Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb73d62f-513c-4673-8547-902e7fa2148b.roa
File: bb73d62f-513c-4673-8547-902e7fa2148b.roa (raw, json)
Hash identifier: FbKFDv+cUjJ5BZBhlwMrCm0TSPmpz73YA/flNaILnQo=
Subject key identifier: A2:09:F2:FB:3C:86:D4:03:CB:DE:EB:3E:1F:43:12:B9:00:51:7E:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 556313CC58C71383BDA79C6489AD1CEBB743FDD2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb73d62f-513c-4673-8547-902e7fa2148b.roa
Signing time: Mon 14 Apr 2025 17:30:55 +0000
ROA not before: Mon 14 Apr 2025 17:30:55 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:63:13:cc:58:c7:13:83:bd:a7:9c:64:89:ad:1c:eb:b7:43:fd:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:55 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=020bb4998e8fb983559300c82d22130ea4ae497df45b1b651adcb0583a3facbb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:20:70:17:3a:3b:20:6a:c7:2e:a6:9f:7d:5d:
c5:e8:63:46:14:14:7f:c9:32:ad:e9:b9:67:e9:a7:
8b:6c:04:35:4e:03:f6:e6:bb:81:a4:1a:cd:d9:b7:
41:f6:d8:1e:70:61:77:a1:ce:c6:f4:02:57:c6:ec:
e7:36:4a:76:32:39:d7:01:35:d7:06:88:d0:c3:13:
8e:7d:c7:01:6f:01:59:52:e4:2b:27:9f:70:97:38:
41:3b:70:3d:28:f8:e6:95:e2:db:c8:6a:58:65:57:
ed:d1:59:56:50:a7:15:b5:b7:59:84:cb:70:9f:b7:
23:10:03:30:9c:84:18:2e:98:e4:e2:6f:51:00:67:
8e:57:43:08:64:a2:68:18:96:69:e7:d1:dd:3f:e3:
92:38:56:99:75:3c:df:f1:1c:a5:dd:79:35:fe:20:
6a:5c:62:a3:f6:e7:0c:f7:c4:de:7b:83:8e:b6:6f:
6a:23:9e:d6:1f:d8:53:d0:0f:eb:b2:5d:31:fc:24:
88:1f:62:b2:98:67:3d:76:b9:c5:1d:c1:93:af:ee:
fb:60:db:fb:6d:36:95:83:5c:a3:23:f2:15:ee:8b:
82:3a:11:ec:ca:a8:2a:6f:52:5c:f7:a9:7d:ee:2a:
50:f2:bb:1c:d0:99:cb:a3:e9:f4:dc:c5:d5:4e:7c:
fe:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:09:F2:FB:3C:86:D4:03:CB:DE:EB:3E:1F:43:12:B9:00:51:7E:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb73d62f-513c-4673-8547-902e7fa2148b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/17
Signature Algorithm: sha256WithRSAEncryption
0f:04:40:eb:cd:7f:db:27:bb:af:1e:ad:b2:b8:d0:46:42:7a:
f0:6a:be:b7:2c:35:9d:9b:d5:c9:6d:5d:22:df:55:0d:41:8c:
23:d3:7a:f2:c4:9c:36:55:0a:5e:61:45:d7:fd:ee:d0:7c:11:
9a:13:bd:59:f3:1e:25:14:2f:96:68:1e:3c:44:35:83:8c:f3:
29:e3:ba:1e:8c:d6:d9:21:a8:3a:9c:de:fe:a3:35:d3:bd:43:
6f:66:e8:b0:9f:fe:18:aa:d0:69:22:67:a8:f9:8e:60:88:61:
a0:d3:77:25:36:c6:fc:e4:58:bb:da:06:5c:73:31:de:37:7e:
9a:4f:cc:20:00:73:bf:ba:7f:46:ba:03:d8:87:17:2e:20:2f:
a2:05:7a:79:a3:71:a3:4d:66:bd:d5:50:ce:2d:25:b1:41:6e:
09:95:38:22:04:1d:d9:da:1a:f2:f0:c3:bb:62:a5:09:a4:c0:
02:8e:4a:9d:55:be:08:fe:b1:dc:cd:36:8d:20:f9:64:f6:d0:
ba:b6:04:f4:5c:51:9a:29:bc:bc:94:e8:36:a1:ce:e1:ce:26:
d3:df:88:1a:f1:48:22:a0:0a:f7:79:87:ff:b6:9f:c3:68:d6:
3e:28:ba:66:0c:59:03:70:ce:e3:0a:2a:99:ef:40:cd:27:ff:
77:d8:34:8b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVWMTzFjHE4O9p5xkia0c67dD/dIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwNTVaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDAyMGJiNDk5OGU4ZmI5ODM1NTkzMDBjODJkMjIxMzBlYTRhZTQ5N2RmNDVi
MWI2NTFhZGNiMDU4M2EzZmFjYmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMYgcBc6OyBqxy6mn31dxehjRhQUf8kyrem5Z+mni2wENU4D9ua7gaQazdm3
QfbYHnBhd6HOxvQCV8bs5zZKdjI51wE11waI0MMTjn3HAW8BWVLkKyefcJc4QTtw
PSj45pXi28hqWGVX7dFZVlCnFbW3WYTLcJ+3IxADMJyEGC6Y5OJvUQBnjldDCGSi
aBiWaefR3T/jkjhWmXU83/Ecpd15Nf4galxio/bnDPfE3nuDjrZvaiOe1h/YU9AP
67JdMfwkiB9isphnPXa5xR3Bk6/u+2Db+202lYNcoyPyFe6LgjoR7MqoKm9SXPep
fe4qUPK7HNCZy6Pp9NzF1U58/gUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSiCfL7
PIbUA8ve6z4fQxK5AFF+xjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmI3M2Q2MmYtNTEzYy00NjczLTg1NDctOTAyZTdmYTIxNDhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBy6JADAN
BgkqhkiG9w0BAQsFAAOCAQEADwRA681/2ye7rx6tsrjQRkJ68Gq+tyw1nZvVyW1d
It9VDUGMI9N68sScNlUKXmFF1/3u0HwRmhO9WfMeJRQvlmgePEQ1g4zzKeO6HozW
2SGoOpze/qM1071Db2bosJ/+GKrQaSJnqPmOYIhhoNN3JTbG/ORYu9oGXHMx3jd+
mk/MIABzv7p/RroD2IcXLiAvogV6eaNxo01mvdVQzi0lsUFuCZU4IgQd2doa8vDD
u2KlCaTAAo5KnVW+CP6x3M02jSD5ZPbQurYE9FxRmim8vJToNqHO4c4m09+IGvFI
IqAK93mH/7afw2jWPii6ZgxZA3DO4woqme9AzSf/d9g0iw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:11 2025 by rpki-client