Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e69b1519-f345-43aa-8c6b-cd786ee13404.roa
File: e69b1519-f345-43aa-8c6b-cd786ee13404.roa (raw, json)
Hash identifier: XfOTH7CUbnP56VYC/RpbM0TbKAqTA7QQljpcDNVV2L4=
Subject key identifier: 74:34:5C:C8:2C:68:F6:56:49:C3:98:F2:C2:5D:DC:CF:B4:FC:05:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 411DC98B6393F74DA8D9B2D76D487AD53F116958
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e69b1519-f345-43aa-8c6b-cd786ee13404.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:1d:c9:8b:63:93:f7:4d:a8:d9:b2:d7:6d:48:7a:d5:3f:11:69:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=bd2f75e24ee9ab9319dbd7be63a18417fd30befb50b70b7a649c56acc59fd752, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:69:15:09:9e:c6:97:4c:0a:f5:23:0e:2c:d3:
5b:32:40:68:fa:0f:f2:4e:9e:58:57:ff:28:53:0d:
7a:d8:ab:1f:58:c1:38:23:c5:a8:80:c5:27:60:26:
5c:e5:0b:3f:33:f2:45:e1:1b:a5:33:24:ab:8f:96:
6c:3b:b5:c3:56:38:a4:fd:17:b3:85:53:0b:56:92:
34:64:39:bb:90:73:78:e1:20:57:35:bd:4c:bd:44:
3a:1f:bd:1b:b7:6a:a9:69:82:88:b8:72:64:0e:19:
d9:98:81:39:21:a4:2a:2f:fa:1b:88:f3:d0:4b:1c:
17:4c:da:8e:b0:da:71:37:cd:9d:09:cd:0d:80:3f:
9b:fa:97:24:ab:f6:01:ed:1c:6b:90:7e:9d:03:dc:
7c:e5:e4:a5:48:48:c0:42:cb:a3:be:bf:e9:4d:8c:
49:b3:8c:39:d0:18:59:53:5c:fa:d8:d6:0e:cc:c8:
07:ae:59:69:14:62:a2:ac:c8:d2:29:33:58:32:2e:
4c:bb:fe:ac:54:a0:07:36:a4:9d:63:cc:47:48:cd:
6f:a3:c8:a7:91:ca:b9:19:4f:36:b5:cb:17:3a:15:
5e:9a:f6:1b:fd:e1:75:55:87:8d:7e:02:45:36:14:
77:ec:6d:b6:14:e2:ec:c8:7f:65:26:04:5e:58:0a:
5a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:34:5C:C8:2C:68:F6:56:49:C3:98:F2:C2:5D:DC:CF:B4:FC:05:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e69b1519-f345-43aa-8c6b-cd786ee13404.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:5000::/40
Signature Algorithm: sha256WithRSAEncryption
65:49:de:c7:99:3e:e0:20:b2:fe:7d:01:7a:2d:fe:34:96:3b:
e8:fe:c0:5b:f9:43:1b:fd:1a:c2:e4:6c:d0:4c:67:53:a1:cc:
19:ee:cc:1d:d0:dc:ec:f7:44:2a:ef:ca:b1:aa:16:03:3b:bd:
3d:e4:b4:9f:b0:dd:70:a2:3d:c6:25:4b:bc:72:8c:9f:6c:25:
59:41:f0:65:65:6e:d8:a8:62:8e:cb:49:cf:31:48:92:aa:89:
0c:05:97:40:1f:81:92:83:36:f5:2a:9a:8e:d5:49:48:37:16:
1e:78:d6:71:9a:1b:57:42:2d:75:2b:90:41:c4:15:6c:3e:e4:
fb:01:c3:dd:cb:16:9c:35:b3:ba:f9:47:a9:50:9f:f2:0a:95:
97:32:42:5e:7d:2a:67:4c:fe:a2:7e:9a:40:94:01:98:15:ed:
04:c9:38:90:d1:5a:64:eb:8e:12:41:8d:70:db:96:b4:44:59:
a1:3a:3b:d4:df:c5:25:54:c4:60:a4:59:66:87:d2:30:f3:23:
4b:cf:fc:66:00:3c:d4:5f:2e:24:34:5a:ca:99:e5:54:32:bf:
38:90:f7:7c:83:7e:cb:e2:fd:df:b9:e8:07:1c:c0:4a:f4:2c:
94:6a:4b:de:16:4a:08:23:52:be:69:0b:71:05:7a:00:0f:4c:
95:41:b8:50
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQR3Ji2OT902o2bLXbUh61T8RaVgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkMmY3NWUyNGVlOWFiOTMxOWRiZDdiZTYzYTE4NDE3ZmQzMGJlZmI1MGI3
MGI3YTY0OWM1NmFjYzU5ZmQ3NTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANRpFQmexpdMCvUjDizTWzJAaPoP8k6eWFf/KFMNetirH1jBOCPFqIDFJ2Am
XOULPzPyReEbpTMkq4+WbDu1w1Y4pP0Xs4VTC1aSNGQ5u5BzeOEgVzW9TL1EOh+9
G7dqqWmCiLhyZA4Z2ZiBOSGkKi/6G4jz0EscF0zajrDacTfNnQnNDYA/m/qXJKv2
Ae0ca5B+nQPcfOXkpUhIwELLo76/6U2MSbOMOdAYWVNc+tjWDszIB65ZaRRioqzI
0ikzWDIuTLv+rFSgBzaknWPMR0jNb6PIp5HKuRlPNrXLFzoVXpr2G/3hdVWHjX4C
RTYUd+xtthTi7Mh/ZSYEXlgKWt0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR0NFzI
LGj2VknDmPLCXdzPtPwFjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTY5YjE1MTktZjM0NS00M2FhLThjNmItY2Q3ODZlZTEzNDA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBlSd7HmT7gILL+fQF6Lf40ljvo/sBb+UMb/RrC
5GzQTGdTocwZ7swd0Nzs90Qq78qxqhYDO7095LSfsN1woj3GJUu8coyfbCVZQfBl
ZW7YqGKOy0nPMUiSqokMBZdAH4GSgzb1KpqO1UlINxYeeNZxmhtXQi11K5BBxBVs
PuT7AcPdyxacNbO6+UepUJ/yCpWXMkJefSpnTP6ifppAlAGYFe0EyTiQ0Vpk644S
QY1w25a0RFmhOjvU38UlVMRgpFlmh9Iw8yNLz/xmADzUXy4kNFrKmeVUMr84kPd8
g37L4v3fuegHHMBK9CyUakveFkoII1K+aQtxBXoAD0yVQbhQ
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org