Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
File: 68677111-f27d-417a-8b43-a65f84482997.roa (raw, json)
Hash identifier: 4LE5DQ9mMnU/DniEH6rSyoDwLBP88bN2JECQJZgxiZ8=
Subject key identifier: 20:48:BA:D9:5E:36:FA:3E:53:45:4A:01:CD:8E:BA:E1:F0:76:C1:85
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B6D3E55C9D09046A71006CFBE540B0CDD48E6D0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
Signing time: Mon 14 Apr 2025 17:30:59 +0000
ROA not before: Mon 14 Apr 2025 17:30:59 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.192.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:6d:3e:55:c9:d0:90:46:a7:10:06:cf:be:54:0b:0c:dd:48:e6:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:59 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=cb572d1d2b42237fc8e793b677defe1d6e558a68e6ae3996c8cc1f534d470ede, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:82:a0:a9:93:24:18:12:5c:9c:fc:fb:1f:5f:
cf:d2:b6:df:b6:97:94:2e:b2:50:75:13:e9:68:07:
99:c6:33:ad:95:ad:55:b6:0d:bd:ca:0d:7f:65:ed:
79:59:01:17:23:03:29:3a:47:75:ce:35:2f:5f:e6:
61:35:5f:e9:9f:3a:f3:4c:b0:2f:35:39:73:0f:d2:
da:c2:71:d2:d2:21:8c:7e:89:46:45:85:60:50:d4:
f1:c3:51:b2:7c:28:98:1b:03:77:92:0d:b6:25:3e:
e1:32:8d:1b:a9:72:22:96:12:32:d3:21:bb:e8:5e:
bf:3f:93:26:c0:a8:67:ad:fc:18:08:e3:64:83:28:
7b:ea:97:9c:13:b9:7d:ad:76:60:95:b7:5c:70:bc:
c0:3e:14:2d:dd:3d:57:40:12:ee:bb:61:9d:d6:0f:
db:d6:1e:cd:e2:27:e7:bf:f1:30:30:93:3b:85:57:
06:15:f4:ce:26:28:d8:78:67:02:61:de:29:c5:89:
95:44:40:91:39:0d:d7:e2:4d:4a:da:67:d1:7c:56:
52:2b:54:1e:ac:4a:cc:7f:a0:f7:15:d2:59:09:58:
fb:47:2d:d0:26:80:71:47:83:7d:98:07:2c:d9:b2:
58:25:e3:f7:f2:88:e4:a6:48:d7:8e:20:07:88:bb:
16:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:48:BA:D9:5E:36:FA:3E:53:45:4A:01:CD:8E:BA:E1:F0:76:C1:85
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.192.0/19
Signature Algorithm: sha256WithRSAEncryption
08:eb:d5:b4:ad:b8:1f:d8:9e:28:04:87:69:51:43:da:57:9c:
b4:c9:1f:76:34:90:aa:56:6c:90:5e:85:02:ea:86:31:4f:92:
29:e2:df:b4:87:b6:3a:42:2e:fa:84:22:c2:ff:e7:2e:b7:62:
9f:1c:90:79:35:36:ed:03:16:d0:97:aa:59:52:07:ce:18:5f:
1a:a7:9e:c2:0f:2f:cc:8e:e1:97:02:0f:df:70:16:0b:28:fc:
a9:0b:3f:40:30:3b:7f:48:3e:c7:66:f4:b1:2e:ef:58:82:e2:
03:b5:66:18:d5:60:aa:2d:27:7c:31:eb:e7:90:b3:0c:08:48:
7f:b3:0d:99:0b:ec:30:e6:4e:24:19:41:40:33:45:35:14:68:
c5:6f:2e:78:c1:1e:66:0e:d3:5c:47:3a:2a:f6:8c:37:07:02:
bf:6d:f4:af:fe:da:f4:e3:96:c0:7c:64:0e:62:ed:12:ee:c4:
1d:d0:78:a3:b3:b2:79:e5:e3:16:e9:28:23:8a:06:5b:06:17:
a5:e6:e3:a0:e0:c6:64:88:aa:ed:6d:13:cd:30:cc:e5:ad:46:
18:4a:0b:63:f7:02:17:b7:a3:ec:88:63:b2:7c:64:12:a9:e7:
9e:b3:83:6f:e9:93:24:e2:64:2e:17:de:45:c4:77:6e:31:72:
ad:e7:dd:74
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUe20+VcnQkEanEAbPvlQLDN1I5tAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwNTlaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiNTcyZDFkMmI0MjIzN2ZjOGU3OTNiNjc3ZGVmZTFkNmU1NThhNjhlNmFl
Mzk5NmM4Y2MxZjUzNGQ0NzBlZGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmCoKmTJBgSXJz8+x9fz9K237aXlC6yUHUT6WgHmcYzrZWtVbYNvcoNf2Xt
eVkBFyMDKTpHdc41L1/mYTVf6Z8680ywLzU5cw/S2sJx0tIhjH6JRkWFYFDU8cNR
snwomBsDd5INtiU+4TKNG6lyIpYSMtMhu+hevz+TJsCoZ638GAjjZIMoe+qXnBO5
fa12YJW3XHC8wD4ULd09V0AS7rthndYP29YezeIn57/xMDCTO4VXBhX0ziYo2Hhn
AmHeKcWJlURAkTkN1+JNStpn0XxWUitUHqxKzH+g9xXSWQlY+0ct0CaAcUeDfZgH
LNmyWCXj9/KI5KZI144gB4i7Fi8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQgSLrZ
Xjb6PlNFSgHNjrrh8HbBhTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njg2NzcxMTEtZjI3ZC00MTdhLThiNDMtYTY1Zjg0NDgyOTk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6JwDAN
BgkqhkiG9w0BAQsFAAOCAQEACOvVtK24H9ieKASHaVFD2lectMkfdjSQqlZskF6F
AuqGMU+SKeLftIe2OkIu+oQiwv/nLrdinxyQeTU27QMW0JeqWVIHzhhfGqeewg8v
zI7hlwIP33AWCyj8qQs/QDA7f0g+x2b0sS7vWILiA7VmGNVgqi0nfDHr55CzDAhI
f7MNmQvsMOZOJBlBQDNFNRRoxW8ueMEeZg7TXEc6KvaMNwcCv230r/7a9OOWwHxk
DmLtEu7EHdB4o7OyeeXjFukoI4oGWwYXpebjoODGZIiq7W0TzTDM5a1GGEoLY/cC
F7ej7IhjsnxkEqnnnrODb+mTJOJkLhfeRcR3bjFyrefddA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:48:13 2025 by rpki-client