Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d67752ef-5be4-49e1-bfb3-b6ad809586e1.roa
File: d67752ef-5be4-49e1-bfb3-b6ad809586e1.roa (raw, json)
Hash identifier: WteLyuASqBiQTEVgYUGTMW21DbB5EGM5G8Ign9m5DmI=
Subject key identifier: BC:6D:BF:1D:F6:27:91:D4:35:D3:95:21:26:B7:F0:32:20:DA:A0:70
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E1DB3AC8AB8DFD05A77D01AB0B34DFCC4A78032
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d67752ef-5be4-49e1-bfb3-b6ad809586e1.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:1d:b3:ac:8a:b8:df:d0:5a:77:d0:1a:b0:b3:4d:fc:c4:a7:80:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=65bfc8a5dfac925b4b6331d5f82136807bfa45971c6a379dbabf42c8408ca1b7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:49:ca:37:b9:fd:48:41:cc:ad:4c:8e:26:b4:
90:99:8e:f2:a1:32:59:4d:0f:3e:e1:6a:12:7b:1b:
40:ef:a9:6d:51:81:53:9f:34:d2:70:29:8e:a9:c7:
8a:ab:c7:31:5e:22:3a:64:9f:aa:31:ef:39:7a:08:
b4:48:58:99:80:3d:d5:71:95:76:9a:85:92:d2:70:
09:0d:86:20:5a:d3:46:9f:57:3f:14:dd:39:ba:34:
32:0f:a4:e7:32:f8:1b:04:fd:85:e7:b4:9e:09:e8:
cf:4f:fc:26:1a:3f:1c:28:85:65:90:ec:21:20:d1:
cd:d3:c9:08:b7:1d:21:02:fe:4a:2e:e5:ed:4b:4d:
b1:ee:07:20:c2:fc:2d:9c:25:ec:d6:ff:26:83:0b:
c9:21:e2:8f:af:2f:f8:ab:7c:82:48:b4:e2:19:d6:
5e:70:cc:03:ed:de:20:fb:cf:8e:7c:52:8c:4b:07:
47:62:ea:32:b2:8f:51:c5:79:ba:54:18:8c:14:44:
d2:17:ba:5b:b7:a5:15:51:af:50:e9:26:5b:2f:d3:
61:3d:72:0f:b1:10:a6:25:a0:64:c7:b9:d2:44:36:
6f:58:8b:d4:66:9f:04:9e:ef:ab:12:9c:6b:d7:f3:
a3:ee:4c:3a:8b:4b:d3:dc:95:1a:9b:75:f6:63:eb:
00:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:6D:BF:1D:F6:27:91:D4:35:D3:95:21:26:B7:F0:32:20:DA:A0:70
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d67752ef-5be4-49e1-bfb3-b6ad809586e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:1000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:fb:68:48:b6:1d:f3:7a:6c:a5:65:c0:e8:e9:4c:7b:27:a5:
ec:3c:2c:3b:47:10:db:96:74:c6:9a:43:00:af:04:91:04:6e:
62:13:d1:db:85:54:40:95:47:20:3b:9a:f4:73:d0:ab:3b:ff:
b8:13:1d:5a:1c:a3:f9:bd:1b:13:43:cf:9b:8e:bc:c7:99:6a:
4c:f1:e5:a3:40:d0:51:b1:f9:3a:95:07:c2:f5:15:da:71:a5:
10:1b:7c:02:03:db:76:f8:5c:62:04:2b:9b:a3:b7:22:fc:3b:
70:a1:68:35:97:48:04:f8:4d:ac:8b:dd:b8:7d:e5:c2:a4:db:
f1:75:65:4b:c6:c1:57:2f:72:d2:e3:08:bf:e9:8a:68:c1:52:
a7:1f:fd:fe:93:b7:e8:62:6d:7a:93:9c:21:17:32:d3:5f:ae:
81:0e:75:88:de:de:ed:56:c9:62:01:c6:5d:43:39:75:6e:a8:
5d:be:bf:42:fd:7f:dd:1a:cf:9a:93:e4:1a:fa:d7:13:50:10:
f1:97:fc:f4:b7:9d:b8:c7:fe:83:a7:f1:6b:c9:4f:72:f4:d4:
68:ea:33:56:23:06:33:a1:a1:51:1d:5c:09:4a:2b:0b:fe:aa:
32:d1:3c:2c:6e:07:76:cf:f6:a3:32:ea:05:eb:66:55:18:4e:
b6:a4:2f:57
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbh2zrIq439Bad9AasLNN/MSngDIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1YmZjOGE1ZGZhYzkyNWI0YjYzMzFkNWY4MjEzNjgwN2JmYTQ1OTcxYzZh
Mzc5ZGJhYmY0MmM4NDA4Y2ExYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9Jyje5/UhBzK1Mjia0kJmO8qEyWU0PPuFqEnsbQO+pbVGBU5800nApjqnH
iqvHMV4iOmSfqjHvOXoItEhYmYA91XGVdpqFktJwCQ2GIFrTRp9XPxTdObo0Mg+k
5zL4GwT9hee0ngnoz0/8Jho/HCiFZZDsISDRzdPJCLcdIQL+Si7l7UtNse4HIML8
LZwl7Nb/JoMLySHij68v+Kt8gki04hnWXnDMA+3eIPvPjnxSjEsHR2LqMrKPUcV5
ulQYjBRE0he6W7elFVGvUOkmWy/TYT1yD7EQpiWgZMe50kQ2b1iL1GafBJ7vqxKc
a9fzo+5MOotL09yVGpt19mPrAMUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS8bb8d
9ieR1DXTlSEmt/AyINqgcDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDY3NzUyZWYtNWJlNC00OWUxLWJmYjMtYjZhZDgwOTU4NmUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HsQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDB+2hIth3zemylZcDo6Ux7J6XsPCw7RxDblnTG
mkMArwSRBG5iE9HbhVRAlUcgO5r0c9CrO/+4Ex1aHKP5vRsTQ8+bjrzHmWpM8eWj
QNBRsfk6lQfC9RXacaUQG3wCA9t2+FxiBCubo7ci/DtwoWg1l0gE+E2si924feXC
pNvxdWVLxsFXL3LS4wi/6YpowVKnH/3+k7foYm16k5whFzLTX66BDnWI3t7tVsli
AcZdQzl1bqhdvr9C/X/dGs+ak+Qa+tcTUBDxl/z0t524x/6Dp/FryU9y9NRo6jNW
IwYzoaFRHVwJSisL/qoy0Twsbgd2z/ajMuoF62ZVGE62pC9X
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:30 2023 by rpki-client on console-fra.rpki-client.org