Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1977ffde-7d26-418c-800c-ccacd18fe560.roa
File: 1977ffde-7d26-418c-800c-ccacd18fe560.roa (raw, json)
Hash identifier: MzgfqtDjIo1KnVxMrlb3q5QY+oAhWb6jYOnqhHcr9S8=
Subject key identifier: F1:C7:93:D8:EE:7C:43:E0:00:56:F2:8D:EC:9E:F0:3A:03:54:D1:A7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 48E3B749CF1581556E74E61414E485D235758703
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1977ffde-7d26-418c-800c-ccacd18fe560.roa
Signing time: Tue 08 Apr 2025 15:00:56 +0000
ROA not before: Tue 08 Apr 2025 15:00:56 +0000
ROA not after: Tue 13 May 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2a05:d040::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:e3:b7:49:cf:15:81:55:6e:74:e6:14:14:e4:85:d2:35:75:87:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 8 15:00:56 2025 GMT
Not After : May 13 23:59:59 2025 GMT
Subject: serialNumber=8538e6cdcd69f99c5576d7db802e448c41fa980cf3f4959e80e98cfcd77161b9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:39:8f:93:70:70:17:04:a3:b2:c7:4b:60:43:
2e:65:b2:2e:b8:05:5c:bf:f3:91:b6:4d:e8:23:b3:
6a:72:82:40:dc:ea:6b:42:7d:04:9b:b5:e0:cf:c6:
45:33:80:c9:bb:df:08:4c:53:93:23:66:7f:d5:54:
05:49:d2:9b:ff:68:4c:8b:a3:96:45:1f:85:95:e3:
84:97:3a:e7:ba:fd:bc:cb:9b:51:37:0c:7e:ef:70:
46:08:a1:31:0e:96:a7:67:50:27:a1:76:c0:a5:16:
b0:8d:84:4e:25:39:a1:15:1b:e7:61:08:8d:b4:30:
0c:e7:10:6d:60:2a:37:b1:3b:4e:02:33:42:59:e5:
68:39:3b:ca:34:17:0a:8d:a2:39:b8:4e:81:c6:2f:
d5:2e:c6:4c:4f:e1:8b:b0:49:02:34:4d:01:71:72:
83:05:5c:f3:3e:09:72:7b:31:a0:82:b3:15:41:b1:
6c:76:31:73:c7:80:c3:f0:f5:de:29:de:3e:e5:49:
a3:6a:c6:a1:db:12:a4:ee:1b:08:af:58:37:0e:a4:
37:0f:bb:36:c8:01:d7:1e:84:bc:f9:9b:a9:17:89:
3d:11:cc:b0:ca:dc:a8:1f:e1:db:4a:d9:00:67:a2:
62:5e:48:75:b6:37:e8:74:c7:9c:3c:5a:80:c9:50:
84:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C7:93:D8:EE:7C:43:E0:00:56:F2:8D:EC:9E:F0:3A:03:54:D1:A7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1977ffde-7d26-418c-800c-ccacd18fe560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040::/32
Signature Algorithm: sha256WithRSAEncryption
b3:c9:e1:5e:32:9e:4e:aa:4a:37:1b:3b:d5:a1:9a:52:88:ba:
e4:26:fc:d7:0e:08:5c:16:06:30:8b:8e:34:19:d4:15:e0:b4:
0d:7d:17:90:96:d6:80:4f:1c:58:bb:cc:c9:7d:25:37:27:f9:
16:53:ba:8b:cf:1f:01:c7:fe:df:3e:b0:9a:6c:40:4e:d7:7c:
d1:13:5f:0e:e3:68:15:43:fc:6c:1f:c9:8a:3f:29:45:f9:86:
90:7f:d2:e4:4b:3b:20:6e:e6:ea:7b:d8:42:01:21:2e:5a:cb:
54:d3:a2:64:7d:2e:5f:aa:b1:71:1d:b2:1f:19:2d:2e:a0:f4:
01:5e:f5:1f:d6:26:34:06:d0:20:ea:d6:26:5b:b3:5c:af:09:
1e:f5:44:ab:82:48:10:d4:0d:3d:b0:c0:ae:bd:18:31:50:5a:
84:25:f0:7a:4a:ee:97:3f:5c:8f:0c:32:92:02:27:be:a7:dd:
0b:a4:7c:c7:9b:2f:0c:76:6c:3f:9a:c3:29:f5:89:3b:da:6c:
76:c0:1d:30:c0:7f:d7:c1:7c:f6:69:8b:c9:b2:0a:12:97:d2:
2a:4c:23:62:7f:5f:c6:f7:1e:ad:2d:20:69:a7:d8:72:e4:90:
1f:99:cc:91:8c:7f:c4:2d:b7:b9:a5:bf:86:a5:40:c1:9d:b0:
80:7e:91:88
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUSOO3Sc8VgVVudOYUFOSF0jV1hwMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MDgxNTAwNTZaFw0yNTA1MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1MzhlNmNkY2Q2OWY5OWM1NTc2ZDdkYjgwMmU0NDhjNDFmYTk4MGNmM2Y0
OTU5ZTgwZTk4Y2ZjZDc3MTYxYjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOM5j5NwcBcEo7LHS2BDLmWyLrgFXL/zkbZN6COzanKCQNzqa0J9BJu14M/G
RTOAybvfCExTkyNmf9VUBUnSm/9oTIujlkUfhZXjhJc657r9vMubUTcMfu9wRgih
MQ6Wp2dQJ6F2wKUWsI2ETiU5oRUb52EIjbQwDOcQbWAqN7E7TgIzQlnlaDk7yjQX
Co2iObhOgcYv1S7GTE/hi7BJAjRNAXFygwVc8z4JcnsxoIKzFUGxbHYxc8eAw/D1
3inePuVJo2rGodsSpO4bCK9YNw6kNw+7NsgB1x6EvPmbqReJPRHMsMrcqB/h20rZ
AGeiYl5IdbY36HTHnDxagMlQhNcCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTxx5PY
7nxD4ABW8o3snvA6A1TRpzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTk3N2ZmZGUtN2QyNi00MThjLTgwMGMtY2NhY2QxOGZlNTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0EAw
DQYJKoZIhvcNAQELBQADggEBALPJ4V4ynk6qSjcbO9WhmlKIuuQm/NcOCFwWBjCL
jjQZ1BXgtA19F5CW1oBPHFi7zMl9JTcn+RZTuovPHwHH/t8+sJpsQE7XfNETXw7j
aBVD/GwfyYo/KUX5hpB/0uRLOyBu5up72EIBIS5ay1TTomR9Ll+qsXEdsh8ZLS6g
9AFe9R/WJjQG0CDq1iZbs1yvCR71RKuCSBDUDT2wwK69GDFQWoQl8HpK7pc/XI8M
MpICJ76n3QukfMebLwx2bD+awyn1iTvabHbAHTDAf9fBfPZpi8myChKX0ipMI2J/
X8b3Hq0tIGmn2HLkkB+ZzJGMf8Qtt7mlv4alQMGdsIB+kYg=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:22 2025 by rpki-client