Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fa621245-a4af-4257-a86f-6350f3d9095c.roa
File: fa621245-a4af-4257-a86f-6350f3d9095c.roa (raw, json)
Hash identifier: HN6oD9+4t2UIQIvlySCFOCkJDBe/fpVTVuaf1YDnFXc=
Subject key identifier: 16:7F:EB:4C:42:AF:9F:49:15:B8:0B:26:9F:B1:DE:26:85:49:E6:E6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 343453225C02DCE2EFB82FD00CD0EFE2BC9BF795
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fa621245-a4af-4257-a86f-6350f3d9095c.roa
Signing time: Mon 18 Sep 2023 00:00:00 +0000
ROA not before: Mon 18 Sep 2023 00:00:00 +0000
ROA not after: Mon 23 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 19 Sep 2023 14:22:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:34:53:22:5c:02:dc:e2:ef:b8:2f:d0:0c:d0:ef:e2:bc:9b:f7:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 18 00:00:00 2023 GMT
Not After : Oct 23 23:59:59 2023 GMT
Subject: serialNumber=ebac0f2531a27c8db25351a9a56ccd29974bc8a68352c6224517379143d0c299, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:43:8b:1b:d7:e1:24:ee:cf:80:ff:e8:ca:a7:
b7:f3:07:2c:2f:b6:93:fb:39:57:08:45:02:d9:0b:
97:15:57:9e:ac:c2:e0:70:ee:77:c1:ae:7f:1c:0c:
69:21:00:ca:3f:a4:eb:b8:82:fe:10:8d:25:3f:3d:
21:39:d2:bf:f3:62:d4:0f:34:32:ba:9b:3e:12:42:
f6:6a:fd:6c:f4:62:d7:ba:6d:dc:0f:1e:8b:de:da:
17:10:57:c1:4c:91:0c:1f:a5:ac:05:e1:16:78:1f:
19:a3:c5:8d:6b:fe:5d:fc:1f:2f:e6:de:4d:50:64:
26:47:8a:18:be:8c:45:15:3b:54:3e:59:e4:48:f8:
ef:3f:cd:29:fb:c6:a3:b8:5e:99:88:a8:39:cd:74:
7f:03:11:70:90:14:dd:ed:e5:be:52:87:87:07:9c:
25:4a:3c:2a:e4:12:00:51:f4:9f:53:e4:56:11:78:
bf:4e:11:b6:1d:5c:73:cf:34:02:1a:94:61:c9:05:
be:a5:db:6e:ed:21:75:51:95:3c:9d:43:1a:67:ec:
62:69:39:4e:b7:bd:d9:18:30:96:ca:76:38:87:1d:
3d:b6:7a:38:fa:ee:9e:12:0d:1b:50:6c:36:98:40:
55:89:b2:eb:32:fb:b6:6a:19:78:fb:05:c6:c4:d0:
f5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:7F:EB:4C:42:AF:9F:49:15:B8:0B:26:9F:B1:DE:26:85:49:E6:E6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fa621245-a4af-4257-a86f-6350f3d9095c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d::/36
Signature Algorithm: sha256WithRSAEncryption
ad:45:a5:f0:08:64:cb:07:6b:76:43:9b:5f:18:33:7b:88:cc:
bf:bc:b0:31:9e:af:10:41:13:7a:2f:43:bd:4f:00:59:44:b5:
1e:34:07:2e:72:19:2a:3a:17:d9:86:fb:86:4d:15:ac:b4:ba:
8d:58:e0:bb:93:86:e5:2d:64:82:98:c3:0c:b6:1e:aa:74:c7:
00:00:eb:3c:16:41:2a:a2:8f:3b:98:28:f7:e9:93:e8:69:72:
c7:6a:99:d8:52:35:04:8c:69:d2:75:e3:ef:e4:2e:90:05:23:
42:2d:53:be:57:66:9e:53:00:bc:aa:ff:13:00:dc:b1:6a:12:
ac:f3:77:eb:5d:24:c6:2a:2b:ec:9f:d3:ad:30:51:0d:11:09:
25:cd:6f:6a:95:d3:66:f2:80:16:9d:77:2b:eb:a5:9c:38:8d:
d0:d0:6f:9e:4d:7a:e0:9b:82:8f:52:1c:02:54:30:b2:ef:cb:
a8:f3:45:8d:71:63:63:4e:bb:a7:45:71:b1:36:eb:96:b0:a1:
77:c8:78:6c:c0:22:72:1e:da:26:43:4a:12:8e:be:29:f6:eb:
19:ac:98:5f:54:36:80:51:6f:fc:64:c3:a2:ec:2e:65:b0:da:
4d:56:af:d6:ab:16:0b:23:b1:93:ab:d5:df:a0:d8:d4:27:a1:
b5:78:cc:b0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNDRTIlwC3OLvuC/QDNDv4ryb95UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTgwMDAwMDBaFw0yMzEwMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGViYWMwZjI1MzFhMjdjOGRiMjUzNTFhOWE1NmNjZDI5OTc0YmM4YTY4MzUy
YzYyMjQ1MTczNzkxNDNkMGMyOTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRDixvX4STuz4D/6Mqnt/MHLC+2k/s5VwhFAtkLlxVXnqzC4HDud8GufxwM
aSEAyj+k67iC/hCNJT89ITnSv/Ni1A80MrqbPhJC9mr9bPRi17pt3A8ei97aFxBX
wUyRDB+lrAXhFngfGaPFjWv+XfwfL+beTVBkJkeKGL6MRRU7VD5Z5Ej47z/NKfvG
o7hemYioOc10fwMRcJAU3e3lvlKHhwecJUo8KuQSAFH0n1PkVhF4v04Rth1cc880
AhqUYckFvqXbbu0hdVGVPJ1DGmfsYmk5Tre92Rgwlsp2OIcdPbZ6OPrunhING1Bs
NphAVYmy6zL7tmoZePsFxsTQ9dUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQWf+tM
Qq+fSRW4Cyafsd4mhUnm5jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmE2MjEyNDUtYTRhZi00MjU3LWE4NmYtNjM1MGYzZDkwOTVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0B0A
MA0GCSqGSIb3DQEBCwUAA4IBAQCtRaXwCGTLB2t2Q5tfGDN7iMy/vLAxnq8QQRN6
L0O9TwBZRLUeNAcuchkqOhfZhvuGTRWstLqNWOC7k4blLWSCmMMMth6qdMcAAOs8
FkEqoo87mCj36ZPoaXLHapnYUjUEjGnSdePv5C6QBSNCLVO+V2aeUwC8qv8TANyx
ahKs83frXSTGKivsn9OtMFENEQklzW9qldNm8oAWnXcr66WcOI3Q0G+eTXrgm4KP
UhwCVDCy78uo80WNcWNjTrunRXGxNuuWsKF3yHhswCJyHtomQ0oSjr4p9usZrJhf
VDaAUW/8ZMOi7C5lsNpNVq/WqxYLI7GTq9XfoNjUJ6G1eMyw
-----END CERTIFICATE-----
Generated at Mon Sep 18 15:40:40 2023 by rpki-client on console-ams.rpki-client.org