Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/caf40866-a0b4-4882-b28e-32602ae3e0df.roa
File: caf40866-a0b4-4882-b28e-32602ae3e0df.roa (raw, json)
Hash identifier: iuPxpqfOTsmn+phUXhqXFdfGo8USRXpO5D9AdYGzWl4=
Subject key identifier: 9E:52:2B:B9:2D:E4:E5:80:AE:A0:5F:46:B5:2B:30:12:E0:7E:A5:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C2636691CEC76C1E9AC0E6C0BCF4DE32AFEB503
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/caf40866-a0b4-4882-b28e-32602ae3e0df.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:26:36:69:1c:ec:76:c1:e9:ac:0e:6c:0b:cf:4d:e3:2a:fe:b5:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=6689173e7487e9ebf4212b8c4f746f4f5e633075a556fa3a5e610189b049c669, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:75:08:10:0a:2e:1c:7f:67:15:2a:fa:04:6d:
28:60:c4:f1:96:0f:28:dd:f6:e7:fd:2a:34:0e:7d:
83:e4:21:93:88:25:75:5c:05:cf:d1:1b:fc:3c:7b:
e9:f7:42:b9:42:c1:1c:46:b3:b4:b4:3b:6f:9f:79:
74:44:9e:08:33:78:d1:77:22:87:0b:d3:dd:14:38:
18:02:b2:2e:b3:4b:8a:d4:1e:3a:7c:e0:b3:cb:0b:
50:6c:a7:97:94:ff:26:6f:f5:07:ba:71:7d:24:10:
ec:a5:b4:81:ef:20:ed:01:c4:9f:f3:25:08:64:05:
46:da:f1:97:a3:c3:47:c3:f2:26:e6:22:01:6f:75:
69:7d:d1:8b:26:b6:4d:d4:7e:28:30:e5:f6:9e:0a:
39:d2:3f:9e:e0:1f:4c:b0:c4:57:75:62:ee:69:68:
05:3c:dc:d0:fd:cc:2c:47:cc:2e:d3:39:e1:2d:7d:
97:c1:15:2c:0b:64:e3:89:9a:4b:d9:61:f4:a3:ff:
97:d3:0a:86:cd:8d:f0:48:fa:db:23:de:40:a1:99:
50:d8:4e:9d:2d:6e:e8:1d:ad:ed:a2:cb:0c:11:fa:
b2:90:2e:a3:31:a7:48:3a:5e:7d:66:8d:c7:d5:64:
63:a1:30:5a:4f:77:c7:ba:08:a1:ad:7c:7b:d2:c4:
9d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:52:2B:B9:2D:E4:E5:80:AE:A0:5F:46:B5:2B:30:12:E0:7E:A5:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/caf40866-a0b4-4882-b28e-32602ae3e0df.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:a000::/40
Signature Algorithm: sha256WithRSAEncryption
93:37:dd:44:5c:d5:3c:27:ec:67:b1:f9:f6:ff:2c:14:9f:c9:
2b:7e:dd:1a:1c:19:e2:cb:40:d0:1f:0f:78:f6:6f:49:d4:c3:
01:1f:ff:9c:13:81:2b:ac:2d:23:e2:3d:32:6e:38:61:b6:a2:
50:2b:5d:f4:46:f7:eb:89:21:86:44:81:82:f8:0f:a2:12:bd:
0b:18:d6:b7:9f:bd:37:79:3a:ce:de:7b:af:cc:1d:e4:6b:d0:
51:a7:e5:dd:e4:62:bc:b1:5e:d0:aa:ab:ed:5a:a0:cb:cd:4d:
29:07:9b:89:5b:99:47:ac:6b:34:3e:4c:92:e8:3b:54:ec:37:
af:7f:ec:db:74:84:8e:63:19:fc:cf:47:5d:72:21:cd:a0:5c:
84:a7:22:65:fa:7d:01:e6:0e:67:fe:90:b1:0f:88:4a:41:20:
b4:2e:33:2d:62:ea:42:bc:2a:af:aa:10:7c:4d:9c:82:e6:f2:
d0:0a:80:1d:22:50:f1:f7:5c:85:1d:c5:33:e4:bd:32:09:48:
58:70:1c:08:1c:b7:ce:1b:cd:fc:1b:6d:51:aa:57:05:c0:20:
72:7d:e3:b5:ed:80:45:75:01:a9:c8:1f:db:a7:31:ef:d2:28:
ad:67:15:1f:b8:50:b0:db:e9:65:08:63:3e:32:a5:ea:c7:f7:
e4:69:7b:12
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbCY2aRzsdsHprA5sC89N4yr+tQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2ODkxNzNlNzQ4N2U5ZWJmNDIxMmI4YzRmNzQ2ZjRmNWU2MzMwNzVhNTU2
ZmEzYTVlNjEwMTg5YjA0OWM2NjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK11CBAKLhx/ZxUq+gRtKGDE8ZYPKN325/0qNA59g+Qhk4gldVwFz9Eb/Dx7
6fdCuULBHEaztLQ7b595dESeCDN40XcihwvT3RQ4GAKyLrNLitQeOnzgs8sLUGyn
l5T/Jm/1B7pxfSQQ7KW0ge8g7QHEn/MlCGQFRtrxl6PDR8PyJuYiAW91aX3Riya2
TdR+KDDl9p4KOdI/nuAfTLDEV3Vi7mloBTzc0P3MLEfMLtM54S19l8EVLAtk44ma
S9lh9KP/l9MKhs2N8Ej62yPeQKGZUNhOnS1u6B2t7aLLDBH6spAuozGnSDpefWaN
x9VkY6EwWk93x7oIoa18e9LEncECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSeUiu5
LeTlgK6gX0a1KzAS4H6lEzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2FmNDA4NjYtYTBiNC00ODgyLWIyOGUtMzI2MDJhZTNlMGRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FCg
MA0GCSqGSIb3DQEBCwUAA4IBAQCTN91EXNU8J+xnsfn2/ywUn8krft0aHBniy0DQ
Hw949m9J1MMBH/+cE4ErrC0j4j0ybjhhtqJQK130RvfriSGGRIGC+A+iEr0LGNa3
n703eTrO3nuvzB3ka9BRp+Xd5GK8sV7QqqvtWqDLzU0pB5uJW5lHrGs0PkyS6DtU
7Devf+zbdISOYxn8z0ddciHNoFyEpyJl+n0B5g5n/pCxD4hKQSC0LjMtYupCvCqv
qhB8TZyC5vLQCoAdIlDx91yFHcUz5L0yCUhYcBwIHLfOG838G21RqlcFwCByfeO1
7YBFdQGpyB/bpzHv0iitZxUfuFCw2+llCGM+MqXqx/fkaXsS
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:30 2023 by rpki-client on console-fra.rpki-client.org