Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d735e06b-da70-43f9-a07c-a9978bc62606.roa
File: d735e06b-da70-43f9-a07c-a9978bc62606.roa (raw, json)
Hash identifier: ShjLANp4nQiZOstqGXubLFnYJ9spsD8jMHTir6db4lA=
Subject key identifier: A2:C9:C7:CB:4A:EA:F2:7C:39:ED:EB:B3:AB:8A:90:4C:E6:9C:30:B5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47E3C5962671C2B7CFDEB57C0D934E0DE509C9DE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d735e06b-da70-43f9-a07c-a9978bc62606.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d070:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:e3:c5:96:26:71:c2:b7:cf:de:b5:7c:0d:93:4e:0d:e5:09:c9:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=0c56fd824fc362f7ba3da359640391344cd098ff01d87f14bae77f3175e8c155, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3f:fa:2d:ef:e8:a5:cb:0b:55:90:8f:26:4f:
db:af:9e:b5:c9:b3:c1:4d:ff:b2:0e:30:8f:01:f7:
39:f8:ac:9f:13:51:00:76:b8:37:ec:61:1e:7e:44:
b4:aa:7e:24:e0:e5:0b:dc:d2:eb:bc:04:06:38:6a:
f6:fd:fc:ab:ba:2d:7b:90:33:72:fe:6b:94:f4:72:
1d:9d:4f:c0:29:a2:1b:03:27:6c:f3:2a:fa:4c:05:
92:d4:c0:4f:d6:9d:87:0b:a5:ea:63:18:3a:e8:8e:
2d:89:26:3c:35:b1:4a:71:a4:bc:0a:6e:1a:4f:81:
34:14:f5:6e:a5:ed:b4:50:4f:93:b3:14:5c:c0:56:
2d:b9:d2:6b:68:da:83:ea:1c:9e:84:ac:e8:90:cf:
63:27:fe:10:dc:14:e3:ba:42:d1:fb:af:bf:fb:ee:
8d:eb:1b:c4:d2:04:c0:3d:40:9e:25:ad:00:7f:4a:
b5:52:e7:a8:2b:8d:43:95:96:68:a6:e2:cf:54:7b:
ef:89:99:33:ae:43:db:57:88:cb:93:8a:d8:87:97:
64:c0:e7:e5:f1:73:f5:52:15:c2:a8:0c:3c:fa:90:
a5:ea:15:c5:50:6d:c5:12:f4:2b:4a:8d:5f:a1:40:
8e:09:ea:77:5c:49:03:90:63:20:cd:03:b6:76:da:
45:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:C9:C7:CB:4A:EA:F2:7C:39:ED:EB:B3:AB:8A:90:4C:E6:9C:30:B5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d735e06b-da70-43f9-a07c-a9978bc62606.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d070:2000::/40
Signature Algorithm: sha256WithRSAEncryption
a0:46:bc:c1:74:4a:ff:a7:bd:fe:38:5f:1f:a1:c8:a8:4e:a3:
a1:be:de:f0:35:10:ae:87:5c:77:4a:cb:fc:d7:42:64:92:ae:
ed:5d:04:11:f7:4a:05:da:46:f2:d5:3f:2c:c1:62:02:66:12:
39:a8:c0:4d:6a:4b:60:88:9d:89:8d:b9:ae:3d:72:51:40:06:
dc:13:41:93:d2:25:f1:4e:3d:07:e3:ef:95:30:55:79:55:c8:
8f:03:71:c7:0d:64:67:5c:50:a6:af:11:25:cd:dc:94:3f:71:
b0:ee:8f:74:fd:9b:af:03:2f:6c:f3:85:3d:55:a0:bc:9f:59:
d1:08:e0:7f:73:55:92:b0:de:13:93:90:76:76:60:37:b2:59:
12:7e:78:4c:5a:b6:b3:ee:bb:78:86:53:cc:01:5b:11:cf:cf:
e1:7a:01:44:6b:ec:98:0c:02:e0:92:f7:b4:10:da:4f:2d:a6:
c2:eb:ff:84:9a:0e:b9:10:ee:3c:f4:ed:e5:23:09:d5:34:b6:
82:2e:9a:ac:80:df:f2:29:a0:12:63:11:6c:bc:96:dd:63:63:
0d:a5:04:5e:8e:29:99:06:35:a3:7e:46:ce:e3:27:eb:53:29:
bd:39:b8:ab:79:e3:95:73:bd:da:5d:0f:cb:fc:76:0a:91:d4:
12:45:96:97
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUR+PFliZxwrfP3rV8DZNODeUJyd4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjNTZmZDgyNGZjMzYyZjdiYTNkYTM1OTY0MDM5MTM0NGNkMDk4ZmYwMWQ4
N2YxNGJhZTc3ZjMxNzVlOGMxNTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKg/+i3v6KXLC1WQjyZP26+etcmzwU3/sg4wjwH3OfisnxNRAHa4N+xhHn5E
tKp+JODlC9zS67wEBjhq9v38q7ote5Azcv5rlPRyHZ1PwCmiGwMnbPMq+kwFktTA
T9adhwul6mMYOuiOLYkmPDWxSnGkvApuGk+BNBT1bqXttFBPk7MUXMBWLbnSa2ja
g+ocnoSs6JDPYyf+ENwU47pC0fuvv/vujesbxNIEwD1AniWtAH9KtVLnqCuNQ5WW
aKbiz1R774mZM65D21eIy5OK2IeXZMDn5fFz9VIVwqgMPPqQpeoVxVBtxRL0K0qN
X6FAjgnqd1xJA5BjIM0DtnbaRV0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSiycfL
SuryfDnt67OripBM5pwwtTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDczNWUwNmItZGE3MC00M2Y5LWEwN2MtYTk5NzhiYzYyNjA2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HAg
MA0GCSqGSIb3DQEBCwUAA4IBAQCgRrzBdEr/p73+OF8focioTqOhvt7wNRCuh1x3
Ssv810Jkkq7tXQQR90oF2kby1T8swWICZhI5qMBNaktgiJ2JjbmuPXJRQAbcE0GT
0iXxTj0H4++VMFV5VciPA3HHDWRnXFCmrxElzdyUP3Gw7o90/ZuvAy9s84U9VaC8
n1nRCOB/c1WSsN4Tk5B2dmA3slkSfnhMWraz7rt4hlPMAVsRz8/hegFEa+yYDALg
kve0ENpPLabC6/+Emg65EO489O3lIwnVNLaCLpqsgN/yKaASYxFsvJbdY2MNpQRe
jimZBjWjfkbO4yfrUym9ObireeOVc73aXQ/L/HYKkdQSRZaX
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:27 2023 by rpki-client on console-ams.rpki-client.org