Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e430b563-cec7-4a92-9415-c4dc64252edc.roa
File: e430b563-cec7-4a92-9415-c4dc64252edc.roa (raw, json)
Hash identifier: ZW0ynRumrXUZecN+Y7LrbhSfbBmFK1vMH2Gw74DAZ/w=
Subject key identifier: 1F:38:6D:62:C8:F9:EC:A4:06:75:3E:D6:53:4C:56:21:D3:9F:EB:B2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 746F39DCF52BFF841DF71CB3EA47CEF1FDA00DD6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e430b563-cec7-4a92-9415-c4dc64252edc.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:6f:39:dc:f5:2b:ff:84:1d:f7:1c:b3:ea:47:ce:f1:fd:a0:0d:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=6b51d535672a9d7bf33c4e80bf182226b27ef9ca953fc6b6c51849f7204bd37c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:61:e7:a9:1e:d9:d5:69:77:1c:dd:f0:80:20:
7a:a6:94:fb:06:f2:fb:4c:2a:94:78:c3:89:e8:c3:
31:1b:7d:d3:dd:28:20:a5:ee:33:13:dc:d9:c8:9b:
8d:dc:23:3f:55:82:32:30:4f:f0:80:1b:05:e4:d4:
c2:89:22:21:7a:3a:96:91:4e:a5:0e:2c:71:15:f2:
cf:4c:d8:d9:cb:31:f6:27:e6:29:33:90:2f:9c:a1:
23:ba:33:e2:b2:2a:57:9e:6a:d3:dc:74:6c:b5:59:
dd:1f:7e:44:7c:3f:3f:4c:54:79:c7:68:cf:5f:97:
61:ae:d1:a0:37:af:54:fc:9d:ba:ed:a0:81:cf:72:
8c:40:74:f1:7e:d9:a0:62:7d:88:06:20:2b:36:f6:
40:3b:68:47:3f:5a:f2:33:2a:02:6c:71:e2:c3:cf:
ee:64:a9:cc:30:42:65:50:98:56:64:82:7f:a3:1c:
e1:d3:a3:0f:94:6c:aa:ce:ad:17:4c:1f:09:fc:6b:
d9:d9:ad:30:32:0c:b5:5b:0d:24:5b:13:16:91:be:
0c:0b:6a:15:55:fb:57:58:34:f1:95:ce:ba:a5:f5:
74:8a:41:ce:7f:2b:17:48:16:1d:a5:fd:6f:67:ff:
bd:96:1c:81:bf:a0:0c:63:70:ea:6d:97:ac:de:d8:
78:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:38:6D:62:C8:F9:EC:A4:06:75:3E:D6:53:4C:56:21:D3:9F:EB:B2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e430b563-cec7-4a92-9415-c4dc64252edc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:a000::/40
Signature Algorithm: sha256WithRSAEncryption
62:e1:43:b3:49:f3:5a:69:c5:05:aa:b8:cc:64:cc:06:66:5a:
44:b6:f1:a1:49:05:c5:8e:10:06:b4:d0:5e:18:ff:01:2a:ec:
93:bb:4e:19:bd:f3:66:b5:a7:14:d6:24:28:8c:c3:f5:a6:ed:
e0:17:e4:81:98:c9:6c:a1:68:64:7e:8e:b7:da:ba:43:a7:b9:
58:a0:39:6e:ca:37:9d:9b:73:23:b0:e8:c2:0c:ac:3c:3f:c9:
b0:a4:d0:04:af:be:42:32:a1:a6:30:5c:20:98:6b:e0:21:95:
75:c3:59:c0:e7:28:23:7b:8c:56:ac:27:a4:43:e1:9c:cc:33:
73:36:c9:51:09:9c:04:54:67:29:ba:52:ef:19:65:3f:f4:fe:
fa:4d:29:df:4e:68:2b:81:da:fb:3d:16:66:3a:73:97:3f:45:
35:75:22:2d:97:76:e6:35:ea:1e:ae:13:d3:34:7a:7e:2d:a0:
31:f8:bc:f0:28:ca:66:ff:4b:70:7c:3c:2d:bd:b8:63:03:8c:
76:d2:86:4a:10:ff:0a:94:68:92:ce:74:a6:6f:b0:b9:c3:98:
70:e5:db:ec:88:89:52:6a:c6:bf:57:db:1d:f9:46:a0:8a:65:
a9:38:8d:ab:b1:e4:ae:d1:b8:aa:7c:9b:3e:fc:92:ad:0a:1d:
85:b5:c7:98
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdG853PUr/4Qd9xyz6kfO8f2gDdYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiNTFkNTM1NjcyYTlkN2JmMzNjNGU4MGJmMTgyMjI2YjI3ZWY5Y2E5NTNm
YzZiNmM1MTg0OWY3MjA0YmQzN2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1h56ke2dVpdxzd8IAgeqaU+wby+0wqlHjDiejDMRt9090oIKXuMxPc2cib
jdwjP1WCMjBP8IAbBeTUwokiIXo6lpFOpQ4scRXyz0zY2csx9ifmKTOQL5yhI7oz
4rIqV55q09x0bLVZ3R9+RHw/P0xUecdoz1+XYa7RoDevVPyduu2ggc9yjEB08X7Z
oGJ9iAYgKzb2QDtoRz9a8jMqAmxx4sPP7mSpzDBCZVCYVmSCf6Mc4dOjD5Rsqs6t
F0wfCfxr2dmtMDIMtVsNJFsTFpG+DAtqFVX7V1g08ZXOuqX1dIpBzn8rF0gWHaX9
b2f/vZYcgb+gDGNw6m2XrN7YeEECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQfOG1i
yPnspAZ1PtZTTFYh05/rsjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTQzMGI1NjMtY2VjNy00YTkyLTk0MTUtYzRkYzY0MjUyZWRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hug
MA0GCSqGSIb3DQEBCwUAA4IBAQBi4UOzSfNaacUFqrjMZMwGZlpEtvGhSQXFjhAG
tNBeGP8BKuyTu04ZvfNmtacU1iQojMP1pu3gF+SBmMlsoWhkfo632rpDp7lYoDlu
yjedm3MjsOjCDKw8P8mwpNAEr75CMqGmMFwgmGvgIZV1w1nA5ygje4xWrCekQ+Gc
zDNzNslRCZwEVGcpulLvGWU/9P76TSnfTmgrgdr7PRZmOnOXP0U1dSItl3bmNeoe
rhPTNHp+LaAx+LzwKMpm/0twfDwtvbhjA4x20oZKEP8KlGiSznSmb7C5w5hw5dvs
iIlSasa/V9sd+UagimWpOI2rseSu0biqfJs+/JKtCh2FtceY
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:30 2023 by rpki-client on console-fra.rpki-client.org