Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
File: b1697edb-eb6c-486d-a5cc-c22724b14f96.roa (raw, json)
Hash identifier: 6Mb7WaFSSdBAxhV0UAYEenzyReaYA+Tz0oW0NNnGFfA=
Subject key identifier: 6F:7E:02:69:FA:C6:7F:52:5A:20:59:A1:8C:1D:CA:B3:81:C0:8F:8B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6CF66543F86F10C05F5271DBDED2CE9F0584183C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
Signing time: Mon 14 Apr 2025 17:30:05 +0000
ROA not before: Mon 14 Apr 2025 17:30:05 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:f6:65:43:f8:6f:10:c0:5f:52:71:db:de:d2:ce:9f:05:84:18:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:05 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=4fef5f58d02132fa1997996520825df8564d53fdd169fbcb27d2355b9dee1f82, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:65:4f:b8:40:9e:35:de:6f:10:a1:a0:36:72:
96:e6:76:de:3e:1f:b2:65:82:16:64:df:86:64:d4:
c2:11:f4:54:66:73:dc:f2:49:6b:e0:f1:d2:6f:51:
88:be:7b:17:67:2c:49:8e:04:ae:90:78:31:35:eb:
37:19:33:d6:da:35:dc:0e:d2:63:50:c9:56:bf:aa:
bd:02:f0:4f:97:4a:53:db:90:ca:87:71:5b:09:0f:
ec:46:73:56:9c:be:dc:16:4b:e6:f7:ef:eb:58:9f:
18:76:87:df:f8:c5:e5:79:92:58:a3:87:05:06:c4:
3d:e9:20:15:1b:fc:9b:4e:c7:b8:6c:3a:41:dc:90:
2a:33:d3:18:a9:d5:f9:48:d6:d0:7b:4e:e1:39:cc:
27:d0:92:5a:f3:62:f3:ae:18:fa:41:c0:3a:d7:ab:
3f:95:36:1a:16:f7:98:10:85:6b:2c:bb:df:ae:72:
cc:dc:45:9a:2a:4a:a7:63:6d:dc:04:32:4d:54:f2:
dc:44:a4:91:63:c6:29:dc:ac:95:7d:f0:7b:c7:07:
0d:dc:4c:77:1c:65:69:6f:fb:40:26:7e:ef:2a:0b:
b0:db:65:c8:a3:8c:95:eb:c5:e4:5a:57:f4:70:49:
a0:e8:8b:90:15:7d:d5:00:a3:b7:08:8d:c8:ba:18:
89:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:7E:02:69:FA:C6:7F:52:5A:20:59:A1:8C:1D:CA:B3:81:C0:8F:8B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.170.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:9d:5d:d1:e0:db:70:80:37:13:d1:33:ff:e2:4a:17:d4:5d:
3b:0a:2d:75:c0:80:a4:e5:02:c6:96:21:8c:3b:c5:d3:60:38:
77:e1:dc:61:d3:02:64:0c:d3:26:2f:82:09:6d:23:d1:78:08:
bc:8f:f0:d9:51:04:44:8c:fe:1d:fa:02:33:f6:1e:9e:3b:dd:
78:4d:8c:f3:76:e8:72:7b:43:6d:0b:24:a0:03:dd:71:66:fa:
f7:55:30:9b:1c:b2:a2:1f:54:bf:31:da:12:d5:5b:33:3f:51:
b8:30:e2:de:22:d4:4a:b6:2a:bb:16:0d:80:84:17:74:16:a7:
31:89:83:76:90:ca:04:bd:0f:7d:3e:c2:2b:ad:c4:6f:69:e3:
e7:77:38:34:d8:14:af:9b:4f:ae:d5:1b:25:89:dd:8d:a6:e6:
c0:0c:7d:21:ad:df:76:a8:d9:f2:c1:25:d4:b3:ab:49:81:f5:
30:65:7a:70:46:b6:94:ae:c1:03:31:cd:cf:22:ca:8e:5a:98:
e9:f4:9d:57:f9:95:62:91:75:48:3c:30:b4:13:64:01:f4:d5:
30:dd:a5:57:70:14:74:fa:11:65:81:58:b6:ff:e9:d5:b3:20:
13:e3:2f:d0:55:f2:3b:e0:55:bc:0b:9b:7f:82:13:08:bf:11:
8a:14:81:a0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbPZlQ/hvEMBfUnHb3tLOnwWEGDwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwMDVaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmZWY1ZjU4ZDAyMTMyZmExOTk3OTk2NTIwODI1ZGY4NTY0ZDUzZmRkMTY5
ZmJjYjI3ZDIzNTViOWRlZTFmODIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJZlT7hAnjXebxChoDZyluZ23j4fsmWCFmTfhmTUwhH0VGZz3PJJa+Dx0m9R
iL57F2csSY4ErpB4MTXrNxkz1to13A7SY1DJVr+qvQLwT5dKU9uQyodxWwkP7EZz
Vpy+3BZL5vfv61ifGHaH3/jF5XmSWKOHBQbEPekgFRv8m07HuGw6QdyQKjPTGKnV
+UjW0HtO4TnMJ9CSWvNi864Y+kHAOterP5U2Ghb3mBCFayy7365yzNxFmipKp2Nt
3AQyTVTy3ESkkWPGKdyslX3we8cHDdxMdxxlaW/7QCZ+7yoLsNtlyKOMlevF5FpX
9HBJoOiLkBV91QCjtwiNyLoYie0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRvfgJp
+sZ/UlogWaGMHcqzgcCPizAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjE2OTdlZGItZWI2Yy00ODZkLWE1Y2MtYzIyNzI0YjE0Zjk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC6JqjAN
BgkqhkiG9w0BAQsFAAOCAQEAPp1d0eDbcIA3E9Ez/+JKF9RdOwotdcCApOUCxpYh
jDvF02A4d+HcYdMCZAzTJi+CCW0j0XgIvI/w2VEERIz+HfoCM/YenjvdeE2M83bo
cntDbQskoAPdcWb691Uwmxyyoh9UvzHaEtVbMz9RuDDi3iLUSrYquxYNgIQXdBan
MYmDdpDKBL0PfT7CK63Eb2nj53c4NNgUr5tPrtUbJYndjabmwAx9Ia3fdqjZ8sEl
1LOrSYH1MGV6cEa2lK7BAzHNzyLKjlqY6fSdV/mVYpF1SDwwtBNkAfTVMN2lV3AU
dPoRZYFYtv/p1bMgE+Mv0FXyO+BVvAubf4ITCL8RihSBoA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:39 2025 by rpki-client