Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb2bc12c-4c4b-47f5-b021-712a27e69a0f.roa
File: eb2bc12c-4c4b-47f5-b021-712a27e69a0f.roa (raw, json)
Hash identifier: 7WQKHZPRe/TWRAnsv/QNY2HN3/3XkTsIgzUGaWMVEkY=
Subject key identifier: 2B:75:3F:BD:3F:29:1D:CF:BC:AD:12:03:00:F2:A5:B2:4B:22:B5:93
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 501CCBC4D3B4092136B8C6E983A84C1176C8C95E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb2bc12c-4c4b-47f5-b021-712a27e69a0f.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:1c:cb:c4:d3:b4:09:21:36:b8:c6:e9:83:a8:4c:11:76:c8:c9:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=12419c193762e37ed763488a203148b7ca8ff22755b0f3e2540f2ea44f5a150d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:83:f6:d9:aa:21:84:a7:d1:95:cd:d8:19:04:
0a:d1:86:ba:a4:fd:81:03:41:3d:25:db:a0:d7:14:
51:48:50:1e:43:2e:28:49:e2:d7:f9:eb:fe:6f:8c:
7e:77:f8:3d:e7:9e:a1:3f:8a:f0:d6:d2:4b:16:8a:
57:0a:c6:1f:c5:b9:b9:21:c6:2a:0f:b9:e3:36:36:
c7:e5:50:10:aa:fb:23:dc:29:76:0e:f4:82:2d:c0:
fb:ff:c8:2d:6b:aa:fc:11:57:e2:41:32:72:4e:63:
34:cc:71:06:c3:7f:f4:63:7a:09:85:db:c2:ed:4b:
56:58:61:7b:46:c6:11:ae:47:f7:8e:28:c4:35:ed:
40:d5:dd:b1:b6:07:e7:18:15:74:7d:13:c8:ea:f5:
da:90:08:d9:5e:2d:b3:39:38:e4:19:9e:77:de:d1:
54:d6:a0:67:5e:1b:6d:84:ba:93:ec:bf:e9:4c:7d:
82:41:9b:2c:26:2f:4e:eb:07:ab:39:ec:bb:5d:ad:
7f:87:95:92:86:e4:79:3e:12:fb:f4:87:d5:4d:39:
86:19:d5:72:d6:ee:38:5d:10:2d:07:8b:2e:07:9f:
fe:07:fc:cf:92:98:1c:40:f7:ef:2e:90:48:38:89:
03:61:d5:4d:fa:3f:ab:9c:48:9c:0e:75:89:24:d1:
3e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:75:3F:BD:3F:29:1D:CF:BC:AD:12:03:00:F2:A5:B2:4B:22:B5:93
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb2bc12c-4c4b-47f5-b021-712a27e69a0f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2000::/40
Signature Algorithm: sha256WithRSAEncryption
c0:9c:b4:09:09:b7:fb:fc:b4:74:51:a3:74:c7:1f:4b:1f:37:
67:a0:b6:e7:f3:3b:f8:9f:0c:2c:b0:16:45:97:03:10:0c:13:
53:1b:42:b7:5c:c4:eb:e2:41:71:14:d5:70:66:a0:c6:44:8b:
b3:7d:4e:fe:32:66:c3:66:6a:2d:93:9d:1f:2c:d9:24:64:0c:
64:92:49:3a:83:bf:a7:05:01:45:48:1d:6f:1e:56:f8:27:00:
32:1a:44:9b:3b:4e:2a:99:7f:99:5e:92:69:d5:02:50:1c:73:
bf:24:8d:1e:03:4a:df:be:3a:ff:fe:f1:c1:9a:6e:a2:23:94:
01:c1:36:12:43:af:81:f1:51:f4:22:d2:1b:95:a3:53:cb:78:
31:53:04:76:a0:aa:0f:fa:b7:47:b6:d5:ab:0b:9c:e1:db:82:
fe:e8:dd:1d:6b:ff:5d:34:3f:a9:a8:ad:17:b1:7c:b1:1f:a5:
3d:15:fa:94:39:b7:90:05:27:0c:0b:8d:6b:f9:83:a8:7d:82:
32:2e:ff:52:22:fc:f2:45:bf:ae:dc:98:77:17:76:74:47:dc:
aa:d1:c2:ee:7c:3c:99:1e:b5:bd:5d:7e:53:1b:e7:d5:b5:e6:
30:b5:99:65:5c:27:5a:84:26:86:8d:7e:20:03:cd:97:27:4d:
5f:25:45:fe
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUBzLxNO0CSE2uMbpg6hMEXbIyV4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyNDE5YzE5Mzc2MmUzN2VkNzYzNDg4YTIwMzE0OGI3Y2E4ZmYyMjc1NWIw
ZjNlMjU0MGYyZWE0NGY1YTE1MGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALuD9tmqIYSn0ZXN2BkECtGGuqT9gQNBPSXboNcUUUhQHkMuKEni1/nr/m+M
fnf4PeeeoT+K8NbSSxaKVwrGH8W5uSHGKg+54zY2x+VQEKr7I9wpdg70gi3A+//I
LWuq/BFX4kEyck5jNMxxBsN/9GN6CYXbwu1LVlhhe0bGEa5H944oxDXtQNXdsbYH
5xgVdH0TyOr12pAI2V4tszk45Bmed97RVNagZ14bbYS6k+y/6Ux9gkGbLCYvTusH
qznsu12tf4eVkobkeT4S+/SH1U05hhnVctbuOF0QLQeLLgef/gf8z5KYHED37y6Q
SDiJA2HVTfo/q5xInA51iSTRPnsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQrdT+9
Pykdz7ytEgMA8qWySyK1kzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWIyYmMxMmMtNGM0Yi00N2Y1LWIwMjEtNzEyYTI3ZTY5YTBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAg
MA0GCSqGSIb3DQEBCwUAA4IBAQDAnLQJCbf7/LR0UaN0xx9LHzdnoLbn8zv4nwws
sBZFlwMQDBNTG0K3XMTr4kFxFNVwZqDGRIuzfU7+MmbDZmotk50fLNkkZAxkkkk6
g7+nBQFFSB1vHlb4JwAyGkSbO04qmX+ZXpJp1QJQHHO/JI0eA0rfvjr//vHBmm6i
I5QBwTYSQ6+B8VH0ItIblaNTy3gxUwR2oKoP+rdHttWrC5zh24L+6N0da/9dND+p
qK0XsXyxH6U9FfqUObeQBScMC41r+YOofYIyLv9SIvzyRb+u3Jh3F3Z0R9yq0cLu
fDyZHrW9XX5TG+fVteYwtZllXCdahCaGjX4gA82XJ01fJUX+
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:30 2023 by rpki-client on console-fra.rpki-client.org