fc:18:68:1e:81:99:86:f5:e1:83:ce:be:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=f85906fcb55e206059d9b16a2ef80b7a34760e063d43f436fc7a2df96e260fd9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:cf:94:8f:f1:3c:72:c3:6b:65:89:14:4a:b2:
1e:8c:71:19:22:77:50:11:ff:de:aa:0d:aa:02:0b:
52:21:39:18:20:25:29:81:5c:ee:1b:0b:00:b0:a2:
e6:f9:5b:77:a2:0b:e5:29:b4:bb:d2:70:c0:8d:c9:
ca:93:fc:29:4b:ac:b0:2a:d0:9f:67:3e:c4:6d:ca:
71:b9:f8:c5:87:d5:28:d7:db:fb:87:d8:a2:34:b4:
99:04:79:82:26:4d:3a:af:36:39:69:56:3b:5e:04:
b5:c2:59:64:96:ce:c4:be:c0:ff:59:c5:c5:ea:0a:
7b:1c:88:92:8a:61:3c:b9:b7:d9:bb:fc:5d:23:bb:
19:a4:c7:1a:8d:2b:f1:58:d4:e9:7b:26:1d:9b:51:
be:02:64:5d:f5:fa:21:25:ab:98:aa:e5:63:9a:36:
b5:08:f6:f4:8b:56:8c:7d:b4:2b:00:41:8a:e1:ce:
9e:ac:42:da:c0:1f:de:73:41:a5:7d:45:2f:ec:5f:
b0:3a:40:5c:af:ac:c6:cd:07:bd:ae:54:1e:cd:9c:
c2:b0:69:ea:cc:09:e6:03:19:d4:a3:08:d4:93:3f:
97:59:94:b8:f6:6d:57:ef:48:bb:26:2a:ca:32:01:
10:aa:42:19:95:c9:4c:56:7f:a1:67:50:57:95:55:
1c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:6A:47:9B:7E:A8:50:E1:AD:2C:78:64:30:E7:9E:55:B3:88:FE:10
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c1f61529-4ff8-4380-a3cb-87884046881d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8000::/40
Signature Algorithm: sha256WithRSAEncryption
1c:86:74:ef:55:6a:a8:87:f7:8b:e8:92:ff:de:34:53:27:9c:
f7:0d:75:29:50:76:0b:65:7b:ca:c9:50:77:65:e8:42:dd:63:
90:20:1e:14:7a:f1:f4:27:3f:6e:8a:a9:ab:4d:36:c5:8b:86:
2d:10:e0:3b:09:8c:61:20:e0:ff:59:d8:20:17:35:09:3a:f0:
e8:b5:58:12:b2:ff:43:89:09:b9:8d:36:64:ef:cc:b6:55:d9:
a9:30:7c:f0:b1:5b:3c:66:16:d1:b5:bd:1f:29:bb:32:19:a1:
86:98:7e:e4:93:5d:22:0e:97:33:8a:13:23:b8:3c:8d:b0:20:
8f:41:34:18:cb:07:2d:4e:5e:5a:0a:22:3d:6e:c4:cf:c8:fe:
78:c9:6e:8b:51:34:fc:40:eb:dd:a1:bc:98:58:a9:c8:4d:32:
92:3c:65:66:a6:8f:ec:36:b7:8b:93:4c:04:b0:57:70:bd:20:
d3:53:a3:03:dc:23:7d:b5:16:c6:6e:98:7b:39:4c:72:fd:cf:
59:71:10:5f:c5:ff:e3:03:db:7e:b3:66:a2:97:42:d3:e6:55:
74:66:91:07:62:82:6e:1e:a9:8f:df:6c:dd:b5:93:25:10:db:
45:85:a6:f0:2e:e1:d5:0c:46:cc:67:5e:cd:2d:4d:02:12:2b:
eb:d5:26:33
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVhfQOcU5nPwYaB6BmYb14YPOvjcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4NTkwNmZjYjU1ZTIwNjA1OWQ5YjE2YTJlZjgwYjdhMzQ3NjBlMDYzZDQz
ZjQzNmZjN2EyZGY5NmUyNjBmZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI3PlI/xPHLDa2WJFEqyHoxxGSJ3UBH/3qoNqgILUiE5GCAlKYFc7hsLALCi
5vlbd6IL5Sm0u9JwwI3JypP8KUussCrQn2c+xG3Kcbn4xYfVKNfb+4fYojS0mQR5
giZNOq82OWlWO14EtcJZZJbOxL7A/1nFxeoKexyIkophPLm32bv8XSO7GaTHGo0r
8VjU6XsmHZtRvgJkXfX6ISWrmKrlY5o2tQj29ItWjH20KwBBiuHOnqxC2sAf3nNB
pX1FL+xfsDpAXK+sxs0Hva5UHs2cwrBp6swJ5gMZ1KMI1JM/l1mUuPZtV+9IuyYq
yjIBEKpCGZXJTFZ/oWdQV5VVHKECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSVakeb
fqhQ4a0seGQw555Vs4j+EDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzFmNjE1MjktNGZmOC00MzgwLWEzY2ItODc4ODQwNDY4ODFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKA
MA0GCSqGSIb3DQEBCwUAA4IBAQAchnTvVWqoh/eL6JL/3jRTJ5z3DXUpUHYLZXvK
yVB3ZehC3WOQIB4UevH0Jz9uiqmrTTbFi4YtEOA7CYxhIOD/WdggFzUJOvDotVgS
sv9DiQm5jTZk78y2VdmpMHzwsVs8ZhbRtb0fKbsyGaGGmH7kk10iDpczihMjuDyN
sCCPQTQYywctTl5aCiI9bsTPyP54yW6LUTT8QOvdobyYWKnITTKSPGVmpo/sNreL
k0wEsFdwvSDTU6MD3CN9tRbGbph7OUxy/c9ZcRBfxf/jA9t+s2ail0LT5lV0ZpEH
YoJuHqmP32zdtZMlENtFhabwLuHVDEbMZ17NLU0CEivr1SYz
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org