Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f97778b4-85b1-4580-ac38-a4872d19261b.roa
File: f97778b4-85b1-4580-ac38-a4872d19261b.roa (raw, json)
Hash identifier: uERpBixfM0v8lE+hXyib3/mjJRtTzAy37PBj5yJBljI=
Subject key identifier: BC:CD:7F:8E:EB:8E:B9:0A:79:86:CB:89:AB:8A:0F:8E:95:B4:DE:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D299B591D0AF518580219C8CF5B8AC149B918CB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f97778b4-85b1-4580-ac38-a4872d19261b.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:29:9b:59:1d:0a:f5:18:58:02:19:c8:cf:5b:8a:c1:49:b9:18:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=47231ac75f21e7df28127ccdbf94f2f0340f7f38c076388634c9c734ffff1e6e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f2:74:7c:dd:36:87:7a:22:d8:de:b0:5b:69:
5d:fc:53:46:87:ab:44:da:f3:b3:3d:27:d3:0d:4a:
78:b5:77:1d:ce:bc:61:18:ef:a4:5a:93:6e:50:22:
6f:c5:2c:0f:77:9b:26:6c:a0:4d:79:e7:df:17:82:
5b:d0:4c:4b:a4:ba:57:ae:ab:0d:0a:91:02:0b:e5:
7c:6b:29:12:9b:71:96:7a:21:b4:38:3b:85:e2:44:
97:8e:be:57:96:a7:c8:34:c8:93:d2:26:4d:d4:6e:
34:e8:96:a5:8e:6d:c7:10:c2:b2:e7:26:63:71:9d:
e1:0a:4a:13:0b:0d:a0:f1:67:94:d1:ba:c6:e1:96:
34:9c:98:61:43:e3:52:d4:11:9d:b9:ef:a4:56:2d:
23:31:ba:ca:bd:8d:7d:69:0e:e4:8d:08:28:3a:50:
80:69:a9:dd:c5:70:fc:50:93:53:ed:13:28:f8:ce:
18:58:d9:a7:6e:07:58:6b:29:fa:fc:9d:92:cf:00:
52:64:5c:18:cd:ed:10:49:00:9e:d6:37:37:7d:3e:
6b:72:fb:cd:99:af:ea:46:1d:11:f2:e0:1a:93:71:
2f:9e:60:e6:5f:d9:09:a1:47:1b:8b:d6:51:10:18:
9d:43:eb:ed:ad:9e:47:af:da:ba:b4:bb:a7:ec:96:
1d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:CD:7F:8E:EB:8E:B9:0A:79:86:CB:89:AB:8A:0F:8E:95:B4:DE:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f97778b4-85b1-4580-ac38-a4872d19261b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:5000::/40
Signature Algorithm: sha256WithRSAEncryption
1b:18:6a:fa:1f:ed:2b:39:87:fe:c2:99:36:b5:9d:89:80:2f:
7b:5c:7a:1b:39:21:33:67:6d:20:3a:52:df:ff:65:26:d1:9f:
9d:8c:40:14:bf:60:73:42:67:db:54:aa:2e:ea:e3:0c:38:59:
47:19:24:08:7a:f4:e8:c6:f3:f0:ba:be:8f:8b:3c:32:3b:36:
73:de:8c:f5:42:af:a0:1f:1d:5e:74:f3:b2:89:e2:18:4a:f9:
e9:c3:c5:66:7d:86:fc:64:0c:a9:1d:fc:f9:ba:11:03:c4:de:
6a:21:a4:b7:9b:77:c8:6e:e0:c9:b4:28:4a:d1:58:08:ab:53:
4d:55:f5:6e:65:aa:58:57:3b:5b:71:7b:90:cc:9d:31:0b:f9:
76:63:17:5d:95:b7:f8:9c:9b:7b:56:8f:83:0d:56:5d:a4:e1:
6a:b8:32:e1:73:f7:99:8a:26:b7:7a:ab:33:a3:22:81:63:27:
9d:4a:06:ec:b6:ab:cd:72:7d:6a:e3:f2:74:36:c9:d4:4b:76:
1a:10:21:dd:af:7e:d3:d6:a7:d3:84:49:b7:a9:6e:61:22:78:
42:b5:60:15:dc:4f:46:c1:1a:89:3e:83:8e:cd:e5:b1:26:06:
2f:e6:20:9d:d7:34:26:80:01:d2:e3:0b:78:eb:21:d8:e3:e6:
46:32:ba:a3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHSmbWR0K9RhYAhnIz1uKwUm5GMswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3MjMxYWM3NWYyMWU3ZGYyODEyN2NjZGJmOTRmMmYwMzQwZjdmMzhjMDc2
Mzg4NjM0YzljNzM0ZmZmZjFlNmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI/ydHzdNod6ItjesFtpXfxTRoerRNrzsz0n0w1KeLV3Hc68YRjvpFqTblAi
b8UsD3ebJmygTXnn3xeCW9BMS6S6V66rDQqRAgvlfGspEptxlnohtDg7heJEl46+
V5anyDTIk9ImTdRuNOiWpY5txxDCsucmY3Gd4QpKEwsNoPFnlNG6xuGWNJyYYUPj
UtQRnbnvpFYtIzG6yr2NfWkO5I0IKDpQgGmp3cVw/FCTU+0TKPjOGFjZp24HWGsp
+vydks8AUmRcGM3tEEkAntY3N30+a3L7zZmv6kYdEfLgGpNxL55g5l/ZCaFHG4vW
URAYnUPr7a2eR6/aurS7p+yWHY8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS8zX+O
6465CnmGy4mrig+OlbTeKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Zjk3Nzc4YjQtODViMS00NTgwLWFjMzgtYTQ4NzJkMTkyNjFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAbGGr6H+0rOYf+wpk2tZ2JgC97XHobOSEzZ20g
OlLf/2Um0Z+djEAUv2BzQmfbVKou6uMMOFlHGSQIevToxvPwur6PizwyOzZz3oz1
Qq+gHx1edPOyieIYSvnpw8VmfYb8ZAypHfz5uhEDxN5qIaS3m3fIbuDJtChK0VgI
q1NNVfVuZapYVztbcXuQzJ0xC/l2Yxddlbf4nJt7Vo+DDVZdpOFquDLhc/eZiia3
eqszoyKBYyedSgbstqvNcn1q4/J0NsnUS3YaECHdr37T1qfThEm3qW5hInhCtWAV
3E9GwRqJPoOOzeWxJgYv5iCd1zQmgAHS4wt46yHY4+ZGMrqj
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:27 2023 by rpki-client on console-ams.rpki-client.org