Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/049fd671-de95-4496-9712-c56affcb2b27.roa
File: 049fd671-de95-4496-9712-c56affcb2b27.roa (raw, json)
Hash identifier: xVuCunqR+GcbQrZmkswePRqzVsBu9OjmzVLB+bn18CI=
Subject key identifier: 04:04:B8:79:75:4C:A6:A3:BA:98:0E:F4:9A:54:74:A7:CA:50:9D:A8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5AEF8C8C72FD6A68CCCCDEF2F40ABF2832093263
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/049fd671-de95-4496-9712-c56affcb2b27.roa
Signing time: Tue 15 Apr 2025 15:01:34 +0000
ROA not before: Tue 15 Apr 2025 15:01:34 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.24.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:ef:8c:8c:72:fd:6a:68:cc:cc:de:f2:f4:0a:bf:28:32:09:32:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:01:34 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=bc17eaa14056dfe4ff0fbda2a25063700a30c2cfa176f8f469909d0af7f54a61, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:39:e9:fb:92:80:64:82:2c:57:19:76:ad:0d:
f3:2a:54:77:d5:d5:3c:dc:61:e5:10:d8:94:c4:82:
d0:d7:88:0b:1a:7d:51:9f:9f:02:68:c1:39:5a:71:
af:70:a9:c5:6c:7e:14:26:a6:f5:11:3e:8c:b4:4a:
52:50:dc:ef:53:77:ef:0a:7b:f2:a2:62:58:e2:35:
a2:d0:09:55:12:4a:f3:a7:e2:b5:f2:f6:40:c2:43:
42:2c:5d:7c:57:fc:00:b9:bc:16:6b:f3:78:f3:b0:
17:97:3a:b3:40:7d:85:12:95:9d:1b:ad:95:5f:9a:
0b:2f:ba:07:6d:46:74:6c:21:32:72:24:58:29:23:
68:74:8a:e9:89:9d:29:d1:39:b6:76:d0:4b:33:ee:
23:87:78:b4:41:79:f9:ba:e2:5b:76:e5:cb:a9:50:
a2:a5:6b:4c:4f:37:89:32:fc:dd:e0:fe:48:7e:c6:
90:8b:8d:21:36:57:e1:87:6a:a0:3f:30:cb:fe:58:
1c:78:de:95:75:27:0b:a0:5a:b4:15:7e:b2:0d:d5:
f0:f1:60:3b:fc:04:79:80:65:a2:3b:ee:55:79:34:
78:cc:97:b9:45:87:75:19:59:a2:b3:82:a7:3b:34:
b7:67:25:2e:02:79:3f:e5:fd:14:94:81:d4:80:7f:
fa:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:04:B8:79:75:4C:A6:A3:BA:98:0E:F4:9A:54:74:A7:CA:50:9D:A8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/049fd671-de95-4496-9712-c56affcb2b27.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.24.0/21
Signature Algorithm: sha256WithRSAEncryption
63:75:e8:cc:1b:a3:0f:0e:c6:73:3c:e1:d1:4e:c2:89:11:49:
eb:65:dc:9e:05:32:55:bb:96:dc:75:6c:15:4c:d1:54:3b:1a:
95:80:72:5d:70:17:0d:e0:45:c6:26:8c:4b:ae:a3:10:a0:5a:
81:dc:a2:e7:54:b7:d0:73:e9:e2:3f:a6:69:65:ae:c2:42:20:
03:84:8c:95:44:a9:a6:f1:92:32:00:d8:0b:57:e8:32:dc:19:
ca:38:dd:d1:52:ba:d5:ab:ca:84:ea:6f:6a:e6:78:36:2d:5a:
a5:36:cc:6d:3f:87:01:af:d0:c2:30:cf:be:70:75:2b:58:f3:
8a:85:14:56:a7:07:8b:c5:34:4e:04:1e:19:fc:71:d9:dd:30:
44:72:10:49:e4:19:f5:d1:52:1f:b3:4b:8f:69:b6:b2:01:b9:
8d:74:54:5a:85:82:09:34:f0:21:e9:04:91:7d:45:23:6b:96:
7c:0d:5a:d7:24:74:8e:2d:c9:d2:f6:57:45:5e:96:a2:c6:ba:
01:66:17:24:09:0a:62:cd:57:b3:54:e9:12:0d:9d:a9:51:bc:
f4:f7:6b:de:81:ad:e9:34:06:e1:ed:2e:da:b4:5e:ef:9c:7d:
3c:88:71:e7:0c:a9:9b:f7:ee:ed:6c:68:83:81:ae:14:3e:c9:
3c:dc:c0:2d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWu+MjHL9amjMzN7y9Aq/KDIJMmMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAxMzRaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjMTdlYWExNDA1NmRmZTRmZjBmYmRhMmEyNTA2MzcwMGEzMGMyY2ZhMTc2
ZjhmNDY5OTA5ZDBhZjdmNTRhNjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALM56fuSgGSCLFcZdq0N8ypUd9XVPNxh5RDYlMSC0NeICxp9UZ+fAmjBOVpx
r3CpxWx+FCam9RE+jLRKUlDc71N37wp78qJiWOI1otAJVRJK86fitfL2QMJDQixd
fFf8ALm8FmvzePOwF5c6s0B9hRKVnRutlV+aCy+6B21GdGwhMnIkWCkjaHSK6Ymd
KdE5tnbQSzPuI4d4tEF5+briW3bly6lQoqVrTE83iTL83eD+SH7GkIuNITZX4Ydq
oD8wy/5YHHjelXUnC6BatBV+sg3V8PFgO/wEeYBlojvuVXk0eMyXuUWHdRlZorOC
pzs0t2clLgJ5P+X9FJSB1IB/+tECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQEBLh5
dUymo7qYDvSaVHSnylCdqDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQ5ZmQ2NzEtZGU5NS00NDk2LTk3MTItYzU2YWZmY2IyYjI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AiGDAN
BgkqhkiG9w0BAQsFAAOCAQEAY3XozBujDw7Gczzh0U7CiRFJ62XcngUyVbuW3HVs
FUzRVDsalYByXXAXDeBFxiaMS66jEKBagdyi51S30HPp4j+maWWuwkIgA4SMlUSp
pvGSMgDYC1foMtwZyjjd0VK61avKhOpvauZ4Ni1apTbMbT+HAa/QwjDPvnB1K1jz
ioUUVqcHi8U0TgQeGfxx2d0wRHIQSeQZ9dFSH7NLj2m2sgG5jXRUWoWCCTTwIekE
kX1FI2uWfA1a1yR0ji3J0vZXRV6Wosa6AWYXJAkKYs1Xs1TpEg2dqVG89Pdr3oGt
6TQG4e0u2rRe75x9PIhx5wypm/fu7Wxog4GuFD7JPNzALQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:13 2025 by rpki-client