Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33d7d0d8-ed13-4bde-b4f6-2b6730ba5d51.roa
File: 33d7d0d8-ed13-4bde-b4f6-2b6730ba5d51.roa (raw, json)
Hash identifier: mhCEwZfG3m3sLM90t0Lr9hfkBRFCl/UXCJErm/Y0slg=
Subject key identifier: 5F:D6:7F:FA:6B:55:48:F9:44:B9:63:8B:EB:26:E1:95:52:C5:2E:FA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67DC64ABCF29F6434DDBECDEE2A19E740CD2EBB6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33d7d0d8-ed13-4bde-b4f6-2b6730ba5d51.roa
Signing time: Mon 21 Apr 2025 18:31:05 +0000
ROA not before: Mon 21 Apr 2025 18:31:05 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:dc:64:ab:cf:29:f6:43:4d:db:ec:de:e2:a1:9e:74:0c:d2:eb:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 21 18:31:05 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=7938bd8e8d875b980f33a03fafd92c638d6788800f5ea915d32057578f6507e2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:67:f0:7b:64:e6:34:2c:24:c0:27:8f:80:0b:
c3:c8:3c:d2:6b:c6:86:0e:ff:15:61:52:1f:d1:2d:
ea:d5:e0:6b:d1:de:11:64:cd:b9:ea:46:3a:df:61:
24:f2:6b:a0:2b:5e:83:b1:cb:d8:cb:3d:94:21:9d:
b5:01:c7:53:89:2f:71:7d:ca:4d:bd:23:4d:c0:05:
32:ac:00:f8:02:3d:b1:62:8a:6f:ec:4a:e8:30:1e:
a9:6b:31:f1:32:e9:75:57:a1:b3:e7:fd:44:c0:9d:
c3:79:41:8c:46:f0:29:8f:22:da:9a:15:ba:f4:d1:
fe:ef:7f:5f:a6:8f:53:08:e6:a7:23:05:24:03:89:
01:d4:08:36:b8:00:f1:f6:35:4b:64:70:4f:76:06:
42:38:77:4d:a7:0d:38:22:13:90:ed:12:fd:f9:36:
5e:62:9a:8f:03:ad:f1:6d:f6:7b:24:56:45:f7:48:
29:3f:68:65:0b:e0:b1:93:07:49:7a:c9:d6:ae:23:
f6:51:ba:44:03:6c:8c:2d:4d:75:9b:c2:6d:de:06:
92:75:43:6e:0b:b5:23:a3:6a:da:a4:b6:63:09:9a:
fe:30:09:c0:0f:f4:a0:27:c9:c4:ab:2d:7a:41:96:
7c:73:09:db:cc:ae:50:7f:c4:77:7c:78:1a:6f:64:
34:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D6:7F:FA:6B:55:48:F9:44:B9:63:8B:EB:26:E1:95:52:C5:2E:FA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33d7d0d8-ed13-4bde-b4f6-2b6730ba5d51.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:800::/40
Signature Algorithm: sha256WithRSAEncryption
4d:4c:8f:35:f8:81:f2:f5:f7:2f:04:d1:e8:38:81:ff:e4:be:
94:00:03:f8:27:93:32:7c:43:ba:31:d9:af:81:63:ce:18:8b:
37:45:50:85:01:21:18:ac:db:82:3f:12:16:27:c8:a1:da:3e:
7c:a6:17:c8:8e:37:a0:9f:42:db:32:ed:5f:7e:fe:5d:5a:a0:
32:06:41:c5:f3:e0:54:2b:e9:85:cf:b9:b3:4a:f2:35:e7:2b:
87:f6:c2:ef:82:02:0c:a7:3e:eb:e7:b4:2b:d4:77:c9:61:7e:
bd:ce:cb:38:e7:2c:a6:78:db:74:e9:3d:59:60:41:5c:1f:bc:
11:2c:07:d8:3e:48:0a:2e:40:0c:48:1d:4a:e9:21:30:5c:2a:
83:9d:a7:9f:87:85:04:ab:6e:7e:79:f5:c8:29:0b:c4:9c:a1:
38:55:33:e7:18:02:6d:60:f2:55:8f:a8:cf:90:0b:06:aa:44:
b9:7c:10:0f:dd:16:a9:30:f3:2a:1c:d7:51:0e:59:b3:69:2a:
fb:8d:55:75:3d:3b:4b:9b:4c:6e:22:53:4b:06:47:3e:3f:b2:
42:07:4b:9e:94:5c:89:76:fc:88:29:e2:93:42:96:a9:3a:d5:
f4:8f:61:d2:23:3b:e4:b8:a0:0d:ce:1a:44:1b:8b:72:fe:a6:
9c:db:44:66
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZ9xkq88p9kNN2+ze4qGedAzS67YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjExODMxMDVaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5MzhiZDhlOGQ4NzViOTgwZjMzYTAzZmFmZDkyYzYzOGQ2Nzg4ODAwZjVl
YTkxNWQzMjA1NzU3OGY2NTA3ZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFn8Htk5jQsJMAnj4ALw8g80mvGhg7/FWFSH9Et6tXga9HeEWTNuepGOt9h
JPJroCteg7HL2Ms9lCGdtQHHU4kvcX3KTb0jTcAFMqwA+AI9sWKKb+xK6DAeqWsx
8TLpdVehs+f9RMCdw3lBjEbwKY8i2poVuvTR/u9/X6aPUwjmpyMFJAOJAdQINrgA
8fY1S2RwT3YGQjh3TacNOCITkO0S/fk2XmKajwOt8W32eyRWRfdIKT9oZQvgsZMH
SXrJ1q4j9lG6RANsjC1NdZvCbd4GknVDbgu1I6Nq2qS2Ywma/jAJwA/0oCfJxKst
ekGWfHMJ28yuUH/Ed3x4Gm9kNLECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRf1n/6
a1VI+US5Y4vrJuGVUsUu+jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzNkN2QwZDgtZWQxMy00YmRlLWI0ZjYtMmI2NzMwYmE1ZDUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQI
MA0GCSqGSIb3DQEBCwUAA4IBAQBNTI81+IHy9fcvBNHoOIH/5L6UAAP4J5MyfEO6
MdmvgWPOGIs3RVCFASEYrNuCPxIWJ8ih2j58phfIjjegn0LbMu1ffv5dWqAyBkHF
8+BUK+mFz7mzSvI15yuH9sLvggIMpz7r57Qr1HfJYX69zss45yymeNt06T1ZYEFc
H7wRLAfYPkgKLkAMSB1K6SEwXCqDnaefh4UEq25+efXIKQvEnKE4VTPnGAJtYPJV
j6jPkAsGqkS5fBAP3RapMPMqHNdRDlmzaSr7jVV1PTtLm0xuIlNLBkc+P7JCB0ue
lFyJdvyIKeKTQpapOtX0j2HSIzvkuKANzhpEG4ty/qac20Rm
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:12 2025 by rpki-client