Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa
File: c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa (raw, json)
Hash identifier: VQtOQHXCcXGE863RMLk+bNm3eRQdFA5YpHh0kraZGAQ=
Subject key identifier: FF:3F:00:B9:CA:E8:62:24:38:D7:DE:DA:25:BF:F8:54:3C:39:E8:C9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 075C873A1AABD04D00D5971CD42A845596888F60
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa
Signing time: Tue 15 Apr 2025 15:01:37 +0000
ROA not before: Tue 15 Apr 2025 15:01:37 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.128.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:5c:87:3a:1a:ab:d0:4d:00:d5:97:1c:d4:2a:84:55:96:88:8f:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:01:37 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=ed37f5ad59edc363c2fad1a3847014921cdf66db2f2ef5683a0bac6e6fea3a42, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ae:7d:06:c1:cc:da:6e:eb:dc:90:4b:49:96:
67:60:6f:f0:70:63:1b:7a:ea:69:6f:b8:2c:93:da:
37:56:d2:13:08:84:b1:95:bb:9c:70:e7:f7:fd:4b:
c4:9f:86:58:a2:2e:5f:44:d2:ea:e1:89:4a:6b:06:
f7:7a:13:6a:0b:10:8a:8c:41:55:69:62:24:1e:be:
3b:2f:09:a2:06:74:46:f1:e5:c3:39:a4:04:c5:c2:
3e:84:31:4f:44:21:af:79:85:47:7b:1f:ca:53:fc:
81:38:2c:cf:1c:54:24:80:69:6e:40:93:9e:56:0c:
e8:63:72:7b:d2:e5:f7:95:9c:61:68:86:ef:a1:82:
6c:79:9c:39:bf:c9:55:e9:74:12:b7:9d:12:96:7d:
71:69:cc:fc:82:83:45:01:8b:a2:e1:24:fd:48:ba:
6c:f0:0c:9a:bc:7e:08:2a:fa:48:f7:de:6a:94:a0:
34:41:86:8f:8c:d1:9b:ac:d1:80:f5:87:9e:1d:75:
3e:2e:ca:55:28:b1:3e:23:75:27:b1:4b:c7:c0:46:
b8:8b:73:fa:a7:d5:fb:54:84:b8:6d:43:94:f4:ed:
1a:23:14:d3:9f:97:ce:ac:d7:1b:3a:af:9f:e4:1c:
82:69:a8:61:b7:55:2e:00:08:b2:a3:9a:8e:0a:c4:
cd:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:3F:00:B9:CA:E8:62:24:38:D7:DE:DA:25:BF:F8:54:3C:39:E8:C9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.128.0/20
Signature Algorithm: sha256WithRSAEncryption
c4:8c:84:ae:be:e6:fc:5c:d5:2c:42:aa:20:3b:42:da:10:1e:
38:32:2b:3b:b7:39:a1:f4:7f:36:90:5d:ed:37:cc:81:d9:39:
ca:d0:a5:2c:ab:c7:6b:32:61:3e:ef:98:f6:3c:42:94:58:61:
bb:1a:91:d9:60:3b:a0:39:ec:54:08:55:d3:4a:3b:0a:88:42:
9f:26:88:b1:60:f1:63:85:1a:a0:cf:ae:de:ad:cb:ff:e5:f4:
e1:dd:b0:cc:27:22:ad:df:e0:cf:3b:01:d6:93:fa:1a:08:ae:
63:65:3a:d4:fa:b3:5c:e3:77:59:3c:1e:25:43:e9:99:89:7a:
3a:29:12:4a:be:f2:83:69:5d:74:32:dd:ed:b0:64:64:82:14:
b5:88:83:eb:e7:8a:e2:a0:91:9e:80:24:37:68:2e:f0:7e:04:
39:b5:d0:30:9e:9f:d8:3a:aa:23:cf:1e:fb:3a:01:93:fe:26:
5b:50:6e:aa:13:a4:85:e9:01:82:fd:15:69:9e:f2:cd:8e:eb:
6d:d3:36:58:9c:54:72:a3:fb:0f:26:8b:36:7e:69:2e:f1:9e:
52:05:9c:17:7e:e4:cf:f5:8b:a0:34:63:ae:be:ef:ce:ec:03:
bb:17:5d:eb:cc:47:f1:e0:94:20:81:71:af:3b:4c:a7:ec:79:
dd:75:6a:3b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUB1yHOhqr0E0A1Zcc1CqEVZaIj2AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAxMzdaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkMzdmNWFkNTllZGMzNjNjMmZhZDFhMzg0NzAxNDkyMWNkZjY2ZGIyZjJl
ZjU2ODNhMGJhYzZlNmZlYTNhNDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+ufQbBzNpu69yQS0mWZ2Bv8HBjG3rqaW+4LJPaN1bSEwiEsZW7nHDn9/1L
xJ+GWKIuX0TS6uGJSmsG93oTagsQioxBVWliJB6+Oy8JogZ0RvHlwzmkBMXCPoQx
T0Qhr3mFR3sfylP8gTgszxxUJIBpbkCTnlYM6GNye9Ll95WcYWiG76GCbHmcOb/J
Vel0EredEpZ9cWnM/IKDRQGLouEk/Ui6bPAMmrx+CCr6SPfeapSgNEGGj4zRm6zR
gPWHnh11Pi7KVSixPiN1J7FLx8BGuItz+qfV+1SEuG1DlPTtGiMU05+XzqzXGzqv
n+QcgmmoYbdVLgAIsqOajgrEzUsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT/PwC5
yuhiJDjX3tolv/hUPDnoyTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzJjZDRkZGYtOWEzOC00MjVhLTgwMjEtYzQ1ZWQ5NmM1MGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAigDAN
BgkqhkiG9w0BAQsFAAOCAQEAxIyErr7m/FzVLEKqIDtC2hAeODIrO7c5ofR/NpBd
7TfMgdk5ytClLKvHazJhPu+Y9jxClFhhuxqR2WA7oDnsVAhV00o7CohCnyaIsWDx
Y4UaoM+u3q3L/+X04d2wzCcird/gzzsB1pP6GgiuY2U61PqzXON3WTweJUPpmYl6
OikSSr7yg2lddDLd7bBkZIIUtYiD6+eK4qCRnoAkN2gu8H4EObXQMJ6f2DqqI88e
+zoBk/4mW1BuqhOkhekBgv0VaZ7yzY7rbdM2WJxUcqP7DyaLNn5pLvGeUgWcF37k
z/WLoDRjrr7vzuwDuxdd68xH8eCUIIFxrztMp+x53XVqOw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:35:27 2025 by rpki-client