Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb25223c-7312-415c-8345-87bab137dfea.roa
File: cb25223c-7312-415c-8345-87bab137dfea.roa (raw, json)
Hash identifier: pYv0tQdL91we90M7M2xswcqKFcXlcyEEHtK9sMMloPs=
Subject key identifier: A8:D1:6C:83:2D:E0:2F:BB:0C:A7:3B:F7:EE:7F:66:37:F9:D1:C2:9E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 38E453E17EAE7791C18E5819BBDB9504EF41F953
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb25223c-7312-415c-8345-87bab137dfea.roa
Signing time: Thu 17 Apr 2025 20:36:54 +0000
ROA not before: Thu 17 Apr 2025 20:36:54 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:e4:53:e1:7e:ae:77:91:c1:8e:58:19:bb:db:95:04:ef:41:f9:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 20:36:54 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=1d8f7c6667db6b8d3f6f788044a686ec5658865a35497879f80547d4d7c94967, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e3:48:aa:49:1d:0a:4d:89:ca:76:9a:dd:9b:
16:ee:22:20:35:f1:9b:9d:44:fa:42:06:b7:4a:94:
90:cd:59:e7:35:20:39:87:b7:98:c1:1c:03:7c:28:
dd:0d:32:16:e6:69:bd:98:cb:a4:5f:b6:8c:c1:0a:
c9:61:c7:e6:9b:3b:81:1b:99:86:bd:5e:ec:69:cd:
f6:2b:17:b0:e1:5b:4a:18:93:c3:22:ea:9c:f5:6b:
0b:81:83:19:49:76:5b:71:1b:2d:25:b3:5b:ee:06:
18:0c:0c:91:3a:de:a8:07:10:f0:b0:7d:ce:bc:37:
bc:9f:30:6c:e8:67:f0:6f:22:e7:5b:f8:3d:64:f8:
71:04:de:eb:55:cf:df:59:04:e7:71:c3:d3:c7:6a:
cd:89:54:80:2b:23:fa:e7:60:31:a1:a8:76:7f:2c:
b6:d9:94:e2:62:06:e6:0b:4c:6e:a9:56:98:94:7c:
e9:d2:2b:3f:48:c0:2a:ab:27:eb:84:4b:6c:df:e4:
16:c4:52:72:59:e4:89:47:d5:fc:fe:86:31:9e:f6:
cb:15:d8:22:59:9f:1f:b4:ee:5a:69:cb:d7:93:78:
6a:c8:ee:ba:7c:3b:47:aa:95:19:ee:aa:fc:6e:cf:
4a:ba:88:6c:80:ba:f8:48:e2:19:bd:f6:29:a5:73:
81:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:D1:6C:83:2D:E0:2F:BB:0C:A7:3B:F7:EE:7F:66:37:F9:D1:C2:9E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb25223c-7312-415c-8345-87bab137dfea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:e000::/40
Signature Algorithm: sha256WithRSAEncryption
11:7f:d1:68:0a:2b:8c:f3:5b:ec:cf:a0:8e:29:60:96:79:61:
fe:82:f7:26:0b:0c:cc:c4:70:22:dc:ad:27:d6:ee:6b:5a:ae:
ab:8c:11:ca:da:44:bc:8f:e4:8a:21:6c:cb:b6:f6:b9:f9:23:
84:65:2b:8c:8f:1e:93:2f:69:a3:a0:61:30:13:1f:24:90:03:
81:15:30:40:a6:22:94:d0:e8:b5:d3:21:c0:ae:05:1d:6d:14:
8c:a7:29:b8:7d:d1:48:24:3a:bc:09:72:98:18:b9:5b:4e:c1:
58:44:0c:2b:82:b7:78:1a:8a:37:7a:e9:81:53:f1:0c:74:c7:
70:72:0f:82:e9:3b:9a:fd:a0:44:b0:f4:2d:16:6c:57:07:aa:
8d:15:69:22:de:1f:39:43:d2:56:21:7a:3e:4e:74:fc:36:c8:
67:c9:c4:53:d1:71:45:c5:ea:73:fd:99:6b:30:15:b7:eb:61:
92:d3:81:ce:0d:f5:ba:c8:11:2f:1c:d1:10:55:60:c3:72:21:
e8:d7:0e:1b:4b:5e:09:f0:29:7d:d4:00:f2:a6:29:7e:8a:82:
88:9e:39:66:95:7e:51:c7:a1:a4:cd:99:a8:55:a5:23:71:e4:
65:35:4c:9c:46:94:05:18:69:b4:06:1e:41:77:36:93:36:58:
90:7a:80:6f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOORT4X6ud5HBjlgZu9uVBO9B+VMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcyMDM2NTRaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkOGY3YzY2NjdkYjZiOGQzZjZmNzg4MDQ0YTY4NmVjNTY1ODg2NWEzNTQ5
Nzg3OWY4MDU0N2Q0ZDdjOTQ5NjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7jSKpJHQpNicp2mt2bFu4iIDXxm51E+kIGt0qUkM1Z5zUgOYe3mMEcA3wo
3Q0yFuZpvZjLpF+2jMEKyWHH5ps7gRuZhr1e7GnN9isXsOFbShiTwyLqnPVrC4GD
GUl2W3EbLSWzW+4GGAwMkTreqAcQ8LB9zrw3vJ8wbOhn8G8i51v4PWT4cQTe61XP
31kE53HD08dqzYlUgCsj+udgMaGodn8sttmU4mIG5gtMbqlWmJR86dIrP0jAKqsn
64RLbN/kFsRSclnkiUfV/P6GMZ72yxXYIlmfH7TuWmnL15N4asjuunw7R6qVGe6q
/G7PSrqIbIC6+EjiGb32KaVzgb0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSo0WyD
LeAvuwynO/fuf2Y3+dHCnjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2IyNTIyM2MtNzMxMi00MTVjLTgzNDUtODdiYWIxMzdkZmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fvg
MA0GCSqGSIb3DQEBCwUAA4IBAQARf9FoCiuM81vsz6COKWCWeWH+gvcmCwzMxHAi
3K0n1u5rWq6rjBHK2kS8j+SKIWzLtva5+SOEZSuMjx6TL2mjoGEwEx8kkAOBFTBA
piKU0Oi10yHArgUdbRSMpym4fdFIJDq8CXKYGLlbTsFYRAwrgrd4Goo3eumBU/EM
dMdwcg+C6Tua/aBEsPQtFmxXB6qNFWki3h85Q9JWIXo+TnT8NshnycRT0XFFxepz
/ZlrMBW362GS04HODfW6yBEvHNEQVWDDciHo1w4bS14J8Cl91ADypil+ioKInjlm
lX5Rx6GkzZmoVaUjceRlNUycRpQFGGm0Bh5BdzaTNliQeoBv
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:08 2025 by rpki-client