Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/786da755-a3b1-48c5-b605-b8cfe294d18b.roa
File: 786da755-a3b1-48c5-b605-b8cfe294d18b.roa (raw, json)
Hash identifier: j5GRb6kvdrVVM6I7DZ8RYDiCRoxiEgz57dcdJHyZ1R0=
Subject key identifier: B6:F5:24:B8:37:EA:C6:92:D0:31:08:40:A7:93:01:5C:61:B5:C0:FD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2268F8A5DA221C044AC42D2EAA638B651887CC9A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/786da755-a3b1-48c5-b605-b8cfe294d18b.roa
Signing time: Fri 30 May 2025 15:00:01 +0000
ROA not before: Fri 30 May 2025 15:00:01 +0000
ROA not after: Fri 04 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d040::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:68:f8:a5:da:22:1c:04:4a:c4:2d:2e:aa:63:8b:65:18:87:cc:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 30 15:00:01 2025 GMT
Not After : Jul 4 23:59:59 2025 GMT
Subject: serialNumber=850c327b1cf4476a4504b957f6caec509c41c73688c7f46eaae33c917a6ee4cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:e5:34:c1:31:c2:f7:0b:2e:33:fa:8f:da:a7:
46:d9:06:db:92:ea:84:8e:58:8e:c7:ba:1a:c4:7d:
17:7a:48:ab:c3:5f:2d:48:5d:cb:8e:8e:28:0c:63:
b5:92:24:6d:9f:96:95:4a:83:7b:16:74:e9:99:01:
37:00:4b:e7:63:08:52:8c:b2:49:ef:c0:ba:67:3e:
e2:cb:f1:15:35:a4:2a:5b:90:c2:75:60:7b:40:d4:
f1:b5:ef:27:86:c0:b6:e1:f4:fa:34:b7:be:8f:be:
c4:8f:51:ec:cc:d9:0a:58:2b:7d:4d:c4:a1:2f:a3:
34:96:85:96:17:c0:85:f7:e3:78:d8:78:f9:5e:39:
37:e5:16:0c:61:cd:4a:80:4a:52:c2:21:12:46:ec:
7f:70:48:9e:2f:e5:11:ec:48:d1:71:52:71:bf:9f:
37:a6:44:9a:df:04:23:ff:e5:ec:0f:fb:a3:a8:c7:
c0:b5:42:39:ba:99:75:31:b9:fb:89:d2:33:e1:d6:
31:c7:80:97:51:67:35:e1:38:e3:9c:29:2c:02:56:
54:2f:12:d1:c6:61:59:58:30:89:37:a9:68:29:77:
a2:5c:be:ac:8e:5e:ce:51:fa:74:e5:a2:ec:7b:27:
db:90:cb:ee:4e:ea:96:a2:b6:ad:cc:27:7f:61:12:
8a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:F5:24:B8:37:EA:C6:92:D0:31:08:40:A7:93:01:5C:61:B5:C0:FD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/786da755-a3b1-48c5-b605-b8cfe294d18b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040::/32
Signature Algorithm: sha256WithRSAEncryption
1e:0b:fa:91:9b:4f:51:dc:77:09:46:e4:c7:e5:a9:1b:92:7c:
46:fa:72:2d:55:d7:c1:64:f0:7e:a7:98:00:9d:02:61:02:81:
8d:77:e8:05:ab:eb:71:6b:05:af:28:68:76:71:0b:36:0a:ab:
2b:18:5e:c6:01:a1:35:0d:a6:eb:03:2a:14:6b:28:2e:76:80:
f1:da:c6:4c:cc:41:eb:57:18:8d:a2:f3:2f:e4:60:82:ac:9d:
b5:c0:65:84:38:09:7a:d3:9a:fc:c0:8f:53:4b:7e:67:f0:19:
63:e2:95:eb:53:b9:10:38:05:a5:05:dc:0d:5e:67:bb:96:87:
db:28:0a:86:65:6f:02:85:bf:7d:d1:d2:6c:63:4a:ba:57:79:
ed:da:94:d5:89:c2:a3:1c:50:17:0f:91:8d:0a:96:d9:28:0b:
c1:70:a1:8f:38:87:9e:54:6e:94:85:64:4e:be:3c:93:16:c0:
a8:5d:39:f5:a1:a1:ac:db:ee:dd:4d:2f:c8:70:8e:b6:50:fe:
4a:4d:7e:39:69:b0:fa:01:8a:07:e3:19:19:86:ae:a6:ac:86:
33:36:fe:94:3e:81:e2:95:f1:c9:74:b8:42:b9:78:77:67:e0:
06:a7:57:d9:e3:53:09:0e:21:9e:64:fc:82:04:a7:49:cd:57:
17:63:c6:b1
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUImj4pdoiHARKxC0uqmOLZRiHzJowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MzAxNTAwMDFaFw0yNTA3MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1MGMzMjdiMWNmNDQ3NmE0NTA0Yjk1N2Y2Y2FlYzUwOWM0MWM3MzY4OGM3
ZjQ2ZWFhZTMzYzkxN2E2ZWU0Y2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN/lNMExwvcLLjP6j9qnRtkG25LqhI5Yjse6GsR9F3pIq8NfLUhdy46OKAxj
tZIkbZ+WlUqDexZ06ZkBNwBL52MIUoyySe/Aumc+4svxFTWkKluQwnVge0DU8bXv
J4bAtuH0+jS3vo++xI9R7MzZClgrfU3EoS+jNJaFlhfAhffjeNh4+V45N+UWDGHN
SoBKUsIhEkbsf3BIni/lEexI0XFScb+fN6ZEmt8EI//l7A/7o6jHwLVCObqZdTG5
+4nSM+HWMceAl1FnNeE445wpLAJWVC8S0cZhWVgwiTepaCl3oly+rI5ezlH6dOWi
7Hsn25DL7k7qlqK2rcwnf2ESivkCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBS29SS4
N+rGktAxCECnkwFcYbXA/TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Nzg2ZGE3NTUtYTNiMS00OGM1LWI2MDUtYjhjZmUyOTRkMThiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0EAw
DQYJKoZIhvcNAQELBQADggEBAB4L+pGbT1HcdwlG5MflqRuSfEb6ci1V18Fk8H6n
mACdAmECgY136AWr63FrBa8oaHZxCzYKqysYXsYBoTUNpusDKhRrKC52gPHaxkzM
QetXGI2i8y/kYIKsnbXAZYQ4CXrTmvzAj1NLfmfwGWPiletTuRA4BaUF3A1eZ7uW
h9soCoZlbwKFv33R0mxjSrpXee3alNWJwqMcUBcPkY0KltkoC8FwoY84h55UbpSF
ZE6+PJMWwKhdOfWhoazb7t1NL8hwjrZQ/kpNfjlpsPoBigfjGRmGrqashjM2/pQ+
geKV8cl0uEK5eHdn4AanV9njUwkOIZ5k/IIEp0nNVxdjxrE=
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:37:40 2025 by rpki-client