Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ef4f5658-1df5-4b15-b458-c8609229af7f.roa
File: ef4f5658-1df5-4b15-b458-c8609229af7f.roa (raw, json)
Hash identifier: CeFnb4/9I1dtjbqRvlcC88dCmK5QyhIkVQZl2vumv1k=
Subject key identifier: 5B:02:FC:4F:6A:E7:EB:7E:5C:C6:22:B0:9D:FB:1D:67:3E:47:9D:B0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 250D33DD6FE82780AB73CDD5DCCACD3AF006FA6B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ef4f5658-1df5-4b15-b458-c8609229af7f.roa
Signing time: Sat 09 Sep 2023 00:00:00 +0000
ROA not before: Sat 09 Sep 2023 00:00:00 +0000
ROA not after: Sat 14 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:0d:33:dd:6f:e8:27:80:ab:73:cd:d5:dc:ca:cd:3a:f0:06:fa:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 9 00:00:00 2023 GMT
Not After : Oct 14 23:59:59 2023 GMT
Subject: serialNumber=285955a93caa6437f926c34c4a690b623eea03b213da328bae761b17b2470469, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:30:74:6b:5b:9a:1f:74:53:3a:11:88:17:36:
93:7d:74:72:ae:ff:0d:e2:b5:ce:40:19:5c:ce:40:
e7:eb:6c:b2:d9:b0:b5:a2:7b:bb:ee:d9:01:38:b8:
1c:62:22:de:a3:86:1b:08:e8:ee:47:8b:44:33:f6:
26:7d:c5:11:a6:da:41:09:2f:d7:99:37:7e:f8:e0:
0a:f5:48:9a:96:fd:21:e3:73:b8:c6:79:59:2b:d0:
f9:73:0d:f3:ff:27:cc:df:8e:06:1d:a0:90:e0:6b:
33:de:fa:ee:09:ba:34:04:e9:0e:25:6e:1d:f6:bf:
1a:8c:8b:40:a5:c5:15:4f:9f:17:07:b5:a5:a2:d7:
f4:60:2e:92:56:6c:e8:5e:17:b5:8f:c7:a9:ed:25:
38:f2:fe:46:25:0f:f7:a5:8d:a1:17:dc:4a:50:ee:
14:37:d6:28:fc:78:19:eb:94:3b:f3:93:45:43:1c:
88:57:bf:8d:55:5e:09:25:26:1c:64:bf:57:bf:45:
e7:6d:c6:b6:66:0d:f8:34:8f:37:bf:0a:4f:43:76:
43:fa:cf:6c:a8:1f:4b:26:ef:2a:21:47:df:1a:84:
84:6e:34:ec:a9:18:b2:5b:88:6a:52:db:cc:17:25:
cc:22:d3:1f:69:98:0f:46:9a:2a:59:42:b2:be:0d:
1b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:02:FC:4F:6A:E7:EB:7E:5C:C6:22:B0:9D:FB:1D:67:3E:47:9D:B0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ef4f5658-1df5-4b15-b458-c8609229af7f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:5000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:7e:6b:0e:ae:a6:a3:ef:da:0d:0f:3b:3e:b4:e3:0c:1f:a0:
7a:fb:ea:04:15:8b:e0:7e:aa:cd:dd:05:58:e6:22:f5:c2:7e:
73:b9:e7:12:53:c8:ca:95:0b:05:23:c7:0f:af:e3:c5:70:95:
8e:e2:c0:4c:7e:e9:ed:75:55:7d:d5:87:15:ef:30:64:e2:b8:
f0:74:c8:ab:13:4a:e0:db:99:44:e8:6a:ee:b8:ae:c0:02:e4:
81:b4:e7:f2:f8:8d:08:cb:ca:b1:17:99:b7:78:46:6c:51:50:
90:de:3a:e3:36:ef:ba:f4:e9:e9:64:40:78:ae:6d:ec:d4:7a:
7c:a8:70:c6:27:ce:ec:ce:c1:ce:61:3e:c4:cd:d9:c0:f1:36:
28:5d:09:84:c4:02:d8:ac:21:ff:d2:29:76:eb:3d:2d:7b:50:
35:3c:ce:be:81:7d:8b:88:88:72:46:2e:b0:0f:b0:0d:38:0f:
ba:56:a6:4d:b7:5b:3d:32:9c:63:57:d2:0b:b4:85:66:90:d4:
f7:4a:32:fc:a6:0c:dd:29:a5:82:3e:a6:18:08:70:79:d2:c3:
b5:f0:69:a3:bc:d4:c2:52:95:35:c0:c5:5f:c2:12:92:1b:2c:
e5:17:00:75:cf:f0:ef:2c:3c:91:c9:e8:bc:5d:26:0f:10:20:
95:f6:21:b9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJQ0z3W/oJ4Crc83V3MrNOvAG+mswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MDkwMDAwMDBaFw0yMzEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4NTk1NWE5M2NhYTY0MzdmOTI2YzM0YzRhNjkwYjYyM2VlYTAzYjIxM2Rh
MzI4YmFlNzYxYjE3YjI0NzA0NjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgwdGtbmh90UzoRiBc2k310cq7/DeK1zkAZXM5A5+tsstmwtaJ7u+7ZATi4
HGIi3qOGGwjo7keLRDP2Jn3FEabaQQkv15k3fvjgCvVImpb9IeNzuMZ5WSvQ+XMN
8/8nzN+OBh2gkOBrM9767gm6NATpDiVuHfa/GoyLQKXFFU+fFwe1paLX9GAuklZs
6F4XtY/Hqe0lOPL+RiUP96WNoRfcSlDuFDfWKPx4GeuUO/OTRUMciFe/jVVeCSUm
HGS/V79F523GtmYN+DSPN78KT0N2Q/rPbKgfSybvKiFH3xqEhG407KkYsluIalLb
zBclzCLTH2mYD0aaKllCsr4NG3kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRbAvxP
aufrflzGIrCd+x1nPkedsDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWY0ZjU2NTgtMWRmNS00YjE1LWI0NTgtYzg2MDkyMjlhZjdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDBfmsOrqaj79oNDzs+tOMMH6B6++oEFYvgfqrN
3QVY5iL1wn5zuecSU8jKlQsFI8cPr+PFcJWO4sBMfuntdVV91YcV7zBk4rjwdMir
E0rg25lE6GruuK7AAuSBtOfy+I0Iy8qxF5m3eEZsUVCQ3jrjNu+69OnpZEB4rm3s
1Hp8qHDGJ87szsHOYT7EzdnA8TYoXQmExALYrCH/0il26z0te1A1PM6+gX2LiIhy
Ri6wD7ANOA+6VqZNt1s9MpxjV9ILtIVmkNT3SjL8pgzdKaWCPqYYCHB50sO18Gmj
vNTCUpU1wMVfwhKSGyzlFwB1z/DvLDyRyei8XSYPECCV9iG5
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org