Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01bbf67c-f7ae-457c-80b3-728a951b236a.roa
File: 01bbf67c-f7ae-457c-80b3-728a951b236a.roa (raw, json)
Hash identifier: cZN7w5/q/0QBRZzRC5SKwxszA5z3ik5taTOfAuidXyY=
Subject key identifier: E7:C5:A9:37:90:A2:28:CA:F0:E6:BE:68:30:AF:19:52:E0:32:0F:6D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37C131539ACFB2B0E9390C5703C5D47D921FACB0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01bbf67c-f7ae-457c-80b3-728a951b236a.roa
Signing time: Mon 14 Apr 2025 17:30:52 +0000
ROA not before: Mon 14 Apr 2025 17:30:52 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:c1:31:53:9a:cf:b2:b0:e9:39:0c:57:03:c5:d4:7d:92:1f:ac:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:52 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=3a219c8e23b66953793517e1ed1ebb3a3338675ed06a0faa811a8ec345008c1e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:4c:19:43:e1:cf:90:b7:1c:9a:f7:57:84:e1:
ba:20:48:db:6e:ee:8c:d2:bc:b2:a3:28:24:b8:69:
e9:e3:63:99:0b:bf:31:1a:07:2c:ce:e7:98:35:39:
1c:39:57:f5:4f:b7:1a:49:0d:7c:cd:1d:ce:c8:87:
be:19:01:e9:5c:5e:30:94:48:f2:5b:09:b4:bf:1f:
4c:07:f2:ec:ad:b7:bd:31:bf:1e:46:a0:85:90:45:
21:da:c0:45:f1:f7:0c:bc:5b:8c:dc:e7:08:fa:c6:
84:3d:6d:46:3c:7a:c3:81:c5:e7:c8:9d:b2:e4:63:
75:c6:7c:65:93:86:10:fc:8e:01:d8:6c:36:92:a6:
ad:f1:ba:ce:4c:70:e3:74:b9:36:25:85:2d:2a:9d:
c6:4a:ed:fe:95:f4:b2:0d:e3:8a:55:e7:c2:ec:d6:
7c:14:91:75:73:8e:e5:1e:d7:c1:ce:18:92:08:7e:
7e:b6:b1:dd:19:d4:ca:4c:ff:37:08:f4:94:cf:ab:
53:1d:ad:d4:9c:4d:cb:f7:80:45:e4:cb:94:7f:aa:
21:cf:9b:30:d2:c5:45:ef:a9:7e:6f:c9:c4:e4:ff:
3b:22:09:7f:5d:4a:b0:22:40:45:24:03:58:e5:82:
2c:0d:3c:63:40:91:de:43:81:8b:59:06:b4:91:6a:
d2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:C5:A9:37:90:A2:28:CA:F0:E6:BE:68:30:AF:19:52:E0:32:0F:6D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01bbf67c-f7ae-457c-80b3-728a951b236a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.128.0/18
Signature Algorithm: sha256WithRSAEncryption
5b:61:e3:59:17:e5:4d:e1:cd:6a:67:72:da:5b:08:12:01:fb:
a0:19:f9:2e:ef:a5:a7:12:ac:c0:50:7e:ed:4d:4a:76:ce:ff:
73:cb:d3:81:c8:41:ef:a1:29:90:1d:9d:d9:f4:23:a0:05:26:
65:e9:f5:7c:71:85:4f:18:5b:e7:0e:c5:30:3e:2c:92:ae:c0:
ac:c5:b2:3e:fe:ab:1d:94:37:bf:b4:2d:a9:c6:99:52:5e:f1:
d6:f2:30:fb:38:ef:f6:2c:07:0a:d4:e3:99:91:b7:03:12:db:
13:76:8a:c5:38:be:d9:65:e5:2a:d0:84:2e:f1:4e:39:a1:d6:
7a:43:19:b3:d8:e1:04:a6:1f:d2:d6:0b:44:7e:16:6c:4f:81:
8a:f8:07:7e:71:f5:83:0b:95:a6:f9:07:ac:d9:83:aa:81:4e:
bc:62:e0:11:c8:fc:71:a5:40:80:e3:80:23:fb:77:47:b6:db:
1b:51:f5:2f:2b:3b:35:33:13:64:0c:fd:0c:36:aa:5e:ae:78:
62:02:46:63:5d:b9:9b:d3:a1:f4:f9:1f:7e:d9:0a:fb:1d:2f:
39:d4:78:d4:52:9e:e2:6d:f6:87:da:6b:18:98:97:63:31:3d:
e9:47:1c:22:79:f4:34:d4:1f:d1:3f:f8:ef:7b:c1:d1:79:46:
a1:68:54:ab
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUN8ExU5rPsrDpOQxXA8XUfZIfrLAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwNTJaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhMjE5YzhlMjNiNjY5NTM3OTM1MTdlMWVkMWViYjNhMzMzODY3NWVkMDZh
MGZhYTgxMWE4ZWMzNDUwMDhjMWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI9MGUPhz5C3HJr3V4ThuiBI227ujNK8sqMoJLhp6eNjmQu/MRoHLM7nmDU5
HDlX9U+3GkkNfM0dzsiHvhkB6VxeMJRI8lsJtL8fTAfy7K23vTG/HkaghZBFIdrA
RfH3DLxbjNznCPrGhD1tRjx6w4HF58idsuRjdcZ8ZZOGEPyOAdhsNpKmrfG6zkxw
43S5NiWFLSqdxkrt/pX0sg3jilXnwuzWfBSRdXOO5R7Xwc4Ykgh+frax3RnUykz/
Nwj0lM+rUx2t1JxNy/eAReTLlH+qIc+bMNLFRe+pfm/JxOT/OyIJf11KsCJARSQD
WOWCLA08Y0CR3kOBi1kGtJFq0jUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTnxak3
kKIoyvDmvmgwrxlS4DIPbTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDFiYmY2N2MtZjdhZS00NTdjLTgwYjMtNzI4YTk1MWIyMzZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBi6JgDAN
BgkqhkiG9w0BAQsFAAOCAQEAW2HjWRflTeHNamdy2lsIEgH7oBn5Lu+lpxKswFB+
7U1Kds7/c8vTgchB76EpkB2d2fQjoAUmZen1fHGFTxhb5w7FMD4skq7ArMWyPv6r
HZQ3v7QtqcaZUl7x1vIw+zjv9iwHCtTjmZG3AxLbE3aKxTi+2WXlKtCELvFOOaHW
ekMZs9jhBKYf0tYLRH4WbE+BivgHfnH1gwuVpvkHrNmDqoFOvGLgEcj8caVAgOOA
I/t3R7bbG1H1Lys7NTMTZAz9DDaqXq54YgJGY125m9Oh9PkfftkK+x0vOdR41FKe
4m32h9prGJiXYzE96UccInn0NNQf0T/473vB0XlGoWhUqw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:38 2025 by rpki-client