Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e937d1d6-ce02-43b8-8306-022b3b0fff00.roa
File: e937d1d6-ce02-43b8-8306-022b3b0fff00.roa (raw, json)
Hash identifier: fdtlQDHLVwio4syC2n2qXjZ0J2WhBZevSz6T0DPoDyo=
Subject key identifier: F9:08:ED:5C:44:33:AC:D7:D5:1B:C2:F0:50:A5:F9:5C:91:43:19:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5AE61D4F8161CDB0FF685C7A20DFA46AAB32E60C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e937d1d6-ce02-43b8-8306-022b3b0fff00.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:e6:1d:4f:81:61:cd:b0:ff:68:5c:7a:20:df:a4:6a:ab:32:e6:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=6146a473804846a88e4debc01b353be966843db1a9c6fad4bf44756b1b3bc408, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9c:a2:86:8f:4d:18:70:0a:07:47:7b:9b:6b:
d9:01:28:49:d2:40:fb:4a:7c:70:cd:33:ba:6e:18:
28:9a:3d:af:e5:a6:3f:e0:83:4f:fa:2c:a7:64:d7:
9f:67:fe:0d:3c:53:f3:07:56:a0:82:f6:49:9a:9c:
e1:21:1f:93:e1:0a:ee:46:bc:58:58:68:f4:53:fe:
de:5c:54:13:3f:2a:2d:81:06:1c:a7:c5:60:0e:6b:
c6:09:7d:13:ea:52:0c:7b:04:11:1a:ac:5e:2c:8f:
31:6f:35:3c:18:2c:6f:a7:74:7f:04:c4:e4:00:4f:
29:49:37:6d:6d:79:8a:05:2f:bc:bf:ec:e2:29:54:
5c:78:a0:f7:87:8a:e0:97:d0:09:92:73:03:ca:1a:
d8:ff:42:18:94:0f:db:49:51:b9:6e:8b:06:00:aa:
80:de:1e:92:be:4f:52:15:7a:d0:2e:75:95:22:47:
85:6e:0e:17:71:27:fd:7d:4e:c4:ef:df:b9:17:24:
f7:67:d3:42:cc:c1:73:c8:13:e5:9d:74:0f:75:ba:
62:15:b5:e3:14:c4:fe:44:9e:37:bc:aa:cf:89:3a:
42:61:cd:ad:b3:b7:1e:03:b1:59:c7:d6:ef:5e:b2:
61:f7:7e:64:35:51:bc:79:83:be:2b:29:e7:0a:9c:
6b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:08:ED:5C:44:33:AC:D7:D5:1B:C2:F0:50:A5:F9:5C:91:43:19:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e937d1d6-ce02-43b8-8306-022b3b0fff00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:c000::/40
Signature Algorithm: sha256WithRSAEncryption
06:64:25:23:5f:1a:38:79:06:b1:61:98:21:89:08:1c:78:25:
e0:3b:92:e2:2b:19:9e:ee:f3:62:13:67:15:41:77:8c:d5:fb:
9e:98:5c:65:2c:6d:c4:99:80:3c:88:8f:70:ba:fd:ad:ad:c5:
99:8e:1f:81:03:90:9c:27:17:3d:f3:31:a9:87:5b:08:4c:ac:
b3:91:38:7d:54:96:ed:70:f0:44:93:f3:67:99:a8:13:a1:82:
63:1a:0d:1d:e6:eb:a4:98:90:f9:ad:7b:a3:6b:bc:0c:2c:22:
7e:36:01:17:5a:9f:10:ed:ba:1a:60:09:6c:c2:7d:3b:81:27:
a6:2d:78:3b:c8:78:9e:2e:9b:31:f9:4b:76:5c:81:9b:f3:89:
e1:79:67:db:de:c9:a4:9f:94:f5:b4:41:b8:2e:36:d9:1a:09:
5c:9e:0e:32:8c:ca:b1:7a:1d:73:8a:dd:58:88:83:50:4f:ad:
02:49:5a:d2:f7:a6:21:0d:05:1b:4e:ad:c2:58:39:9b:55:fb:
62:7f:5a:4d:af:4e:ed:61:b9:76:54:cf:2d:ff:f1:6e:a5:25:
67:9b:85:ff:c7:e8:37:ae:8f:38:cf:ce:eb:16:e8:8a:d1:b4:
14:b7:e1:32:ca:df:6f:3d:f8:3c:98:ce:20:4e:73:31:10:32:
16:e6:d8:1f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWuYdT4FhzbD/aFx6IN+kaqsy5gwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxNDZhNDczODA0ODQ2YTg4ZTRkZWJjMDFiMzUzYmU5NjY4NDNkYjFhOWM2
ZmFkNGJmNDQ3NTZiMWIzYmM0MDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+cooaPTRhwCgdHe5tr2QEoSdJA+0p8cM0zum4YKJo9r+WmP+CDT/osp2TX
n2f+DTxT8wdWoIL2SZqc4SEfk+EK7ka8WFho9FP+3lxUEz8qLYEGHKfFYA5rxgl9
E+pSDHsEERqsXiyPMW81PBgsb6d0fwTE5ABPKUk3bW15igUvvL/s4ilUXHig94eK
4JfQCZJzA8oa2P9CGJQP20lRuW6LBgCqgN4ekr5PUhV60C51lSJHhW4OF3En/X1O
xO/fuRck92fTQszBc8gT5Z10D3W6YhW14xTE/kSeN7yqz4k6QmHNrbO3HgOxWcfW
716yYfd+ZDVRvHmDvisp5wqca8sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT5CO1c
RDOs19UbwvBQpflckUMZrzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTkzN2QxZDYtY2UwMi00M2I4LTgzMDYtMDIyYjNiMGZmZjAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DXA
MA0GCSqGSIb3DQEBCwUAA4IBAQAGZCUjXxo4eQaxYZghiQgceCXgO5LiKxme7vNi
E2cVQXeM1fuemFxlLG3EmYA8iI9wuv2trcWZjh+BA5CcJxc98zGph1sITKyzkTh9
VJbtcPBEk/NnmagToYJjGg0d5uukmJD5rXuja7wMLCJ+NgEXWp8Q7boaYAlswn07
gSemLXg7yHieLpsx+Ut2XIGb84nheWfb3smkn5T1tEG4LjbZGglcng4yjMqxeh1z
it1YiINQT60CSVrS96YhDQUbTq3CWDmbVftif1pNr07tYbl2VM8t//FupSVnm4X/
x+g3ro84z87rFuiK0bQUt+Eyyt9vPfg8mM4gTnMxEDIW5tgf
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:30 2023 by rpki-client on console-fra.rpki-client.org