Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f25924f8-f3da-4eb4-b047-fdbfbc8e41e9.roa
File: f25924f8-f3da-4eb4-b047-fdbfbc8e41e9.roa (raw, json)
Hash identifier: D+35HgLquo5JCtRdDKRq4pA80l8oYIm33dJfvPKOcyU=
Subject key identifier: 22:99:47:B2:0C:39:F5:F0:E7:F8:29:D0:5C:E1:DF:75:45:40:C0:C5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3303F8E2F3F57365FCFEF3F343F23FECCF2E5FA5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f25924f8-f3da-4eb4-b047-fdbfbc8e41e9.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:03:f8:e2:f3:f5:73:65:fc:fe:f3:f3:43:f2:3f:ec:cf:2e:5f:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=dda71b4824974e6ed5e2deecef275e67cbb355e7f0972576268748d46ac90c58, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:90:9b:f1:46:bd:d3:0f:d2:2c:de:b9:de:b6:
a3:1f:68:52:8b:21:be:10:93:0c:89:5d:35:0b:7d:
49:86:88:32:65:4b:fb:a1:b9:bf:ee:f5:a0:f7:6f:
d1:a7:14:a2:25:5c:3e:02:51:94:d5:46:f3:cf:64:
0d:cf:7b:97:8b:96:17:51:8e:80:44:71:0e:87:25:
b2:ef:58:54:bc:a7:a1:15:7c:2a:b5:8a:e0:57:e8:
1b:79:17:3b:45:e2:bb:08:d8:78:60:82:26:27:fc:
36:9d:bf:ff:e6:97:bf:98:56:b4:37:7a:21:3b:1a:
72:70:8c:f8:a9:41:dc:37:df:3b:48:e0:a7:a5:89:
2b:77:53:eb:09:94:30:09:c2:0f:40:f4:20:82:90:
d3:2d:61:2c:6c:cf:1c:84:66:5d:85:9c:a4:f7:2f:
bf:ba:a7:6c:d3:e0:08:04:95:58:ee:a6:d0:1c:00:
fe:c0:88:1f:e3:7c:c4:4c:cf:1d:2c:3d:76:4c:57:
2f:6c:70:8f:32:3c:6b:6e:69:47:bd:8c:49:a3:54:
e1:f8:67:df:00:9a:03:81:47:90:92:1f:ae:dc:bf:
eb:d7:53:69:cf:1b:ca:5d:ef:ad:8e:bc:57:b6:62:
9d:6b:1b:51:6b:38:12:a5:51:1f:68:a2:2a:77:82:
ea:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:99:47:B2:0C:39:F5:F0:E7:F8:29:D0:5C:E1:DF:75:45:40:C0:C5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f25924f8-f3da-4eb4-b047-fdbfbc8e41e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:4000::/40
Signature Algorithm: sha256WithRSAEncryption
2d:16:63:78:f3:f1:66:de:6a:7d:8b:5f:87:c3:40:5d:d3:ba:
0e:e1:16:d7:b9:07:39:55:86:c0:cb:fd:0c:f2:0b:92:0a:27:
2c:4c:b6:e2:fa:a9:5b:bd:f8:7e:fa:f6:48:87:ae:63:c5:62:
86:da:09:7b:2f:e7:2a:eb:55:cd:69:09:d8:80:b0:39:35:f5:
4e:0c:05:6a:53:44:bf:31:33:5b:5a:0a:15:db:e7:2d:9a:ea:
e5:48:3c:72:2c:65:e5:f5:40:f1:6e:9d:ba:48:0d:d8:de:bd:
66:8d:69:f7:09:0e:46:cb:3a:54:d2:15:e0:a8:c9:2b:ef:6b:
fc:94:93:28:f0:0e:b1:5e:d3:33:4c:3b:98:71:6f:56:4e:ab:
08:67:86:5d:74:07:dc:aa:a6:8b:30:2c:ca:60:9c:02:ef:b4:
6b:1f:3e:6c:94:1f:84:47:18:de:c8:a4:b1:3c:d2:97:ab:ae:
cd:ef:8b:5a:99:af:54:f3:25:48:ae:53:ba:96:c9:99:a5:ee:
d5:1e:02:3d:82:1c:1f:cc:39:76:1f:93:15:56:dc:d3:32:6d:
a9:e0:8a:3f:8f:8d:4b:31:70:7d:10:85:c5:be:73:9c:13:64:
0f:e2:00:04:5b:e2:9c:93:df:45:fb:b7:1b:bd:7c:8e:ee:d1:
6c:17:9b:82
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMwP44vP1c2X8/vPzQ/I/7M8uX6UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkYTcxYjQ4MjQ5NzRlNmVkNWUyZGVlY2VmMjc1ZTY3Y2JiMzU1ZTdmMDk3
MjU3NjI2ODc0OGQ0NmFjOTBjNTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqQm/FGvdMP0izeud62ox9oUoshvhCTDIldNQt9SYaIMmVL+6G5v+71oPdv
0acUoiVcPgJRlNVG889kDc97l4uWF1GOgERxDoclsu9YVLynoRV8KrWK4FfoG3kX
O0XiuwjYeGCCJif8Np2//+aXv5hWtDd6ITsacnCM+KlB3DffO0jgp6WJK3dT6wmU
MAnCD0D0IIKQ0y1hLGzPHIRmXYWcpPcvv7qnbNPgCASVWO6m0BwA/sCIH+N8xEzP
HSw9dkxXL2xwjzI8a25pR72MSaNU4fhn3wCaA4FHkJIfrty/69dTac8byl3vrY68
V7ZinWsbUWs4EqVRH2iiKneC6mUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQimUey
DDn18Of4KdBc4d91RUDAxTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjI1OTI0ZjgtZjNkYS00ZWI0LWIwNDctZmRiZmJjOGU0MWU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HdA
MA0GCSqGSIb3DQEBCwUAA4IBAQAtFmN48/Fm3mp9i1+Hw0Bd07oO4RbXuQc5VYbA
y/0M8guSCicsTLbi+qlbvfh++vZIh65jxWKG2gl7L+cq61XNaQnYgLA5NfVODAVq
U0S/MTNbWgoV2+ctmurlSDxyLGXl9UDxbp26SA3Y3r1mjWn3CQ5GyzpU0hXgqMkr
72v8lJMo8A6xXtMzTDuYcW9WTqsIZ4ZddAfcqqaLMCzKYJwC77RrHz5slB+ERxje
yKSxPNKXq67N74tama9U8yVIrlO6lsmZpe7VHgI9ghwfzDl2H5MVVtzTMm2p4Io/
j41LMXB9EIXFvnOcE2QP4gAEW+Kck99F+7cbvXyO7tFsF5uC
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org