Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d7cce47-064e-4ba2-aec5-2acc2ca04a59.roa
File: 0d7cce47-064e-4ba2-aec5-2acc2ca04a59.roa (raw, json)
Hash identifier: kOEC6UusTlq4ZzFA6ClP3yVRAvhgGmUVqyUYvL+P1ZU=
Subject key identifier: 37:98:D5:23:A9:D2:91:7A:8F:61:E9:30:5B:63:0D:5A:99:EC:1F:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F0E8BAD943790182A00C24B57E6F0068C1BB00E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d7cce47-064e-4ba2-aec5-2acc2ca04a59.roa
Signing time: Mon 21 Apr 2025 18:40:35 +0000
ROA not before: Mon 21 Apr 2025 18:40:35 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:0e:8b:ad:94:37:90:18:2a:00:c2:4b:57:e6:f0:06:8c:1b:b0:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:40:35 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=60d98a75e87a7e5207585d58d816c979b1620e97a51ae03904fe17c637d899dd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d5:ab:b1:9b:4d:64:63:1e:55:1e:b0:7b:5f:
1f:67:57:f5:bb:07:47:50:8f:d7:85:77:b8:15:14:
1e:a5:48:55:1d:81:13:25:93:b7:ec:77:84:24:b0:
af:34:ed:bd:ed:74:67:10:7a:8c:72:d4:a0:f6:13:
3f:30:73:38:45:0b:82:57:d9:32:e0:0d:d0:ca:72:
04:03:92:01:cd:4a:c8:11:49:a0:53:25:70:6e:f2:
e8:90:4f:55:c4:b8:da:b0:ee:c7:91:0e:d2:76:e5:
b6:34:b6:fe:ff:d1:24:19:fd:8c:6c:82:84:fe:10:
a3:2d:05:41:bc:b4:2c:b4:d6:b6:5d:c8:62:68:23:
57:52:4e:5c:38:02:fb:f3:cf:60:6b:ba:53:22:3b:
e1:d2:10:e1:a7:41:90:fa:1a:51:8f:6b:27:39:28:
9c:7a:dc:c1:07:15:0b:7a:9e:44:f2:4c:f3:bc:5c:
d6:8a:9f:8e:0a:04:2d:3e:25:ef:67:28:c8:a6:dd:
2a:dc:48:65:f0:24:22:91:fe:ab:22:60:23:ae:ef:
60:5c:d9:fc:50:c3:ee:e2:6b:7d:a3:93:69:2e:d6:
44:ed:1b:ca:44:f6:aa:c0:ac:84:44:3b:88:8e:b3:
97:02:67:69:e2:f8:3b:40:70:c0:79:ff:44:10:e4:
b1:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:98:D5:23:A9:D2:91:7A:8F:61:E9:30:5B:63:0D:5A:99:EC:1F:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d7cce47-064e-4ba2-aec5-2acc2ca04a59.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:800::/40
Signature Algorithm: sha256WithRSAEncryption
b6:d6:76:22:0e:a2:bc:4a:81:ee:19:79:7c:58:79:56:e3:0f:
08:9b:59:ed:30:81:93:49:52:f3:64:fb:c6:4e:26:dc:ab:43:
83:02:0f:8a:bf:1d:4d:5a:d4:09:64:7c:76:d4:59:43:03:7e:
00:d6:85:26:be:63:2c:c9:4e:72:b7:8d:25:ba:a9:d0:8f:59:
35:82:91:e3:21:5e:ad:07:db:22:60:72:4c:63:45:6d:27:f9:
3c:3e:a2:8c:95:94:45:cb:8b:e6:da:c5:8f:9a:1b:da:9a:cd:
87:e8:70:b4:2a:a2:2e:42:95:68:54:e9:22:bc:62:05:54:9a:
96:6e:28:06:e2:13:eb:21:eb:31:d8:7d:78:db:56:5d:bd:68:
19:49:31:38:4b:a0:97:f1:d2:d6:5e:8f:b6:59:23:40:4b:a5:
93:3d:75:59:30:29:bf:6c:8b:24:d9:49:5f:93:e2:b9:dd:b1:
71:f0:b1:46:6a:42:25:57:d6:79:31:60:10:37:b1:e5:bd:48:
8a:f8:cf:b1:a6:81:db:a6:56:c6:fd:3b:a8:d9:83:bc:ce:51:
39:8c:49:71:f4:e6:88:c0:27:cc:77:c7:19:d5:1d:10:c2:7b:
1c:c1:33:37:fc:73:ef:1f:a5:9b:29:a5:a6:fe:07:e6:da:c7:
00:93:38:b8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPw6LrZQ3kBgqAMJLV+bwBowbsA4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODQwMzVaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwZDk4YTc1ZTg3YTdlNTIwNzU4NWQ1OGQ4MTZjOTc5YjE2MjBlOTdhNTFh
ZTAzOTA0ZmUxN2M2MzdkODk5ZGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMvVq7GbTWRjHlUesHtfH2dX9bsHR1CP14V3uBUUHqVIVR2BEyWTt+x3hCSw
rzTtve10ZxB6jHLUoPYTPzBzOEULglfZMuAN0MpyBAOSAc1KyBFJoFMlcG7y6JBP
VcS42rDux5EO0nbltjS2/v/RJBn9jGyChP4Qoy0FQby0LLTWtl3IYmgjV1JOXDgC
+/PPYGu6UyI74dIQ4adBkPoaUY9rJzkonHrcwQcVC3qeRPJM87xc1oqfjgoELT4l
72coyKbdKtxIZfAkIpH+qyJgI67vYFzZ/FDD7uJrfaOTaS7WRO0bykT2qsCshEQ7
iI6zlwJnaeL4O0BwwHn/RBDksfcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ3mNUj
qdKReo9h6TBbYw1amewfEzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGQ3Y2NlNDctMDY0ZS00YmEyLWFlYzUtMmFjYzJjYTA0YTU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H4I
MA0GCSqGSIb3DQEBCwUAA4IBAQC21nYiDqK8SoHuGXl8WHlW4w8Im1ntMIGTSVLz
ZPvGTibcq0ODAg+Kvx1NWtQJZHx21FlDA34A1oUmvmMsyU5yt40luqnQj1k1gpHj
IV6tB9siYHJMY0VtJ/k8PqKMlZRFy4vm2sWPmhvams2H6HC0KqIuQpVoVOkivGIF
VJqWbigG4hPrIesx2H1421ZdvWgZSTE4S6CX8dLWXo+2WSNAS6WTPXVZMCm/bIsk
2Ulfk+K53bFx8LFGakIlV9Z5MWAQN7HlvUiK+M+xpoHbplbG/Tuo2YO8zlE5jElx
9OaIwCfMd8cZ1R0QwnscwTM3/HPvH6WbKaWm/gfm2scAkzi4
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:12 2025 by rpki-client