Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
File: 1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa (raw, json)
Hash identifier: 5UQkeq6fG4AINkDS4W2d37RNogD2iaXMCP3bK7WaUto=
Subject key identifier: 67:ED:90:66:33:C1:24:BC:E5:97:2D:F1:DC:BD:D3:20:87:35:19:23
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7DE9477166B0475B29CFC364204ECC96543FBFF0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
Signing time: Tue 15 Apr 2025 15:01:13 +0000
ROA not before: Tue 15 Apr 2025 15:01:13 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:e9:47:71:66:b0:47:5b:29:cf:c3:64:20:4e:cc:96:54:3f:bf:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:01:13 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=fb182a8d9f34ce705da393439e7241f70ec8e0c9b1fb297b473bf19faaaded39, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5c:b8:40:80:28:75:85:67:b5:f2:95:0e:98:
75:b5:e7:95:e8:ce:a7:e6:17:82:11:b5:1c:80:bd:
8f:8b:d6:1e:6b:cf:39:34:d3:cc:2d:f1:4b:47:2d:
95:22:a1:80:74:96:b9:6b:10:12:45:e7:8e:8c:53:
57:49:52:af:f6:a2:c9:62:5f:6b:d0:2e:f7:8c:c1:
de:db:37:0a:28:a4:e1:4f:b7:a1:2d:20:f5:df:a9:
fa:c5:e5:dd:b2:4c:94:dc:8f:cd:94:0a:04:e7:19:
0c:bd:7d:07:79:52:d6:37:fb:64:10:8b:16:c2:90:
00:d6:70:6b:96:1a:4d:da:87:4d:c5:1b:94:b6:b7:
3a:80:f3:ae:db:56:2d:fa:18:80:d5:c9:82:dd:50:
1e:0d:41:c8:93:35:b7:40:e6:93:04:76:7c:7d:1e:
d8:22:cd:23:b7:52:fa:d1:4e:f9:d8:8c:84:06:6c:
96:f4:93:f5:57:4b:6c:c7:e5:0d:a9:ec:c7:ef:8b:
ba:b0:15:cf:44:6a:18:04:d6:38:7a:b0:4c:13:52:
6b:76:b2:30:34:06:02:61:10:73:47:d5:ff:2d:7b:
22:1d:db:f9:d4:86:34:05:76:63:98:91:f9:18:06:
f6:fc:3c:5e:52:00:19:66:78:10:d0:30:f3:83:26:
40:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:ED:90:66:33:C1:24:BC:E5:97:2D:F1:DC:BD:D3:20:87:35:19:23
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.124.0/23
Signature Algorithm: sha256WithRSAEncryption
68:6d:37:8b:ba:e8:1f:c2:aa:4c:08:e9:cc:1c:9c:9b:7c:78:
97:73:d5:8a:12:9d:77:a8:61:51:da:eb:8d:ba:63:2e:dc:4a:
d5:97:08:a8:f9:7b:26:ae:09:07:50:b9:b6:bb:21:65:59:fc:
49:de:78:c0:50:37:61:c5:84:32:39:0b:3d:bd:f1:d6:5b:b8:
10:ad:d9:3f:4b:23:84:2c:77:de:d3:aa:30:cd:4c:9f:61:1c:
d2:4a:c2:3e:69:27:22:c6:aa:3f:64:38:ce:8c:3a:4e:3b:52:
28:b8:16:2e:0c:8b:0b:00:31:00:54:79:fe:e4:98:10:cc:58:
5b:ac:fa:2d:cf:ef:80:b9:d3:29:71:8c:c8:b8:70:21:91:55:
90:f5:53:50:02:79:44:1b:9a:76:19:19:9e:19:e2:17:8a:37:
8a:1d:70:72:08:1b:47:2e:9f:ce:c0:65:33:90:01:47:71:02:
05:39:94:5b:95:db:6c:08:cb:4c:49:8c:f7:ac:84:a0:65:e2:
1b:55:0a:e1:71:0f:a4:bd:20:f8:b5:2f:40:98:95:72:20:a3:
dc:91:fd:8d:c3:1d:2c:6d:03:bb:53:a9:74:6c:0a:23:fb:c2:
8b:65:28:6d:bc:61:63:34:19:24:fa:30:d6:da:e9:9f:29:0a:
d8:f6:22:2a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfelHcWawR1spz8NkIE7MllQ/v/AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAxMTNaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiMTgyYThkOWYzNGNlNzA1ZGEzOTM0MzllNzI0MWY3MGVjOGUwYzliMWZi
Mjk3YjQ3M2JmMTlmYWFhZGVkMzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtcuECAKHWFZ7XylQ6YdbXnlejOp+YXghG1HIC9j4vWHmvPOTTTzC3xS0ct
lSKhgHSWuWsQEkXnjoxTV0lSr/aiyWJfa9Au94zB3ts3Ciik4U+3oS0g9d+p+sXl
3bJMlNyPzZQKBOcZDL19B3lS1jf7ZBCLFsKQANZwa5YaTdqHTcUblLa3OoDzrttW
LfoYgNXJgt1QHg1ByJM1t0DmkwR2fH0e2CLNI7dS+tFO+diMhAZslvST9VdLbMfl
Dansx++LurAVz0RqGATWOHqwTBNSa3ayMDQGAmEQc0fV/y17Ih3b+dSGNAV2Y5iR
+RgG9vw8XlIAGWZ4ENAw84MmQOMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRn7ZBm
M8EkvOWXLfHcvdMghzUZIzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE4YTcwNzYtMGM3OC00YWE2LTljMWUtZGZlYjk0NzE4OWY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbAgfDAN
BgkqhkiG9w0BAQsFAAOCAQEAaG03i7roH8KqTAjpzBycm3x4l3PVihKdd6hhUdrr
jbpjLtxK1ZcIqPl7Jq4JB1C5trshZVn8Sd54wFA3YcWEMjkLPb3x1lu4EK3ZP0sj
hCx33tOqMM1Mn2Ec0krCPmknIsaqP2Q4zow6TjtSKLgWLgyLCwAxAFR5/uSYEMxY
W6z6Lc/vgLnTKXGMyLhwIZFVkPVTUAJ5RBuadhkZnhniF4o3ih1wcggbRy6fzsBl
M5ABR3ECBTmUW5XbbAjLTEmM96yEoGXiG1UK4XEPpL0g+LUvQJiVciCj3JH9jcMd
LG0Du1OpdGwKI/vCi2UobbxhYzQZJPow1trpnykK2PYiKg==
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:15:50 2025 by rpki-client