Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
File: bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa (raw, json)
Hash identifier: cOze7M6zbkwSwINbkMgrDoPGavLdjpYU/HnMsE4Mrs4=
Subject key identifier: 88:38:F5:81:5D:A0:99:7C:D5:25:1F:C1:AF:30:97:BD:0A:B0:6F:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 662923ED4B58AFFEC901DBA65C3226E35F6975A5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
Signing time: Mon 14 Apr 2025 17:30:49 +0000
ROA not before: Mon 14 Apr 2025 17:30:49 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:29:23:ed:4b:58:af:fe:c9:01:db:a6:5c:32:26:e3:5f:69:75:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:49 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=17da16d395b5acd777e3cc3d40400ce28030a936a970a02afb2dff26333a165f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:16:6e:b6:40:33:4a:36:5e:83:db:58:52:d4:
f3:f1:0b:e9:54:b4:d2:bb:aa:a7:9b:99:0e:80:0d:
4d:18:dd:56:bd:26:af:60:0f:51:2f:a9:b5:d1:87:
a1:a0:f4:86:b5:9d:5e:f8:1f:6f:06:6b:05:58:dd:
ed:48:1c:e3:c9:9e:51:1b:3a:a0:12:7a:fe:95:90:
f6:bc:d6:17:ce:28:b8:91:2a:70:85:b8:c4:09:ae:
1c:2b:03:89:ff:a1:d5:8c:4b:ee:c0:c7:9b:cd:c0:
97:8d:e9:f4:0d:6f:eb:a7:1d:ff:26:94:53:f3:90:
67:da:c2:b2:37:8a:07:0d:8f:a6:18:20:f1:c0:e2:
b9:11:ba:d0:77:4d:68:d1:17:6e:93:1e:de:64:ed:
86:6a:db:be:5e:0f:6f:48:36:05:01:30:f4:dd:7f:
61:57:d6:09:4b:06:f0:cf:e3:d6:8c:da:cf:02:3b:
e2:c6:86:7e:7b:0c:e1:4c:ed:64:15:44:e3:f8:83:
a7:e3:a4:6a:4f:6d:28:75:b0:be:bc:89:b7:2c:30:
fd:5d:9f:b8:d9:51:eb:44:a8:f3:6b:cb:65:4a:8b:
cd:77:18:17:6e:32:e2:31:34:70:76:c4:4d:73:ba:
04:b8:21:7e:38:45:16:59:cf:71:ec:a8:f3:d3:86:
b6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:38:F5:81:5D:A0:99:7C:D5:25:1F:C1:AF:30:97:BD:0A:B0:6F:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bd:a4:0d:15:bc:65:dc:77:c0:77:c8:a8:88:f3:67:ec:58:d8:
b3:20:bc:a9:cb:ad:fe:6b:16:18:82:ad:d4:ee:81:2b:59:2c:
b0:f5:1d:e7:2f:e9:fe:54:5a:9e:1f:43:0c:f1:9b:d1:ee:cb:
73:be:32:08:dd:b7:a3:d2:3e:9a:76:9f:d4:4b:3a:d6:de:40:
03:02:11:78:79:b7:88:b5:a7:42:00:60:e8:85:ad:d1:03:56:
31:c3:00:61:51:bb:2e:e7:94:1c:24:ea:0e:a7:28:e1:9a:e1:
f3:d5:44:ac:c7:78:c9:7f:f6:a0:a7:c1:e8:09:c7:67:a0:90:
d7:83:8e:99:a3:e6:2b:70:1d:86:91:89:44:d8:fb:44:9d:58:
c5:74:65:20:78:33:5c:55:33:1a:50:54:d5:e3:52:e8:4b:98:
b0:fd:b2:9a:60:9a:30:f4:f8:e8:9c:7a:fe:20:9d:82:1b:b0:
f2:db:cd:c9:1e:7b:bd:12:47:48:3f:85:e0:f6:8c:37:f8:2e:
56:7b:fe:3b:47:7f:87:e7:f1:a1:a5:da:cb:3c:7f:c4:c7:7d:
e8:46:45:c2:0e:31:33:08:7b:96:3b:0d:48:db:79:9f:fb:9b:
00:51:de:8b:05:45:5b:46:d4:ce:cc:43:9b:51:0a:57:9a:23:
fe:38:5c:02
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZikj7UtYr/7JAdumXDIm419pdaUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwNDlaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3ZGExNmQzOTViNWFjZDc3N2UzY2MzZDQwNDAwY2UyODAzMGE5MzZhOTcw
YTAyYWZiMmRmZjI2MzMzYTE2NWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMIWbrZAM0o2XoPbWFLU8/EL6VS00ruqp5uZDoANTRjdVr0mr2APUS+ptdGH
oaD0hrWdXvgfbwZrBVjd7Ugc48meURs6oBJ6/pWQ9rzWF84ouJEqcIW4xAmuHCsD
if+h1YxL7sDHm83Al43p9A1v66cd/yaUU/OQZ9rCsjeKBw2Pphgg8cDiuRG60HdN
aNEXbpMe3mTthmrbvl4Pb0g2BQEw9N1/YVfWCUsG8M/j1ozazwI74saGfnsM4Uzt
ZBVE4/iDp+Okak9tKHWwvryJtyww/V2fuNlR60So82vLZUqLzXcYF24y4jE0cHbE
TXO6BLghfjhFFlnPceyo89OGtg8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSIOPWB
XaCZfNUlH8GvMJe9CrBv6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRkZDVkNTItZjA5Ny00YWEwLTlhNzEtYWE3YjY3NTJkY2FhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAC6JMA0G
CSqGSIb3DQEBCwUAA4IBAQC9pA0VvGXcd8B3yKiI82fsWNizILypy63+axYYgq3U
7oErWSyw9R3nL+n+VFqeH0MM8ZvR7stzvjII3bej0j6adp/USzrW3kADAhF4ebeI
tadCAGDoha3RA1YxwwBhUbsu55QcJOoOpyjhmuHz1USsx3jJf/agp8HoCcdnoJDX
g46Zo+YrcB2GkYlE2PtEnVjFdGUgeDNcVTMaUFTV41LoS5iw/bKaYJow9PjonHr+
IJ2CG7Dy283JHnu9EkdIP4Xg9ow3+C5We/47R3+H5/GhpdrLPH/Ex33oRkXCDjEz
CHuWOw1I23mf+5sAUd6LBUVbRtTOzEObUQpXmiP+OFwC
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:25 2025 by rpki-client