Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
File: eb69b216-60d5-4f56-b2b8-3401f331f31e.roa (raw, json)
Hash identifier: 2RdWf0FnSgTdOFTFH7txe1NTB3+tBjMky6M+pogtQyM=
Subject key identifier: D0:FB:04:5A:59:B9:C8:5D:05:F6:76:44:A1:98:76:9F:47:8A:3D:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0D991AD58D5E3A38B2DDF5DD04B1CBAB74C81900
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:99:1a:d5:8d:5e:3a:38:b2:dd:f5:dd:04:b1:cb:ab:74:c8:19:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=d5352a6c2b4a038a6c75dcf1cd21505e71d5298205035d75c9b8c85400769bbc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2b:55:5e:a3:b0:13:7a:ec:fe:13:7b:b1:b2:
90:dd:90:b8:42:81:ff:20:d4:43:46:fe:5e:a3:9d:
ac:6a:38:ea:76:68:71:c2:2c:cc:10:3a:42:16:4a:
07:e6:a6:82:a1:73:dd:bf:bd:a0:f8:f5:74:ec:87:
97:c7:39:b0:39:98:75:af:bf:59:0e:de:12:25:6d:
5d:b4:d0:9c:6b:13:03:28:b7:af:3a:e6:1c:90:87:
6f:c0:40:eb:04:9c:26:cf:dd:13:65:fa:7f:00:14:
a9:6c:6b:f5:ff:67:a2:c4:34:6a:a3:f7:de:4c:0e:
83:6e:28:3f:32:53:26:a1:b8:71:aa:0c:d2:69:51:
83:9b:ef:ba:76:98:a6:e3:f8:a2:b6:47:5c:4a:a4:
c1:0b:82:27:25:9a:1a:c1:34:97:c7:49:51:f9:b5:
96:64:5a:26:66:d4:75:8a:98:54:77:6c:75:e1:54:
e7:ae:82:ef:d5:5f:e0:61:20:c5:d6:23:66:8a:0f:
ca:b2:3d:ed:31:78:26:41:cf:6b:f3:94:ce:07:19:
9c:37:c7:18:49:a7:50:3b:c0:fc:0b:24:02:82:c2:
9b:2e:d3:3a:d8:6a:f6:90:42:10:ba:6c:da:c0:d5:
25:c2:75:b9:2d:57:74:7f:26:ac:1f:ff:db:bd:96:
04:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:FB:04:5A:59:B9:C8:5D:05:F6:76:44:A1:98:76:9F:47:8A:3D:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:4000::/40
Signature Algorithm: sha256WithRSAEncryption
be:7a:75:7a:86:ec:05:a1:0a:bc:29:16:34:39:6e:85:4e:bb:
71:0e:48:d8:ee:4e:e5:7e:14:2d:d7:71:4e:1a:a6:38:a9:de:
e8:24:51:af:6d:17:9a:9e:e8:ae:01:ec:a2:58:a0:a5:db:ab:
55:e2:a7:43:16:f2:ae:0c:d2:02:d2:50:80:27:46:d6:c6:4f:
a5:ac:8d:ff:ae:1f:26:23:7c:f0:bc:b7:fb:b5:b4:fd:0a:da:
0d:61:66:d0:1b:39:3a:5a:ef:07:86:1f:27:37:07:e6:59:77:
03:f5:82:d2:40:6a:73:48:0e:0a:92:6a:8d:ba:c3:6d:51:49:
00:a7:6d:da:44:11:17:4c:26:5f:2d:f0:ee:05:36:ab:f2:56:
b5:63:41:02:cd:bf:ad:a7:3e:2d:1b:95:45:45:f4:44:05:2c:
83:e3:46:17:47:46:80:59:d0:7f:82:ee:13:37:68:fd:fc:ca:
50:98:96:54:ed:58:41:88:b3:c4:a5:35:93:dc:b6:77:90:2e:
bb:01:6d:02:4b:8a:dd:fb:97:8e:7c:d4:13:13:5a:6a:85:84:
f7:4a:3b:69:71:92:5e:3a:af:5c:3b:9d:bd:0b:ab:2a:5e:73:
04:5e:80:7b:2c:54:56:d1:07:2e:47:c1:5d:75:c6:ff:fe:a7:
91:75:74:77
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDZka1Y1eOjiy3fXdBLHLq3TIGQAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1MzUyYTZjMmI0YTAzOGE2Yzc1ZGNmMWNkMjE1MDVlNzFkNTI5ODIwNTAz
NWQ3NWM5YjhjODU0MDA3NjliYmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMsrVV6jsBN67P4Te7GykN2QuEKB/yDUQ0b+XqOdrGo46nZoccIszBA6QhZK
B+amgqFz3b+9oPj1dOyHl8c5sDmYda+/WQ7eEiVtXbTQnGsTAyi3rzrmHJCHb8BA
6wScJs/dE2X6fwAUqWxr9f9nosQ0aqP33kwOg24oPzJTJqG4caoM0mlRg5vvunaY
puP4orZHXEqkwQuCJyWaGsE0l8dJUfm1lmRaJmbUdYqYVHdsdeFU566C79Vf4GEg
xdYjZooPyrI97TF4JkHPa/OUzgcZnDfHGEmnUDvA/AskAoLCmy7TOthq9pBCELps
2sDVJcJ1uS1XdH8mrB//272WBBMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTQ+wRa
WbnIXQX2dkShmHafR4o9tDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWI2OWIyMTYtNjBkNS00ZjU2LWIyYjgtMzQwMWYzMzFmMzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HpA
MA0GCSqGSIb3DQEBCwUAA4IBAQC+enV6huwFoQq8KRY0OW6FTrtxDkjY7k7lfhQt
13FOGqY4qd7oJFGvbReanuiuAeyiWKCl26tV4qdDFvKuDNIC0lCAJ0bWxk+lrI3/
rh8mI3zwvLf7tbT9CtoNYWbQGzk6Wu8Hhh8nNwfmWXcD9YLSQGpzSA4KkmqNusNt
UUkAp23aRBEXTCZfLfDuBTar8la1Y0ECzb+tpz4tG5VFRfREBSyD40YXR0aAWdB/
gu4TN2j9/MpQmJZU7VhBiLPEpTWT3LZ3kC67AW0CS4rd+5eOfNQTE1pqhYT3Sjtp
cZJeOq9cO529C6sqXnMEXoB7LFRW0QcuR8Fddcb//qeRdXR3
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org