Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
File: 8ee7bd52-fc09-4c49-af31-341b51b405e0.roa (raw, json)
Hash identifier: lMRnUFfGwin1VpjH+jSZRVnI5EgoinLjf07lTB4IQds=
Subject key identifier: 31:31:E1:44:14:16:D8:8B:43:D8:48:D5:0B:C5:19:18:77:7F:26:6D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D668D644AE9FBAA75837E2E47294545E0F23205
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
Signing time: Tue 20 May 2025 20:41:05 +0000
ROA not before: Tue 20 May 2025 20:41:05 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.234.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:66:8d:64:4a:e9:fb:aa:75:83:7e:2e:47:29:45:45:e0:f2:32:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:41:05 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=0503878ea6e8903b5fdeba60c82ebad485345a43fe121046614d2bb02f5daa96, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:90:e6:c7:27:ce:13:79:2e:6a:7a:b5:13:4f:
6e:3b:ce:86:50:a2:81:79:43:ff:6d:fd:74:f1:8b:
10:dd:69:72:41:b1:60:12:05:f1:df:c1:cc:e8:0f:
ae:2b:1d:59:f4:f3:57:7a:20:04:42:51:0c:55:49:
35:12:c2:02:55:cb:58:6b:e1:63:48:54:19:e0:cd:
f2:36:b2:65:35:c3:d1:39:ba:86:87:9b:fe:4a:c7:
d4:8d:96:73:a7:e2:a4:8c:e9:70:3c:a1:b0:1d:d3:
0e:16:30:a5:58:eb:37:9b:bd:31:5f:6f:8d:ef:6f:
8b:d0:f9:99:2b:68:22:11:72:dd:1f:6c:7c:81:e5:
a2:12:00:bb:2b:df:67:f5:20:5a:0c:06:7c:92:03:
d2:53:ff:48:78:9a:38:f7:e4:07:d7:3a:70:ac:ca:
ce:a1:88:c2:da:47:a5:f0:ca:82:98:78:ab:37:aa:
51:3f:a2:ad:ae:e7:35:23:3d:db:66:a3:9e:e7:64:
52:94:c2:20:8f:fd:f0:30:9d:de:5c:f0:7f:20:b0:
fe:17:7a:23:0a:f2:8e:1a:38:fa:2f:e5:ef:f7:f4:
ad:73:5a:94:7d:7d:ac:10:63:92:54:b5:8f:10:54:
b8:1e:a6:4f:0c:6a:f4:9c:e1:06:ad:59:00:45:06:
2b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:31:E1:44:14:16:D8:8B:43:D8:48:D5:0B:C5:19:18:77:7F:26:6D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.234.0.0/15
Signature Algorithm: sha256WithRSAEncryption
34:e9:a2:bf:fa:36:f6:0a:38:01:6d:72:5c:03:b2:37:71:fe:
a6:5e:ad:ff:ea:b3:d0:13:96:1e:8c:32:e3:c0:e9:98:85:5d:
fc:d2:1b:20:39:f1:27:d0:6c:d7:1e:64:ef:96:93:a0:a2:4f:
a2:2c:bd:49:95:66:ac:30:fa:fc:32:c9:51:f5:6e:64:fe:6e:
94:6b:85:ee:c2:8a:14:64:35:b3:74:9e:b0:c5:75:f7:35:8d:
31:09:d7:7a:37:e2:fb:2d:b6:ec:c1:d3:5c:c1:b8:be:ee:61:
e5:1f:e9:7c:07:d8:41:c7:8a:be:40:cb:db:c3:56:5e:41:c2:
dc:b4:7a:4b:9c:e1:c2:57:48:09:35:ae:6d:22:8c:a3:28:3a:
48:e1:d5:49:86:18:9e:0e:a1:af:2e:9c:3b:86:7d:ff:9c:12:
90:69:d2:7e:8d:31:3b:5e:18:e1:6a:26:fb:e1:ac:fe:c8:ac:
97:a2:77:9a:19:30:c0:77:41:db:d6:14:f4:93:82:66:c8:df:
84:61:c1:20:ac:f2:51:2d:63:26:9d:40:aa:63:70:a5:62:02:
28:df:da:18:7b:08:f9:63:d9:77:00:e3:08:0c:49:7c:e4:28:
9b:85:01:a8:fb:18:84:2b:f5:ee:50:6e:4b:e4:e6:0d:27:0c:
30:3b:d3:63
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfWaNZErp+6p1g34uRylFReDyMgUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQxMDVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1MDM4NzhlYTZlODkwM2I1ZmRlYmE2MGM4MmViYWQ0ODUzNDVhNDNmZTEy
MTA0NjYxNGQyYmIwMmY1ZGFhOTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANKQ5scnzhN5Lmp6tRNPbjvOhlCigXlD/239dPGLEN1pckGxYBIF8d/BzOgP
risdWfTzV3ogBEJRDFVJNRLCAlXLWGvhY0hUGeDN8jayZTXD0Tm6hoeb/krH1I2W
c6fipIzpcDyhsB3TDhYwpVjrN5u9MV9vje9vi9D5mStoIhFy3R9sfIHlohIAuyvf
Z/UgWgwGfJID0lP/SHiaOPfkB9c6cKzKzqGIwtpHpfDKgph4qzeqUT+ira7nNSM9
22ajnudkUpTCII/98DCd3lzwfyCw/hd6Iwryjho4+i/l7/f0rXNalH19rBBjklS1
jxBUuB6mTwxq9JzhBq1ZAEUGKxMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQxMeFE
FBbYi0PYSNULxRkYd38mbTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGVlN2JkNTItZmMwOS00YzQ5LWFmMzEtMzQxYjUxYjQwNWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcLqMA0G
CSqGSIb3DQEBCwUAA4IBAQA06aK/+jb2CjgBbXJcA7I3cf6mXq3/6rPQE5YejDLj
wOmYhV380hsgOfEn0GzXHmTvlpOgok+iLL1JlWasMPr8MslR9W5k/m6Ua4XuwooU
ZDWzdJ6wxXX3NY0xCdd6N+L7LbbswdNcwbi+7mHlH+l8B9hBx4q+QMvbw1ZeQcLc
tHpLnOHCV0gJNa5tIoyjKDpI4dVJhhieDqGvLpw7hn3/nBKQadJ+jTE7Xhjhaib7
4az+yKyXoneaGTDAd0Hb1hT0k4JmyN+EYcEgrPJRLWMmnUCqY3ClYgIo39oYewj5
Y9l3AOMIDEl85CibhQGo+xiEK/XuUG5L5OYNJwwwO9Nj
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:16 2025 by rpki-client