Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
File: d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa (raw, json)
Hash identifier: 7aQWqeLZgjUU1uSK6fop9nwdANafqEtbUL5dcInMXjI=
Subject key identifier: C3:F1:F2:04:0F:41:87:29:30:FE:C8:C8:47:A6:9C:A2:DB:C1:AB:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3EC14AEBF52D2FBAFFFD9CA78D74C1B5811E47A9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d024::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:c1:4a:eb:f5:2d:2f:ba:ff:fd:9c:a7:8d:74:c1:b5:81:1e:47:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=3045a533824d95b2cfe5606094d9bd7aedd5422c1b95253c0ebdbd658f408585, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:58:09:4d:b5:ee:e9:6a:84:47:1f:7a:17:51:
68:87:fa:08:0d:63:e1:cc:1c:35:fe:98:0f:f2:fc:
40:54:a7:1c:ec:92:78:80:28:b2:99:ec:60:d6:6b:
67:16:0b:c3:d4:36:8e:13:7e:4b:47:ce:fa:28:c4:
07:7a:70:cc:46:0f:f5:34:87:d4:9f:70:67:8e:5f:
9a:46:b4:c6:38:96:22:51:ea:03:51:02:64:2a:a6:
f5:68:bd:19:63:92:1f:dc:17:78:0e:0d:93:b9:15:
df:8e:cb:65:3a:d3:65:ca:18:f4:15:67:e8:03:e2:
52:8f:0f:67:28:94:45:49:8d:71:02:9f:dd:e9:c0:
76:b3:35:fc:1b:4c:c1:d9:0d:9f:1b:07:8e:63:19:
41:08:4a:7c:17:e9:37:d0:20:cb:31:9e:c6:07:e1:
c0:d4:10:21:eb:60:0c:a4:de:36:10:34:b7:4e:d7:
b1:bb:9d:41:d5:4d:db:76:08:8c:ac:6b:02:12:3d:
81:52:7a:60:e8:ec:0a:7c:9f:ab:a3:59:10:3f:61:
21:d7:e3:48:bf:d3:5f:1f:40:78:50:fb:b4:3c:0e:
50:3d:4b:3c:0d:94:95:48:82:e8:93:e3:f9:c4:d4:
a5:7c:c0:54:ef:98:56:21:fa:4a:66:1b:fd:c0:5a:
c3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:F1:F2:04:0F:41:87:29:30:FE:C8:C8:47:A6:9C:A2:DB:C1:AB:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d024::/36
Signature Algorithm: sha256WithRSAEncryption
04:2b:d8:a7:c5:b7:41:bc:6d:83:87:a6:2b:16:df:3c:ac:12:
70:dc:4f:2a:4e:36:ba:03:df:7b:af:03:59:87:a6:0a:8c:18:
d9:98:29:5a:1f:f0:8c:2e:45:fe:0b:1c:24:58:71:b3:89:db:
ac:52:4b:75:50:3f:6b:84:95:43:fe:06:d5:42:d1:63:b8:53:
10:4f:db:3b:1a:79:e2:15:df:01:ec:ef:63:7f:31:3e:14:84:
7b:d6:4e:f9:1f:90:2c:ec:9c:4a:74:67:d1:df:66:01:23:81:
d5:67:70:5b:54:23:62:e2:75:f1:46:e2:15:1d:c3:83:b4:7c:
11:e9:70:4c:f6:f6:f9:02:38:ff:00:ae:65:46:dd:7f:0a:62:
a0:60:ec:d0:6d:40:44:c9:14:89:cf:4e:cc:a3:de:e4:ae:3b:
50:2d:a4:ad:75:3a:57:0a:33:a0:6c:11:91:7a:b2:b8:aa:34:
75:a5:bb:b1:a0:b8:da:ff:77:11:38:93:d5:6d:de:b0:a9:1b:
96:eb:90:61:af:29:eb:e2:eb:bb:28:28:72:a6:5f:b2:e7:f4:
8c:45:b7:fe:c1:8f:6b:37:c0:e2:66:d0:d1:55:40:dc:e4:21:
b0:86:20:42:35:0e:07:ca:46:8c:22:76:e3:ec:a2:de:63:bf:
69:fc:67:b9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPsFK6/UtL7r//ZynjXTBtYEeR6kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwNDVhNTMzODI0ZDk1YjJjZmU1NjA2MDk0ZDliZDdhZWRkNTQyMmMxYjk1
MjUzYzBlYmRiZDY1OGY0MDg1ODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxYCU217ulqhEcfehdRaIf6CA1j4cwcNf6YD/L8QFSnHOySeIAospnsYNZr
ZxYLw9Q2jhN+S0fO+ijEB3pwzEYP9TSH1J9wZ45fmka0xjiWIlHqA1ECZCqm9Wi9
GWOSH9wXeA4Nk7kV347LZTrTZcoY9BVn6APiUo8PZyiURUmNcQKf3enAdrM1/BtM
wdkNnxsHjmMZQQhKfBfpN9AgyzGexgfhwNQQIetgDKTeNhA0t07XsbudQdVN23YI
jKxrAhI9gVJ6YOjsCnyfq6NZED9hIdfjSL/TXx9AeFD7tDwOUD1LPA2UlUiC6JPj
+cTUpXzAVO+YViH6SmYb/cBawxECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTD8fIE
D0GHKTD+yMhHppyi28Gr7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDhmZjcwMTMtMDhiNi00ZTM2LWFiODgtYzRmOGJkM2U3YTA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CQA
MA0GCSqGSIb3DQEBCwUAA4IBAQAEK9inxbdBvG2Dh6YrFt88rBJw3E8qTja6A997
rwNZh6YKjBjZmClaH/CMLkX+CxwkWHGzidusUkt1UD9rhJVD/gbVQtFjuFMQT9s7
GnniFd8B7O9jfzE+FIR71k75H5As7JxKdGfR32YBI4HVZ3BbVCNi4nXxRuIVHcOD
tHwR6XBM9vb5Ajj/AK5lRt1/CmKgYOzQbUBEyRSJz07Mo97krjtQLaStdTpXCjOg
bBGRerK4qjR1pbuxoLja/3cROJPVbd6wqRuW65Bhrynr4uu7KChypl+y5/SMRbf+
wY9rN8DiZtDRVUDc5CGwhiBCNQ4HykaMInbj7KLeY79p/Ge5
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:27 2023 by rpki-client on console-ams.rpki-client.org