Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc880146-7b38-40c6-b452-8f8d46b57e17.roa
File: fc880146-7b38-40c6-b452-8f8d46b57e17.roa (raw, json)
Hash identifier: hkyasYKWguoH0xcfZL0lOIRvKtmVf47Iz9cJjh8WnAM=
Subject key identifier: A7:A1:5A:C2:09:E1:E9:25:10:01:47:7F:95:A6:20:BB:04:01:53:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 773EA71A77A2E39495A0A5AFE3FB75A37BCD937B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc880146-7b38-40c6-b452-8f8d46b57e17.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:3e:a7:1a:77:a2:e3:94:95:a0:a5:af:e3:fb:75:a3:7b:cd:93:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=411f0d083618f4ff7d994d34d7328c6502330d8049e4ab81ff1a41247a5707a4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ef:a9:ec:d2:06:60:e2:fd:cd:a3:84:5b:83:
dd:30:2c:b9:76:c5:be:9d:6f:1b:19:74:4e:88:fb:
88:5b:b3:4c:81:55:75:06:6d:46:64:51:b0:6f:35:
c2:a9:d3:6b:b0:01:f2:dc:88:22:50:69:91:5d:25:
77:3c:99:56:7f:e6:cc:81:ce:ef:d8:e4:92:62:32:
80:ba:6d:76:bf:36:54:74:e1:04:ae:89:32:e7:d9:
11:16:8d:17:cb:9e:31:77:ba:de:e0:ce:5f:3d:14:
b0:eb:f6:49:94:27:99:47:70:7a:b7:a0:9d:6d:38:
39:66:a0:70:21:e0:56:5f:91:8d:46:de:2c:1d:7f:
22:71:2a:2b:84:f5:ce:19:32:e9:69:d7:27:93:c7:
10:6e:68:f5:2a:57:54:3d:f6:5a:6c:38:1d:85:8c:
b0:53:57:fb:3f:3d:26:e4:e8:ad:f1:b6:80:40:85:
4e:3d:cc:81:a0:e6:fa:a9:78:3c:6d:a4:1e:fd:31:
d2:7b:ef:85:f2:43:cb:63:5f:60:7c:ca:18:49:13:
81:5b:01:3e:4b:35:ea:3e:ad:f9:a2:a0:bc:4f:9a:
4a:84:22:50:6b:81:a8:45:9d:c5:d8:db:b5:26:bc:
7e:68:2e:af:be:9f:7a:fc:c4:15:bc:be:97:61:40:
69:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:A1:5A:C2:09:E1:E9:25:10:01:47:7F:95:A6:20:BB:04:01:53:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc880146-7b38-40c6-b452-8f8d46b57e17.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c:2000::/40
Signature Algorithm: sha256WithRSAEncryption
45:27:2f:cb:c5:f3:74:34:7a:3d:19:99:fd:75:9e:af:3a:4d:
42:0d:6f:33:c8:2d:55:90:39:44:50:03:8d:35:fe:0b:0a:ae:
cc:46:49:44:8f:6f:45:26:d9:a3:52:52:8b:41:e1:d8:ba:cf:
cb:a9:77:53:09:85:01:14:fd:8b:75:ef:6e:a2:fc:2e:32:d5:
f4:62:1c:84:dc:58:1b:e7:8c:b8:62:9f:c0:f0:f8:6a:64:06:
5f:23:71:11:3d:6f:31:63:4c:cc:4e:7a:77:73:36:1b:7d:c9:
b1:89:bd:b8:08:04:c6:6b:73:38:80:a7:e9:22:a7:db:a8:ea:
6d:6d:94:61:8f:c2:23:3b:c6:3c:1c:4c:f6:c4:93:5f:03:d9:
cf:d7:ca:2c:82:e0:60:ad:26:22:17:13:72:ba:c0:a6:9b:11:
36:28:4c:b1:58:78:17:58:81:a6:87:58:a7:dc:d3:fe:f6:22:
b5:4e:dc:36:56:0a:89:4b:b7:ed:c5:9c:f9:21:2e:ba:90:dc:
e9:ff:a0:77:9e:da:27:64:4f:8c:f3:3d:c8:ac:9b:a5:3f:f4:
09:45:c4:6f:91:aa:8c:f9:03:bd:1f:d7:4b:9d:80:2b:2f:50:
bb:9d:66:98:6c:21:58:57:d3:d7:a0:d9:3b:49:ce:b5:b5:a6:
1d:32:09:c6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdz6nGnei45SVoKWv4/t1o3vNk3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxMWYwZDA4MzYxOGY0ZmY3ZDk5NGQzNGQ3MzI4YzY1MDIzMzBkODA0OWU0
YWI4MWZmMWE0MTI0N2E1NzA3YTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJPvqezSBmDi/c2jhFuD3TAsuXbFvp1vGxl0Toj7iFuzTIFVdQZtRmRRsG81
wqnTa7AB8tyIIlBpkV0ldzyZVn/mzIHO79jkkmIygLptdr82VHThBK6JMufZERaN
F8ueMXe63uDOXz0UsOv2SZQnmUdweregnW04OWagcCHgVl+RjUbeLB1/InEqK4T1
zhky6WnXJ5PHEG5o9SpXVD32Wmw4HYWMsFNX+z89JuTorfG2gECFTj3MgaDm+ql4
PG2kHv0x0nvvhfJDy2NfYHzKGEkTgVsBPks16j6t+aKgvE+aSoQiUGuBqEWdxdjb
tSa8fmgur76fevzEFby+l2FAaWUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSnoVrC
CeHpJRABR3+VpiC7BAFT7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmM4ODAxNDYtN2IzOC00MGM2LWI0NTItOGY4ZDQ2YjU3ZTE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hwg
MA0GCSqGSIb3DQEBCwUAA4IBAQBFJy/LxfN0NHo9GZn9dZ6vOk1CDW8zyC1VkDlE
UAONNf4LCq7MRklEj29FJtmjUlKLQeHYus/LqXdTCYUBFP2Lde9uovwuMtX0YhyE
3Fgb54y4Yp/A8PhqZAZfI3ERPW8xY0zMTnp3czYbfcmxib24CATGa3M4gKfpIqfb
qOptbZRhj8IjO8Y8HEz2xJNfA9nP18osguBgrSYiFxNyusCmmxE2KEyxWHgXWIGm
h1in3NP+9iK1Ttw2VgqJS7ftxZz5IS66kNzp/6B3ntonZE+M8z3IrJulP/QJRcRv
kaqM+QO9H9dLnYArL1C7nWaYbCFYV9PXoNk7Sc61taYdMgnG
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:32:02 2023 by rpki-client on console-fra.rpki-client.org