Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa
File: c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa (raw, json)
Hash identifier: /q+3TgeXd7b/bfxMQ/0e+OFiwp4LaCmvcnqWnQoOJ84=
Subject key identifier: 21:E7:C8:05:36:F5:87:EA:D2:DA:8C:96:08:2D:04:36:70:DE:12:92
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 381A20FE3E8948C2C904B2EF9269CF7F6F7F1311
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:1a:20:fe:3e:89:48:c2:c9:04:b2:ef:92:69:cf:7f:6f:7f:13:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=2fc13839e644e3fb31b137d2bc2e22d7437e01075010c36c4be3837b9f410ab8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:77:83:b5:88:77:c8:e7:83:00:09:fd:46:12:
03:fe:dd:e7:89:46:75:03:d5:2b:8b:66:4d:8e:85:
d4:a3:aa:03:68:02:d3:c7:7a:0d:38:e8:7a:ca:6f:
7d:a0:13:66:df:6c:e8:5e:6f:84:58:c0:fe:8d:c9:
45:17:97:f6:ab:43:12:2d:76:ac:0f:4b:de:08:97:
80:44:4b:17:14:48:c2:39:f6:62:5b:d7:7c:69:6e:
8f:98:be:84:ce:af:84:94:e1:8b:bb:72:b1:59:e2:
1f:fa:92:9c:8f:41:48:e4:d3:0c:06:69:d2:6d:9c:
d8:ac:09:39:b7:3f:91:60:34:d8:1a:eb:50:22:1e:
18:c8:2f:b3:5f:a0:47:af:be:56:56:b0:7d:5c:bf:
5a:f1:45:7d:7a:a1:53:e9:a8:31:f1:af:0f:ab:2b:
b4:d3:e3:88:a8:61:f6:2b:0d:d7:30:1c:08:70:3e:
66:ff:82:c4:fd:d2:c5:21:8e:f5:74:81:47:71:b1:
7c:d6:e7:cb:4a:63:27:07:51:e0:69:d9:f6:18:9e:
36:da:3e:82:c7:c3:68:6a:5d:7f:8c:7e:d2:10:d3:
4e:c1:75:a7:35:fc:20:01:d8:9e:d3:2e:47:44:16:
ae:56:a6:ff:af:d9:1b:b4:29:32:e2:d2:64:46:c6:
94:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:E7:C8:05:36:F5:87:EA:D2:DA:8C:96:08:2D:04:36:70:DE:12:92
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:a000::/40
Signature Algorithm: sha256WithRSAEncryption
55:ab:ed:4d:b2:25:f6:32:7c:e5:cd:f5:01:4f:57:31:e6:d3:
41:2c:9f:12:05:f0:01:42:99:85:fc:a1:5f:ff:32:03:ae:e2:
43:bb:f1:45:77:92:5c:59:78:0e:74:6a:38:46:75:c8:d1:4b:
27:75:ce:58:a6:50:e4:53:0c:da:42:0f:b5:59:4c:19:01:d2:
e2:91:fa:47:55:fd:ab:2e:21:17:17:4e:6d:b8:25:55:2e:b7:
cb:ce:c1:f0:01:39:83:59:81:15:b2:68:4c:d8:87:0e:92:10:
2a:03:4c:02:88:9b:ca:be:0a:de:b3:e3:08:95:ad:c1:ca:ad:
9d:0e:d7:e2:69:d0:62:23:a6:dd:f7:eb:62:bb:c9:c3:24:07:
42:ba:60:df:09:fc:a2:26:4f:da:71:03:92:f4:9c:ad:29:60:
54:14:f8:47:c6:04:9f:19:c8:3a:1f:41:78:6b:2f:ba:14:51:
23:a4:ce:61:47:38:5d:7f:61:e7:fb:49:85:15:2f:38:ea:ef:
e1:df:61:89:32:ef:a7:12:f2:25:be:41:89:76:1b:e9:0e:5e:
f4:f6:08:ee:99:27:2e:ab:3f:61:f6:26:98:c5:e9:53:c3:b2:
bb:83:b8:a3:03:47:ec:24:ce:53:60:dc:b0:69:40:32:d6:a0:
98:48:51:94
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOBog/j6JSMLJBLLvkmnPf29/ExEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmYzEzODM5ZTY0NGUzZmIzMWIxMzdkMmJjMmUyMmQ3NDM3ZTAxMDc1MDEw
YzM2YzRiZTM4MzdiOWY0MTBhYjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALR3g7WId8jngwAJ/UYSA/7d54lGdQPVK4tmTY6F1KOqA2gC08d6DTjoespv
faATZt9s6F5vhFjA/o3JRReX9qtDEi12rA9L3giXgERLFxRIwjn2YlvXfGluj5i+
hM6vhJThi7tysVniH/qSnI9BSOTTDAZp0m2c2KwJObc/kWA02BrrUCIeGMgvs1+g
R6++VlawfVy/WvFFfXqhU+moMfGvD6srtNPjiKhh9isN1zAcCHA+Zv+CxP3SxSGO
9XSBR3GxfNbny0pjJwdR4GnZ9hieNto+gsfDaGpdf4x+0hDTTsF1pzX8IAHYntMu
R0QWrlam/6/ZG7QpMuLSZEbGlMMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQh58gF
NvWH6tLajJYILQQ2cN4SkjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzM5ZGQ3MWMtZjIyYy00YmI0LTljNmYtZGZjOGM2YTAyZmZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6g
MA0GCSqGSIb3DQEBCwUAA4IBAQBVq+1NsiX2MnzlzfUBT1cx5tNBLJ8SBfABQpmF
/KFf/zIDruJDu/FFd5JcWXgOdGo4RnXI0Usndc5YplDkUwzaQg+1WUwZAdLikfpH
Vf2rLiEXF05tuCVVLrfLzsHwATmDWYEVsmhM2IcOkhAqA0wCiJvKvgres+MIla3B
yq2dDtfiadBiI6bd9+tiu8nDJAdCumDfCfyiJk/acQOS9JytKWBUFPhHxgSfGcg6
H0F4ay+6FFEjpM5hRzhdf2Hn+0mFFS846u/h32GJMu+nEvIlvkGJdhvpDl709gju
mScuqz9h9iaYxelTw7K7g7ijA0fsJM5TYNywaUAy1qCYSFGU
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org