Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
File: 27619839-e7af-4103-a7dd-056323333518.roa (raw, json)
Hash identifier: VJl3HVZi2PtnV1lrLwyuxnlEbNq8O9/0jbSx5AECulk=
Subject key identifier: EA:CF:2E:82:C9:E7:2B:46:74:F3:FD:D7:69:B8:B1:33:FE:C0:A5:1C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 072C79ED8C8C1C5FA9A399DC421F6A2A3EACF1F9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
Signing time: Tue 15 Apr 2025 15:01:20 +0000
ROA not before: Tue 15 Apr 2025 15:01:20 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.88.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:2c:79:ed:8c:8c:1c:5f:a9:a3:99:dc:42:1f:6a:2a:3e:ac:f1:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:01:20 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=b1af425df9468cf2ec84bc0d0c64add51d1bfd646f64c9ffd6459bf0e611fed0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0f:02:38:00:77:62:88:a7:e4:03:96:92:90:
c3:c7:f6:39:61:74:8a:b7:14:68:54:81:9b:f0:02:
55:2a:52:14:bd:70:1e:87:42:3f:0c:b4:6c:40:ec:
ba:43:21:26:50:78:72:c4:44:30:b7:ac:a0:a9:51:
df:3e:7a:01:32:b1:62:89:69:bc:8e:c6:67:81:47:
b7:37:a6:81:b2:df:ba:72:6a:ff:8c:3d:b0:1d:41:
29:d5:66:86:49:56:ea:79:9c:b3:17:1e:56:6d:f7:
1c:4a:63:b4:98:4a:82:49:cf:da:37:c9:01:43:be:
05:b5:22:48:63:fb:91:88:c2:2d:c3:86:03:1d:89:
4f:47:32:40:ad:21:35:70:ea:92:05:b3:a3:a5:50:
11:a8:04:e5:77:7f:48:af:9f:c0:9b:e6:f8:54:3c:
59:f7:4b:1d:78:91:b3:68:ff:df:89:1e:5a:e9:70:
5b:1f:44:2d:dc:1e:d1:ca:65:25:45:9e:18:9c:ad:
65:2a:54:d2:e3:f3:36:93:eb:08:e7:3b:7d:6f:fe:
4e:f9:a5:b5:b0:56:68:b1:c5:5e:8b:b9:f4:96:3f:
05:b1:12:1c:2c:17:43:0d:90:33:5a:79:ee:2a:01:
2c:d7:da:3b:79:6f:81:b7:d3:a3:41:73:ec:d4:bb:
50:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:CF:2E:82:C9:E7:2B:46:74:F3:FD:D7:69:B8:B1:33:FE:C0:A5:1C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.88.0/21
Signature Algorithm: sha256WithRSAEncryption
3e:52:82:d9:e2:55:2c:ea:cf:f7:d3:a0:7a:2e:c9:76:a3:fa:
9e:ea:a0:fa:af:d1:17:28:53:ca:f4:05:99:04:7e:3e:3d:05:
97:38:5e:6c:4d:97:e9:57:0a:ad:19:95:21:99:9d:5c:5e:f2:
09:c4:62:38:dd:c5:36:5b:87:84:86:44:aa:82:ac:71:f0:09:
85:ed:bb:f4:5f:c2:9e:fb:2b:6f:f4:44:67:17:70:0a:66:9a:
94:4c:4b:e0:30:ca:3c:2d:7a:ad:9b:8b:33:80:bb:0d:8d:f6:
b3:da:e2:eb:2e:e8:f9:d0:12:3f:32:24:7b:85:9b:ef:7b:3d:
4a:67:2a:e9:71:05:88:ad:4e:56:6f:27:e5:bc:52:e5:46:c0:
b2:30:5d:50:1e:05:4f:5a:a5:c3:53:59:3e:d8:56:40:dc:65:
8d:27:b5:80:70:56:56:11:89:fb:02:6f:e3:71:88:7e:d2:b1:
6f:0f:51:1c:cf:4b:a2:a3:4b:e6:91:cf:bc:40:1d:1b:60:28:
13:b5:e8:88:58:1e:a9:58:93:d2:4b:35:19:42:87:88:90:d3:
e5:48:0e:44:d9:f7:67:ad:3a:f6:d2:d0:6c:6c:25:e4:9f:56:
4a:46:4e:dc:ae:f7:4c:ce:79:bd:ea:88:0e:4a:19:e1:68:4a:
ab:1b:03:9a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUByx57YyMHF+po5ncQh9qKj6s8fkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAxMjBaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxYWY0MjVkZjk0NjhjZjJlYzg0YmMwZDBjNjRhZGQ1MWQxYmZkNjQ2ZjY0
YzlmZmQ2NDU5YmYwZTYxMWZlZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0PAjgAd2KIp+QDlpKQw8f2OWF0ircUaFSBm/ACVSpSFL1wHodCPwy0bEDs
ukMhJlB4csREMLesoKlR3z56ATKxYolpvI7GZ4FHtzemgbLfunJq/4w9sB1BKdVm
hklW6nmcsxceVm33HEpjtJhKgknP2jfJAUO+BbUiSGP7kYjCLcOGAx2JT0cyQK0h
NXDqkgWzo6VQEagE5Xd/SK+fwJvm+FQ8WfdLHXiRs2j/34keWulwWx9ELdwe0cpl
JUWeGJytZSpU0uPzNpPrCOc7fW/+TvmltbBWaLHFXou59JY/BbESHCwXQw2QM1p5
7ioBLNfaO3lvgbfTo0Fz7NS7UDUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTqzy6C
yecrRnTz/ddpuLEz/sClHDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc2MTk4MzktZTdhZi00MTAzLWE3ZGQtMDU2MzIzMzMzNTE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgWDAN
BgkqhkiG9w0BAQsFAAOCAQEAPlKC2eJVLOrP99Ogei7JdqP6nuqg+q/RFyhTyvQF
mQR+Pj0FlzhebE2X6VcKrRmVIZmdXF7yCcRiON3FNluHhIZEqoKscfAJhe279F/C
nvsrb/REZxdwCmaalExL4DDKPC16rZuLM4C7DY32s9ri6y7o+dASPzIke4Wb73s9
Smcq6XEFiK1OVm8n5bxS5UbAsjBdUB4FT1qlw1NZPthWQNxljSe1gHBWVhGJ+wJv
43GIftKxbw9RHM9LoqNL5pHPvEAdG2AoE7XoiFgeqViT0ks1GUKHiJDT5UgORNn3
Z6069tLQbGwl5J9WSkZO3K73TM55veqIDkoZ4WhKqxsDmg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:48:08 2025 by rpki-client