Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e8fedb09-473e-4b00-a883-7b7a8b1245ba.roa
File: e8fedb09-473e-4b00-a883-7b7a8b1245ba.roa (raw, json)
Hash identifier: AR5wEqeKuKRI+u3iMJasQRobxhYcmFpdl6aEQYcHnVw=
Subject key identifier: 39:FD:D5:EE:C3:9D:F0:18:D0:35:74:3E:42:B8:E4:B7:57:CF:C6:38
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 214DE5D2F1D51ECE0E8D4FADCEC990D7C8C0DBB1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e8fedb09-473e-4b00-a883-7b7a8b1245ba.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:4d:e5:d2:f1:d5:1e:ce:0e:8d:4f:ad:ce:c9:90:d7:c8:c0:db:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=7a384676f178e65cc4eda9490601788457245785c971af35b5f1edf211dad965, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7d:c9:d3:25:1c:1b:8e:de:38:fe:e3:3b:06:
e4:34:e4:d9:48:c0:c5:f0:44:3a:53:93:37:91:e7:
3c:c3:62:80:67:6f:2a:a3:6a:da:2f:6d:57:2f:23:
66:b5:e4:48:21:bb:8a:73:41:77:a0:86:ea:a6:ee:
79:90:62:7f:2c:a5:28:f8:3d:8d:bc:37:7d:fc:6b:
cb:cb:5b:39:1d:9c:bf:d1:9e:3f:87:94:ce:93:aa:
c2:8c:69:55:61:8f:8c:cb:21:d2:73:b9:e5:7f:5e:
42:8a:01:51:15:ff:07:a5:13:64:4c:05:7d:25:97:
c4:b8:5e:dd:ca:e4:c3:c7:a2:20:e3:b1:40:79:1a:
cc:f3:26:e2:44:ad:bd:13:7e:a9:14:d8:e8:13:11:
a1:18:33:c9:e0:e2:3a:0c:93:61:b8:87:df:24:c6:
c0:7f:55:50:fc:94:8d:f6:4a:27:87:be:06:1d:be:
dd:91:12:fa:33:43:1b:cc:d1:63:77:1d:db:ca:64:
60:04:e9:b0:30:3d:0e:19:e2:70:a9:bb:db:cb:99:
31:5c:2c:25:e8:e3:75:c0:89:95:a3:88:4c:7d:2d:
9b:19:52:96:63:07:06:76:3f:8d:01:9e:98:76:a9:
4d:c3:d7:54:7d:64:8e:f4:93:39:f1:74:0b:73:48:
74:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:FD:D5:EE:C3:9D:F0:18:D0:35:74:3E:42:B8:E4:B7:57:CF:C6:38
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e8fedb09-473e-4b00-a883-7b7a8b1245ba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e::/36
Signature Algorithm: sha256WithRSAEncryption
67:59:52:eb:b2:3c:4c:f7:dc:05:81:4e:66:20:39:3f:bf:2c:
25:0b:7f:38:0a:ef:cc:eb:f1:76:b7:f9:5a:fa:b3:12:81:b0:
cc:37:25:68:f7:67:e2:cd:9e:ab:ed:43:75:02:e8:dc:f0:d6:
e7:05:e2:20:25:f9:bd:30:e7:68:4e:9b:fc:26:72:4d:12:72:
d1:13:ea:34:ea:0a:4c:13:1f:c4:5c:24:0d:20:ad:3a:e5:47:
f0:12:c1:6f:f6:b3:15:e1:31:57:9f:5b:56:c4:a2:89:18:1c:
d8:89:23:cb:53:de:06:5f:3d:9a:e5:d0:7f:ba:c2:ac:f9:4e:
6e:59:2b:c8:55:09:1d:ed:a3:9b:69:31:55:a5:81:17:24:7a:
5f:30:ec:45:45:11:29:34:b9:a5:be:97:3c:f0:0f:43:fd:51:
d1:1a:29:65:63:e8:95:05:de:e0:bd:a7:40:d7:3c:73:60:ec:
41:2c:76:b7:df:f2:e6:3c:c2:41:a7:38:30:bb:33:27:00:1a:
08:a3:89:3e:43:74:95:39:60:4f:87:20:f1:00:94:be:be:b1:
aa:77:71:4e:9c:38:f6:2b:c7:d0:94:79:ca:17:2a:60:18:f2:
b9:17:a4:14:33:cd:b6:e0:ba:93:84:8e:c9:c7:97:89:37:83:
31:66:8b:4f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIU3l0vHVHs4OjU+tzsmQ18jA27EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhMzg0Njc2ZjE3OGU2NWNjNGVkYTk0OTA2MDE3ODg0NTcyNDU3ODVjOTcx
YWYzNWI1ZjFlZGYyMTFkYWQ5NjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMx9ydMlHBuO3jj+4zsG5DTk2UjAxfBEOlOTN5HnPMNigGdvKqNq2i9tVy8j
ZrXkSCG7inNBd6CG6qbueZBifyylKPg9jbw3ffxry8tbOR2cv9GeP4eUzpOqwoxp
VWGPjMsh0nO55X9eQooBURX/B6UTZEwFfSWXxLhe3crkw8eiIOOxQHkazPMm4kSt
vRN+qRTY6BMRoRgzyeDiOgyTYbiH3yTGwH9VUPyUjfZKJ4e+Bh2+3ZES+jNDG8zR
Y3cd28pkYATpsDA9DhnicKm728uZMVwsJejjdcCJlaOITH0tmxlSlmMHBnY/jQGe
mHapTcPXVH1kjvSTOfF0C3NIdI8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ5/dXu
w53wGNA1dD5CuOS3V8/GODAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZThmZWRiMDktNDczZS00YjAwLWE4ODMtN2I3YThiMTI0NWJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0B4A
MA0GCSqGSIb3DQEBCwUAA4IBAQBnWVLrsjxM99wFgU5mIDk/vywlC384Cu/M6/F2
t/la+rMSgbDMNyVo92fizZ6r7UN1Aujc8NbnBeIgJfm9MOdoTpv8JnJNEnLRE+o0
6gpMEx/EXCQNIK065UfwEsFv9rMV4TFXn1tWxKKJGBzYiSPLU94GXz2a5dB/usKs
+U5uWSvIVQkd7aObaTFVpYEXJHpfMOxFRREpNLmlvpc88A9D/VHRGillY+iVBd7g
vadA1zxzYOxBLHa33/LmPMJBpzgwuzMnABoIo4k+Q3SVOWBPhyDxAJS+vrGqd3FO
nDj2K8fQlHnKFypgGPK5F6QUM8224LqThI7Jx5eJN4MxZotP
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org