Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbf8995d-72bc-4ff4-9613-29616c6d58dc.roa
File: dbf8995d-72bc-4ff4-9613-29616c6d58dc.roa (raw, json)
Hash identifier: 0l+kD/pXIBgc9pA/G8OqKqu9ZuDe7ZajwK58TMJXx8k=
Subject key identifier: 2F:E6:AB:42:31:17:B9:37:9F:FD:5B:07:BE:FE:0E:79:61:62:B6:AC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4716B5B32658655CF9BCB266B8CD5CFA3B578207
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbf8995d-72bc-4ff4-9613-29616c6d58dc.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:16:b5:b3:26:58:65:5c:f9:bc:b2:66:b8:cd:5c:fa:3b:57:82:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=58472744bf84cdac835d24d6b1542bb716f6cae1bf374c69aa13ad176c583aa6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ca:08:68:61:24:3f:b3:33:76:79:0e:63:f5:
30:c9:e5:c6:52:a5:e5:11:29:f9:1f:5d:1f:fa:ff:
94:0b:42:65:8d:97:0c:d5:2a:ef:ce:80:ec:7e:ef:
83:d2:12:c0:38:e5:ea:59:64:e8:45:b9:54:f9:c4:
29:7a:d5:5d:39:d2:b8:4b:11:1c:a7:52:68:3a:67:
4e:f8:26:66:c9:a9:de:7f:c4:d2:ab:3f:03:92:e5:
fd:08:35:da:a8:07:39:34:71:8d:bb:ca:b1:43:80:
45:4c:42:81:84:38:11:3d:a1:17:66:d8:79:2d:a2:
48:d0:43:45:5d:5a:d4:9a:c8:64:a3:3e:1f:82:5e:
5a:74:2f:6f:d7:d3:a6:94:83:ed:d1:f4:04:37:57:
13:31:75:54:62:76:9f:51:d8:d6:ba:65:a6:2c:1a:
62:03:29:10:0c:ea:3f:54:6f:50:87:05:0a:96:ab:
6a:95:85:69:3d:0b:0d:8f:3c:6a:19:ee:14:0c:43:
81:c8:46:5d:7f:9a:07:8b:b1:1c:92:59:10:7c:2e:
95:4a:3e:6b:bb:a2:37:a4:41:16:f4:78:90:71:00:
a0:0b:b7:26:c2:97:2a:df:10:d7:52:4c:24:d7:fd:
2b:8b:27:44:0e:f5:21:c8:89:d2:07:3b:98:e8:6b:
c6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:E6:AB:42:31:17:B9:37:9F:FD:5B:07:BE:FE:0E:79:61:62:B6:AC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbf8995d-72bc-4ff4-9613-29616c6d58dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c:a000::/40
Signature Algorithm: sha256WithRSAEncryption
7a:6e:cb:3b:5b:6c:64:57:f0:4a:eb:b7:84:bb:78:fe:24:fc:
79:6d:c9:38:87:a1:7f:c9:68:8f:da:b6:19:39:dc:66:fa:8c:
71:8b:25:ce:71:87:a7:4d:92:84:24:7b:1a:6d:5c:e7:9f:49:
bf:f3:16:f7:a0:50:7b:9c:a0:8a:b6:e9:18:0b:30:5e:b8:d8:
bd:30:c6:f6:ea:53:79:e7:94:7d:85:c6:ab:c1:86:f0:6d:e8:
41:d2:2e:e4:2b:df:e0:3b:3f:ec:49:a2:9e:12:cc:2f:12:06:
3b:25:63:bd:de:cc:76:b7:f2:ae:85:5b:77:9c:43:9d:09:3e:
81:91:9f:00:52:60:ee:dc:41:2d:da:b1:b2:98:dc:50:c3:71:
e9:22:9d:ce:57:e5:80:66:3e:1b:8c:31:a8:ff:a8:4a:93:8a:
90:86:23:d8:8d:87:dc:e6:a6:df:3b:15:87:9b:34:98:6b:92:
9d:d5:9d:f1:9e:fc:b5:6c:51:79:19:08:e7:d1:59:a2:51:25:
b5:6c:f4:46:2e:c4:d6:b1:d4:d8:c3:61:3c:34:77:6f:78:85:
2a:d4:66:97:76:f2:50:58:13:48:82:92:f1:3a:ed:ba:69:59:
f7:2b:89:20:59:b7:6e:a8:50:1c:db:13:52:6b:10:ac:aa:54:
66:8f:a2:2a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURxa1syZYZVz5vLJmuM1c+jtXggcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4NDcyNzQ0YmY4NGNkYWM4MzVkMjRkNmIxNTQyYmI3MTZmNmNhZTFiZjM3
NGM2OWFhMTNhZDE3NmM1ODNhYTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANnKCGhhJD+zM3Z5DmP1MMnlxlKl5REp+R9dH/r/lAtCZY2XDNUq786A7H7v
g9ISwDjl6llk6EW5VPnEKXrVXTnSuEsRHKdSaDpnTvgmZsmp3n/E0qs/A5Ll/Qg1
2qgHOTRxjbvKsUOARUxCgYQ4ET2hF2bYeS2iSNBDRV1a1JrIZKM+H4JeWnQvb9fT
ppSD7dH0BDdXEzF1VGJ2n1HY1rplpiwaYgMpEAzqP1RvUIcFCparapWFaT0LDY88
ahnuFAxDgchGXX+aB4uxHJJZEHwulUo+a7uiN6RBFvR4kHEAoAu3JsKXKt8Q11JM
JNf9K4snRA71IciJ0gc7mOhrxlECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQv5qtC
MRe5N5/9Wwe+/g55YWK2rDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGJmODk5NWQtNzJiYy00ZmY0LTk2MTMtMjk2MTZjNmQ1OGRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hyg
MA0GCSqGSIb3DQEBCwUAA4IBAQB6bss7W2xkV/BK67eEu3j+JPx5bck4h6F/yWiP
2rYZOdxm+oxxiyXOcYenTZKEJHsabVznn0m/8xb3oFB7nKCKtukYCzBeuNi9MMb2
6lN555R9hcarwYbwbehB0i7kK9/gOz/sSaKeEswvEgY7JWO93sx2t/KuhVt3nEOd
CT6BkZ8AUmDu3EEt2rGymNxQw3HpIp3OV+WAZj4bjDGo/6hKk4qQhiPYjYfc5qbf
OxWHmzSYa5Kd1Z3xnvy1bFF5GQjn0VmiUSW1bPRGLsTWsdTYw2E8NHdveIUq1GaX
dvJQWBNIgpLxOu26aVn3K4kgWbduqFAc2xNSaxCsqlRmj6Iq
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org