Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4956e507-63b7-4d7d-ac19-6e5c5d1dddd8.roa
File: 4956e507-63b7-4d7d-ac19-6e5c5d1dddd8.roa (raw, json)
Hash identifier: deiEf2GgVS95COCZnh72aXHjSQ6n+5SJAXztHY92J18=
Subject key identifier: A2:69:A8:F3:10:AE:1A:28:27:66:D8:94:98:13:89:F8:56:8B:9D:C7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D91BCBEB8F3FEEB34597EF9AF0990F29A755ABA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4956e507-63b7-4d7d-ac19-6e5c5d1dddd8.roa
Signing time: Mon 14 Apr 2025 17:30:33 +0000
ROA not before: Mon 14 Apr 2025 17:30:33 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:91:bc:be:b8:f3:fe:eb:34:59:7e:f9:af:09:90:f2:9a:75:5a:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:33 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=0b1a64c4edb3eaf805352915248cbd2c616e1723bde6d2b360d8c5e6a5b9668a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:55:ae:80:d7:d6:2b:e9:cc:b6:ff:83:77:f2:
91:2b:87:32:cb:cd:8d:e5:89:61:bb:c2:31:c4:a6:
cc:fe:ed:82:bb:81:39:b5:6a:0e:6a:2e:a0:99:37:
5d:d4:b9:cf:7b:de:08:ea:68:be:35:b8:96:95:b9:
e7:bc:13:39:8e:4d:d0:43:d7:f7:0f:bd:76:79:ad:
40:f7:02:bb:98:81:ea:e3:3d:13:50:06:b8:a2:66:
4d:19:4a:cb:56:bf:b0:06:08:20:7e:ed:27:46:b0:
ee:ea:cc:c7:24:ea:4a:84:ba:82:f5:b6:73:d0:6c:
18:18:8b:48:a9:d8:97:74:5e:c6:28:12:84:c2:81:
19:8c:8c:9c:2a:cd:62:a6:7e:94:6b:ab:5f:d5:44:
ed:24:49:a0:0a:d9:06:de:70:8c:10:a9:16:55:4d:
c7:c8:24:96:04:ac:58:f1:91:b2:34:1d:3a:f6:ce:
50:4f:f9:c5:32:8b:93:8d:d6:32:e8:7d:21:36:97:
7a:e6:72:27:c2:4a:5a:b2:ef:02:7a:79:c4:75:ad:
4b:4d:b3:88:d4:6b:3a:5a:54:eb:97:78:08:ad:3a:
5a:96:71:c0:bb:6d:7e:61:a1:6c:d8:cd:a7:d8:40:
0a:2d:f4:e4:76:62:de:5a:63:db:b9:0b:87:cd:75:
2d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:69:A8:F3:10:AE:1A:28:27:66:D8:94:98:13:89:F8:56:8B:9D:C7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4956e507-63b7-4d7d-ac19-6e5c5d1dddd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.224.0/19
Signature Algorithm: sha256WithRSAEncryption
37:1e:d4:4a:85:15:43:66:77:43:71:7f:95:e1:09:45:24:2a:
9b:75:6b:1d:35:7b:98:ba:d6:7d:66:3e:80:a4:bd:1f:13:dc:
b4:5b:c6:4a:2e:7c:43:cf:2f:8f:21:86:5e:bd:de:0a:f3:8d:
2f:b0:ff:7a:cf:62:e3:82:29:a1:5f:78:44:2a:3e:88:cb:fc:
bc:1e:a1:4a:09:13:53:8b:0d:d5:f6:eb:29:73:6c:81:3b:50:
be:ba:25:6e:2b:89:e4:1a:3c:61:8f:73:cd:11:ca:6c:82:a5:
00:c4:57:cb:42:ab:6b:24:14:ff:5e:9e:91:fa:50:e3:13:7b:
af:20:a3:dd:7b:7f:84:ba:55:1f:c0:e6:f1:70:4c:fa:c6:ca:
d5:b1:ac:ca:06:4d:71:3a:54:97:d7:cd:74:be:2d:fe:e2:c2:
47:b1:db:c5:24:ff:af:27:6f:31:f7:c3:e4:64:4b:82:32:82:
b1:62:dd:e0:01:48:8c:2c:d3:f3:5c:35:6d:88:62:a4:2d:7b:
75:6d:4d:27:6d:86:7c:de:f7:b7:1e:f6:c7:6a:9b:73:fb:38:
0f:db:b6:b5:58:06:d1:f5:3c:d1:76:ff:93:7d:91:59:f5:4b:
e1:68:ff:a5:1f:c6:33:36:97:ca:08:74:89:c0:7d:1b:ca:0b:
55:e9:a6:c2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHZG8vrjz/us0WX75rwmQ8pp1WrowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwMzNaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiMWE2NGM0ZWRiM2VhZjgwNTM1MjkxNTI0OGNiZDJjNjE2ZTE3MjNiZGU2
ZDJiMzYwZDhjNWU2YTViOTY2OGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFVroDX1ivpzLb/g3fykSuHMsvNjeWJYbvCMcSmzP7tgruBObVqDmouoJk3
XdS5z3veCOpovjW4lpW557wTOY5N0EPX9w+9dnmtQPcCu5iB6uM9E1AGuKJmTRlK
y1a/sAYIIH7tJ0aw7urMxyTqSoS6gvW2c9BsGBiLSKnYl3RexigShMKBGYyMnCrN
YqZ+lGurX9VE7SRJoArZBt5wjBCpFlVNx8gklgSsWPGRsjQdOvbOUE/5xTKLk43W
Muh9ITaXeuZyJ8JKWrLvAnp5xHWtS02ziNRrOlpU65d4CK06WpZxwLttfmGhbNjN
p9hACi305HZi3lpj27kLh811LY0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSiaajz
EK4aKCdm2JSYE4n4VoudxzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDk1NmU1MDctNjNiNy00ZDdkLWFjMTktNmU1YzVkMWRkZGQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS4z4DAN
BgkqhkiG9w0BAQsFAAOCAQEANx7USoUVQ2Z3Q3F/leEJRSQqm3VrHTV7mLrWfWY+
gKS9HxPctFvGSi58Q88vjyGGXr3eCvONL7D/es9i44IpoV94RCo+iMv8vB6hSgkT
U4sN1fbrKXNsgTtQvrolbiuJ5Bo8YY9zzRHKbIKlAMRXy0KrayQU/16ekfpQ4xN7
ryCj3Xt/hLpVH8Dm8XBM+sbK1bGsygZNcTpUl9fNdL4t/uLCR7HbxST/rydvMffD
5GRLgjKCsWLd4AFIjCzT81w1bYhipC17dW1NJ22GfN73tx72x2qbc/s4D9u2tVgG
0fU80Xb/k32RWfVL4Wj/pR/GMzaXygh0icB9G8oLVemmwg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:20 2025 by rpki-client