Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
File: d7bcc124-bcd8-42ec-911f-1b551dceda68.roa (raw, json)
Hash identifier: 53EfCUMNJ/Z4PZB/9/mmGaTQosd+HZSDKbIrOPavbUs=
Subject key identifier: 98:36:42:D3:74:06:2D:00:1C:85:DD:AD:C5:D7:0A:52:D5:94:4F:C2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E6CAE05F863C3908B73256E57B7AD4228DFB436
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:6c:ae:05:f8:63:c3:90:8b:73:25:6e:57:b7:ad:42:28:df:b4:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=e73cd6aa64e90f5e7e4160b53a5f0c414b09345a2ea770a4c6272d451768320e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:cc:b0:6b:aa:81:24:b2:41:9a:f3:3f:cc:ce:
b9:44:4d:9e:5b:98:32:75:91:99:82:4f:51:58:cd:
12:ef:64:e1:70:f1:85:c2:ea:50:ad:0c:ad:a4:b8:
15:88:4c:ec:02:db:5c:c6:4a:95:17:bf:f8:93:31:
8b:be:ea:7a:8d:05:0c:c8:11:b3:ae:bc:d6:f9:41:
f9:66:55:c8:78:6a:39:6f:d5:ce:67:a0:53:45:c0:
85:a8:ff:2a:1f:7d:62:b6:57:a1:6e:fa:7d:fd:e9:
fa:1a:38:b3:29:ce:ca:f9:5d:24:14:db:d4:c8:41:
4e:38:5f:80:ef:d3:be:8f:aa:a4:df:57:83:ad:d7:
46:54:36:db:c5:3a:cf:24:b5:05:8d:f5:e0:ef:4b:
24:6b:4d:cb:1f:e5:74:43:2f:ca:ad:21:b5:1a:e4:
bb:0f:77:53:a0:a5:64:9f:76:10:3c:df:be:bf:f0:
50:9b:d4:6c:67:7e:b0:19:e6:0a:55:47:0e:be:bf:
69:85:a9:01:e5:38:c6:da:2e:5d:fb:74:d0:40:75:
99:4f:8f:42:2c:ec:76:d1:45:28:3d:d7:d3:14:bf:
ea:96:3c:a8:76:10:42:8a:6f:f5:1f:52:b4:2d:60:
65:95:ff:17:15:88:a3:83:a1:c5:e2:3f:e3:19:52:
4d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:36:42:D3:74:06:2D:00:1C:85:DD:AD:C5:D7:0A:52:D5:94:4F:C2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:e000::/40
Signature Algorithm: sha256WithRSAEncryption
45:e2:54:e6:20:78:13:36:fd:3f:2c:b3:04:58:c3:d8:b3:7f:
68:0e:c2:69:3b:50:ae:e8:2e:54:7d:64:99:bb:26:a5:00:a1:
47:45:39:71:d1:26:27:14:bb:80:67:cc:a6:07:9f:20:10:14:
44:2f:fe:27:40:54:a4:a1:e3:80:dd:df:47:df:43:97:95:93:
4e:24:5c:0c:68:a5:d1:d5:4e:15:cc:33:96:5d:54:74:19:96:
22:0a:c8:22:73:a2:3e:02:c0:e3:c0:23:d4:92:9c:83:de:f8:
89:34:7b:a4:19:14:b0:ba:43:38:59:b5:af:ca:b9:5a:19:62:
60:21:ac:79:a5:c7:ee:48:61:df:2b:90:3a:ae:a6:39:7c:87:
0b:59:6a:08:a6:40:b8:70:3a:95:df:8e:cc:39:0c:de:61:9c:
43:86:31:8c:07:84:33:08:c1:c9:00:32:d9:b1:55:78:8a:77:
ec:20:14:d1:1b:eb:e3:fb:5a:d9:b2:ba:e7:f8:bf:c3:fe:12:
84:d4:0b:1e:6b:ad:01:94:91:47:45:78:d8:25:14:25:33:50:
e7:2e:c7:ea:77:a1:4a:65:37:e9:9e:ee:8a:f2:be:32:b2:b7:
59:1a:89:2a:43:a0:05:3e:32:13:b0:51:8c:a8:24:1b:b2:c8:
33:9b:89:e1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHmyuBfhjw5CLcyVuV7etQijftDYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3M2NkNmFhNjRlOTBmNWU3ZTQxNjBiNTNhNWYwYzQxNGIwOTM0NWEyZWE3
NzBhNGM2MjcyZDQ1MTc2ODMyMGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN3MsGuqgSSyQZrzP8zOuURNnluYMnWRmYJPUVjNEu9k4XDxhcLqUK0MraS4
FYhM7ALbXMZKlRe/+JMxi77qeo0FDMgRs6681vlB+WZVyHhqOW/VzmegU0XAhaj/
Kh99YrZXoW76ff3p+ho4synOyvldJBTb1MhBTjhfgO/Tvo+qpN9Xg63XRlQ228U6
zyS1BY314O9LJGtNyx/ldEMvyq0htRrkuw93U6ClZJ92EDzfvr/wUJvUbGd+sBnm
ClVHDr6/aYWpAeU4xtouXft00EB1mU+PQizsdtFFKD3X0xS/6pY8qHYQQopv9R9S
tC1gZZX/FxWIo4OhxeI/4xlSTRkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSYNkLT
dAYtAByF3a3F1wpS1ZRPwjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdiY2MxMjQtYmNkOC00MmVjLTkxMWYtMWI1NTFkY2VkYTY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H7g
MA0GCSqGSIb3DQEBCwUAA4IBAQBF4lTmIHgTNv0/LLMEWMPYs39oDsJpO1Cu6C5U
fWSZuyalAKFHRTlx0SYnFLuAZ8ymB58gEBREL/4nQFSkoeOA3d9H30OXlZNOJFwM
aKXR1U4VzDOWXVR0GZYiCsgic6I+AsDjwCPUkpyD3viJNHukGRSwukM4WbWvyrla
GWJgIax5pcfuSGHfK5A6rqY5fIcLWWoIpkC4cDqV347MOQzeYZxDhjGMB4QzCMHJ
ADLZsVV4infsIBTRG+vj+1rZsrrn+L/D/hKE1Asea60BlJFHRXjYJRQlM1DnLsfq
d6FKZTfpnu6K8r4ysrdZGokqQ6AFPjITsFGMqCQbssgzm4nh
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:27 2023 by rpki-client on console-ams.rpki-client.org