Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc8b5e2d-b0f1-4159-899a-3f32cb08a825.roa
File: cc8b5e2d-b0f1-4159-899a-3f32cb08a825.roa (raw, json)
Hash identifier: aUYz5BZEvnqBMCRlkqF1pwm0w/8CYBXUILIS6HEc7mI=
Subject key identifier: 3F:23:E6:5A:D9:7C:18:83:C4:A5:4A:BA:31:B7:5B:31:4A:61:35:FA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 06B6C070064BA2DC054ED0DC7C6ADEE60A5DB696
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc8b5e2d-b0f1-4159-899a-3f32cb08a825.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:b6:c0:70:06:4b:a2:dc:05:4e:d0:dc:7c:6a:de:e6:0a:5d:b6:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=9f9890b50af60dae9fd0a8a64584ae216416d395251abda0ee09706d42915b72, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9f:71:a7:75:c4:08:0b:bc:00:36:de:85:73:
53:63:c6:98:1e:da:05:c6:3f:12:7e:c5:63:01:ca:
3d:a0:9e:82:c1:65:ab:c3:c4:b6:53:87:7c:84:64:
07:a7:19:3c:05:b7:80:1d:90:f8:c4:5d:4b:dc:f0:
10:bc:83:7d:8f:2e:a2:4e:8d:16:93:96:b3:5a:06:
00:80:07:a4:64:90:8a:6d:e8:7f:e0:9e:5e:9c:97:
ad:59:0e:6e:9e:84:9e:78:0c:49:50:ac:97:91:51:
f8:36:eb:b5:52:39:5c:2d:2e:53:18:62:bf:0e:05:
33:e7:7b:08:8e:32:63:ba:8e:69:12:38:2c:7c:82:
9a:31:a3:3f:9b:a5:8e:43:a9:56:48:08:6d:82:da:
8d:37:ed:d1:ba:3d:05:3f:0f:b6:9e:91:a9:8f:19:
7c:16:d7:33:c5:35:6a:f8:24:0e:25:d7:b7:75:7c:
fd:20:58:69:46:b2:2b:82:2b:25:6d:e9:8a:19:ec:
cb:45:9a:da:e2:79:28:7f:78:34:9c:50:28:cb:22:
6f:b5:e8:a8:ee:fa:87:0e:eb:6f:e3:c4:3a:33:d5:
90:84:95:77:63:1c:a1:65:2a:eb:2c:02:88:43:aa:
93:15:e9:7c:06:fd:5e:8c:34:fa:d4:07:24:f8:21:
5b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:23:E6:5A:D9:7C:18:83:C4:A5:4A:BA:31:B7:5B:31:4A:61:35:FA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc8b5e2d-b0f1-4159-899a-3f32cb08a825.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019::/36
Signature Algorithm: sha256WithRSAEncryption
ad:b3:5d:72:1c:fc:e3:1d:f9:34:ae:b7:1d:b6:bc:97:f4:0e:
de:41:1b:98:3d:13:c4:e7:a9:a7:f9:37:f8:a6:87:9b:3e:f9:
28:67:fd:38:f8:f9:c2:ae:70:5a:dc:f2:f4:59:15:2f:31:ec:
61:36:c4:e4:6c:f9:fc:2d:81:c4:02:8e:3a:dc:cf:d9:f1:db:
42:e6:e7:6b:2c:39:93:bb:52:04:5c:07:cb:01:a7:19:0f:e4:
0f:4d:51:63:d9:d4:c5:06:ed:31:07:17:de:d0:12:25:b2:b1:
bd:4b:05:44:bf:fb:f0:92:68:64:94:da:a2:52:e0:bb:5b:23:
25:df:9c:2a:fe:5c:d8:95:50:3c:a0:d7:64:58:9d:e5:75:d7:
c4:f0:7e:85:37:07:a0:85:e8:aa:86:d2:cf:d3:da:31:ef:e8:
a1:7d:4c:8a:d4:44:b8:c7:94:b6:7e:85:a6:e9:30:11:76:73:
90:a8:da:44:02:75:48:a5:74:d4:6a:22:98:93:15:83:2d:0e:
5d:25:1c:3d:fa:65:4d:b6:fa:f9:02:b1:41:f6:93:eb:a0:36:
48:ae:35:d7:97:b0:e8:fe:c5:59:03:8f:1f:28:ce:34:35:71:
6b:4a:83:38:47:e3:65:44:ae:b9:c1:f7:65:44:0b:d7:04:7b:
d3:8d:0a:71
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBrbAcAZLotwFTtDcfGre5gpdtpYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmOTg5MGI1MGFmNjBkYWU5ZmQwYThhNjQ1ODRhZTIxNjQxNmQzOTUyNTFh
YmRhMGVlMDk3MDZkNDI5MTViNzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIifcad1xAgLvAA23oVzU2PGmB7aBcY/En7FYwHKPaCegsFlq8PEtlOHfIRk
B6cZPAW3gB2Q+MRdS9zwELyDfY8uok6NFpOWs1oGAIAHpGSQim3of+CeXpyXrVkO
bp6EnngMSVCsl5FR+DbrtVI5XC0uUxhivw4FM+d7CI4yY7qOaRI4LHyCmjGjP5ul
jkOpVkgIbYLajTft0bo9BT8Ptp6RqY8ZfBbXM8U1avgkDiXXt3V8/SBYaUayK4Ir
JW3pihnsy0Wa2uJ5KH94NJxQKMsib7XoqO76hw7rb+PEOjPVkISVd2McoWUq6ywC
iEOqkxXpfAb9Xow0+tQHJPghW9kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ/I+Za
2XwYg8SlSroxt1sxSmE1+jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2M4YjVlMmQtYjBmMS00MTU5LTg5OWEtM2YzMmNiMDhhODI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BkA
MA0GCSqGSIb3DQEBCwUAA4IBAQCts11yHPzjHfk0rrcdtryX9A7eQRuYPRPE56mn
+Tf4poebPvkoZ/04+PnCrnBa3PL0WRUvMexhNsTkbPn8LYHEAo463M/Z8dtC5udr
LDmTu1IEXAfLAacZD+QPTVFj2dTFBu0xBxfe0BIlsrG9SwVEv/vwkmhklNqiUuC7
WyMl35wq/lzYlVA8oNdkWJ3lddfE8H6FNwegheiqhtLP09ox7+ihfUyK1ES4x5S2
foWm6TARdnOQqNpEAnVIpXTUaiKYkxWDLQ5dJRw9+mVNtvr5ArFB9pProDZIrjXX
l7Do/sVZA48fKM40NXFrSoM4R+NlRK65wfdlRAvXBHvTjQpx
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org