Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c8475bef-14cd-49df-8152-c3662b2d1c21.roa
File: c8475bef-14cd-49df-8152-c3662b2d1c21.roa (raw, json)
Hash identifier: c9DI3H0j+H9fMKsnAbJUGWFLVwZ8+Ijykg6INF7Y98k=
Subject key identifier: 00:9B:65:A0:A1:3D:1A:E3:04:BD:FE:A9:AB:34:C9:B6:48:E5:C6:44
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14D6F4815871CA9CC5BD07D83C4CCFB7398282B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c8475bef-14cd-49df-8152-c3662b2d1c21.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:d6:f4:81:58:71:ca:9c:c5:bd:07:d8:3c:4c:cf:b7:39:82:82:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=ee4e04c9d4f920b96d310eea12df5fb7e9574fc7f10ef995322bc73708873804, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a5:d9:af:04:5b:0d:71:98:3c:32:8a:a0:20:
6d:84:92:ab:0d:2b:77:2c:48:36:c6:99:c6:63:37:
52:e5:0e:27:97:b5:79:f4:5a:2f:84:08:cd:5e:3f:
66:22:ef:de:d9:e9:e9:a8:59:a2:40:ac:77:7b:b8:
34:a2:48:ec:ac:71:71:d3:9f:86:0f:4a:9b:3b:00:
fa:b3:cc:97:97:7c:84:69:06:9c:dc:a2:68:95:e5:
3a:0d:df:28:75:43:d6:95:6f:c1:7e:f3:54:67:04:
70:32:90:5a:33:41:1c:8a:62:3c:78:e7:1c:20:be:
41:5f:d9:2a:73:b5:60:8b:b0:b9:2e:60:e0:63:5d:
f5:dc:4f:4f:e5:91:7f:5d:e1:a5:bc:ee:cd:9a:99:
70:b5:65:62:2b:3b:06:26:bb:41:f5:40:e7:2d:3e:
de:32:59:59:c5:28:7d:20:75:ee:6a:3e:22:be:18:
01:39:1b:95:e1:d5:d7:72:93:87:10:98:f5:f0:de:
4b:d1:42:94:63:24:ca:26:33:72:54:ef:2f:9b:ac:
14:32:7a:fa:4d:6a:63:be:63:94:c2:86:8d:6e:22:
30:ba:36:67:e9:66:2d:01:d2:47:87:14:9e:f3:b1:
7d:d0:b5:a4:5a:16:46:42:48:2d:df:02:a6:c6:98:
fc:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:9B:65:A0:A1:3D:1A:E3:04:BD:FE:A9:AB:34:C9:B6:48:E5:C6:44
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c8475bef-14cd-49df-8152-c3662b2d1c21.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:4000::/40
Signature Algorithm: sha256WithRSAEncryption
17:f1:4e:e4:1d:77:85:26:db:87:f0:30:5c:b4:4d:0b:67:34:
e4:73:05:9a:76:e8:69:31:e0:e5:09:4b:f7:90:c1:79:94:3b:
36:54:f0:ae:60:f0:fe:75:d1:b3:c8:31:f8:8b:4f:a1:99:30:
13:33:57:5a:72:a2:a8:27:9e:08:27:4d:73:92:9e:11:93:fb:
8f:e1:81:73:f5:f9:68:09:5c:42:9b:ed:a2:f7:3a:29:5f:90:
26:b8:21:be:ca:a4:5e:90:b6:34:11:63:ac:f6:5a:fc:83:f6:
66:84:bd:eb:63:84:e9:85:86:a1:f0:f0:59:9c:d8:f1:83:4a:
d4:13:25:74:6b:64:24:61:67:68:b1:dc:9d:c3:25:65:98:2d:
48:16:95:1c:e7:b3:f8:04:30:18:16:01:4e:8c:f1:6c:4c:f7:
65:77:69:b5:cb:6c:47:c3:ea:1a:26:39:92:f2:0b:61:c4:6a:
88:8a:35:09:0f:6a:25:d9:dd:b5:64:f7:e9:f2:66:4e:04:0d:
c8:1b:5c:c1:bd:8a:a6:5a:8e:42:5b:11:8b:89:08:61:e8:1d:
b8:b9:48:fb:57:ab:e9:c0:49:d1:ce:38:1f:ed:5b:b5:ed:78:
f6:32:3f:9c:38:be:db:30:d8:c1:11:fe:a7:3f:8b:f2:6d:ca:
38:8c:ca:72
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFNb0gVhxypzFvQfYPEzPtzmCgrYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlNGUwNGM5ZDRmOTIwYjk2ZDMxMGVlYTEyZGY1ZmI3ZTk1NzRmYzdmMTBl
Zjk5NTMyMmJjNzM3MDg4NzM4MDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALql2a8EWw1xmDwyiqAgbYSSqw0rdyxINsaZxmM3UuUOJ5e1efRaL4QIzV4/
ZiLv3tnp6ahZokCsd3u4NKJI7KxxcdOfhg9KmzsA+rPMl5d8hGkGnNyiaJXlOg3f
KHVD1pVvwX7zVGcEcDKQWjNBHIpiPHjnHCC+QV/ZKnO1YIuwuS5g4GNd9dxPT+WR
f13hpbzuzZqZcLVlYis7Bia7QfVA5y0+3jJZWcUofSB17mo+Ir4YATkbleHV13KT
hxCY9fDeS9FClGMkyiYzclTvL5usFDJ6+k1qY75jlMKGjW4iMLo2Z+lmLQHSR4cU
nvOxfdC1pFoWRkJILd8CpsaY/OsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQAm2Wg
oT0a4wS9/qmrNMm2SOXGRDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzg0NzViZWYtMTRjZC00OWRmLTgxNTItYzM2NjJiMmQxYzIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBA
MA0GCSqGSIb3DQEBCwUAA4IBAQAX8U7kHXeFJtuH8DBctE0LZzTkcwWaduhpMeDl
CUv3kMF5lDs2VPCuYPD+ddGzyDH4i0+hmTATM1dacqKoJ54IJ01zkp4Rk/uP4YFz
9floCVxCm+2i9zopX5AmuCG+yqRekLY0EWOs9lr8g/ZmhL3rY4TphYah8PBZnNjx
g0rUEyV0a2QkYWdosdydwyVlmC1IFpUc57P4BDAYFgFOjPFsTPdld2m1y2xHw+oa
JjmS8gthxGqIijUJD2ol2d21ZPfp8mZOBA3IG1zBvYqmWo5CWxGLiQhh6B24uUj7
V6vpwEnRzjgf7Vu17Xj2Mj+cOL7bMNjBEf6nP4vybco4jMpy
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org