Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0dbf3e3-27cf-4059-abd9-b44b66e2bf22.roa
File: e0dbf3e3-27cf-4059-abd9-b44b66e2bf22.roa (raw, json)
Hash identifier: /WXW228Aj+9jlupC2MfAwKHC2/xLvabnhUj/Eufyhws=
Subject key identifier: 6F:E6:2E:7F:69:CD:20:9C:9F:AE:5B:4C:49:F4:75:A2:5B:F5:BB:54
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 455A7229F7A5D0FC458914EE5449345F1F43C8FE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0dbf3e3-27cf-4059-abd9-b44b66e2bf22.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:5a:72:29:f7:a5:d0:fc:45:89:14:ee:54:49:34:5f:1f:43:c8:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=1851732d696d9693009440f60c67aa826c41c0e2d23c4d6074114d690c996a08, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2b:bc:f7:e0:14:d1:70:54:42:dd:fd:1b:e0:
04:be:b0:83:b8:b6:c7:05:ff:84:e5:b3:27:64:3a:
f5:44:1e:f0:83:63:7e:ba:c5:5c:42:24:aa:48:4d:
73:64:8a:df:d1:16:93:c1:10:6b:dd:08:8e:03:cc:
ad:cd:81:ec:fe:fe:55:3e:46:05:d6:39:9a:8a:46:
de:6d:ce:b2:c3:fd:ae:3c:c5:ae:b3:03:4b:88:ca:
49:67:82:d3:05:c0:bd:f6:3c:5a:3f:24:ee:3b:dc:
f6:3d:1c:18:0b:02:74:9e:f9:66:00:de:ac:3c:63:
e2:49:59:39:c9:54:11:b3:e8:9d:d0:b2:77:89:f3:
b4:47:1f:e7:6c:a4:02:a7:41:79:21:94:6d:e2:68:
98:a6:44:d2:21:5d:43:93:cd:97:b4:38:65:80:e4:
23:dc:25:b8:b8:7e:7f:bd:43:f3:19:8f:52:a8:02:
8c:ff:fd:40:f5:21:99:62:b8:d7:35:dd:21:90:21:
e9:e4:87:60:a3:62:db:fd:4f:5c:26:a5:97:e2:96:
21:87:ae:c0:9b:3d:0e:61:02:e7:10:b5:ad:61:37:
16:34:86:e0:28:b1:bb:4b:98:d9:f8:3a:fd:7e:f0:
e4:46:0e:4d:3d:3f:23:53:9c:a0:fe:bc:fd:42:82:
1e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:E6:2E:7F:69:CD:20:9C:9F:AE:5B:4C:49:F4:75:A2:5B:F5:BB:54
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0dbf3e3-27cf-4059-abd9-b44b66e2bf22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:a000::/40
Signature Algorithm: sha256WithRSAEncryption
67:4e:59:02:37:a2:71:d7:04:4d:23:ab:9e:9b:12:62:01:97:
4b:79:86:1a:bc:95:f1:ff:6f:1a:0a:40:cb:9d:a6:79:fb:25:
2d:2b:5f:d5:14:75:64:63:cc:13:3a:48:b5:54:bd:63:ba:17:
ac:35:85:da:db:f6:a8:31:1c:e1:7b:e8:69:97:19:6c:75:9f:
16:ff:90:ec:6f:6e:c3:df:77:ee:64:b8:0b:c7:7c:1e:35:fd:
66:08:cc:f3:0f:c4:e9:2b:e1:62:f5:fd:bb:08:4e:76:9f:52:
56:42:32:a4:79:b9:61:42:77:ff:a3:7a:ef:3b:bb:a9:61:6e:
09:e4:29:14:7c:07:15:28:d2:8c:f1:77:9e:7b:54:25:d9:ee:
56:a2:d6:50:ba:44:bc:00:ea:f2:24:c9:e5:e9:1c:d5:9d:b4:
cd:cc:a3:1a:56:c8:cb:e2:0f:a2:5a:fc:c5:d4:14:0b:c1:1a:
ec:f4:92:15:31:cf:68:7e:94:81:94:81:7c:9f:d3:b3:b0:f5:
b6:50:51:5e:f5:8c:59:d3:b1:e6:c8:ea:d8:55:01:87:ba:3f:
18:9b:d5:25:66:17:8f:08:bc:ca:15:8e:5a:61:35:35:a0:b4:
f2:a0:6f:12:4b:3f:30:fa:55:54:19:53:61:43:25:1b:7c:e5:
ca:9e:5b:5e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURVpyKfel0PxFiRTuVEk0Xx9DyP4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4NTE3MzJkNjk2ZDk2OTMwMDk0NDBmNjBjNjdhYTgyNmM0MWMwZTJkMjNj
NGQ2MDc0MTE0ZDY5MGM5OTZhMDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALArvPfgFNFwVELd/RvgBL6wg7i2xwX/hOWzJ2Q69UQe8INjfrrFXEIkqkhN
c2SK39EWk8EQa90IjgPMrc2B7P7+VT5GBdY5mopG3m3OssP9rjzFrrMDS4jKSWeC
0wXAvfY8Wj8k7jvc9j0cGAsCdJ75ZgDerDxj4klZOclUEbPondCyd4nztEcf52yk
AqdBeSGUbeJomKZE0iFdQ5PNl7Q4ZYDkI9wluLh+f71D8xmPUqgCjP/9QPUhmWK4
1zXdIZAh6eSHYKNi2/1PXCall+KWIYeuwJs9DmEC5xC1rWE3FjSG4Cixu0uY2fg6
/X7w5EYOTT0/I1OcoP68/UKCHgsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRv5i5/
ac0gnJ+uW0xJ9HWiW/W7VDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTBkYmYzZTMtMjdjZi00MDU5LWFiZDktYjQ0YjY2ZTJiZjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DGg
MA0GCSqGSIb3DQEBCwUAA4IBAQBnTlkCN6Jx1wRNI6uemxJiAZdLeYYavJXx/28a
CkDLnaZ5+yUtK1/VFHVkY8wTOki1VL1juhesNYXa2/aoMRzhe+hplxlsdZ8W/5Ds
b27D33fuZLgLx3weNf1mCMzzD8TpK+Fi9f27CE52n1JWQjKkeblhQnf/o3rvO7up
YW4J5CkUfAcVKNKM8Xeee1Ql2e5WotZQukS8AOryJMnl6RzVnbTNzKMaVsjL4g+i
WvzF1BQLwRrs9JIVMc9ofpSBlIF8n9OzsPW2UFFe9YxZ07HmyOrYVQGHuj8Ym9Ul
ZhePCLzKFY5aYTU1oLTyoG8SSz8w+lVUGVNhQyUbfOXKnlte
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org