Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa
File: ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa (raw, json)
Hash identifier: WCCcE8QKsD3ZpsnaBb+1PyTv6HpwGUEkd7MhSMFLcIY=
Subject key identifier: D6:41:8B:F6:D5:5A:21:3B:AE:ED:B4:45:E4:68:EE:DD:ED:E9:4A:BA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 63995AD8225362EC21C0948B255CBBB0325EC31E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa
Signing time: Fri 23 May 2025 00:40:43 +0000
ROA not before: Fri 23 May 2025 00:40:43 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:99:5a:d8:22:53:62:ec:21:c0:94:8b:25:5c:bb:b0:32:5e:c3:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:40:43 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=a8fd747aa7d2a86f2dfcf65eeb50cf52ac63c8ddb99ab9b6b8339c46fdcc7674, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7c:f1:c3:6f:88:1b:42:34:a0:9c:0a:1e:03:
79:aa:0c:ef:0b:53:8e:b3:19:d1:84:73:63:c3:5f:
3b:f0:d2:7c:4f:53:21:40:df:ff:cb:d9:c1:bf:24:
6e:cf:c8:fe:6d:58:60:5e:79:9d:6f:f0:4c:11:2b:
fa:be:31:07:29:a9:8c:31:68:58:85:d2:5d:e4:d6:
81:82:11:a1:63:be:24:08:d1:4b:1e:d5:92:4b:6b:
b1:06:98:91:3b:5f:f7:49:93:86:fc:88:93:b7:af:
41:74:04:65:a1:51:58:be:ec:b0:fa:a6:8d:20:05:
aa:35:99:dc:5e:bc:23:7b:3a:67:1e:79:f7:e6:9a:
7c:f8:6a:64:95:0f:0c:e7:9d:a2:59:69:c4:a1:20:
2c:be:30:cf:2b:e2:b9:34:fa:5f:21:8e:9d:6c:f0:
5d:ef:f3:50:f7:92:e9:90:7f:14:2e:a6:e1:dc:cf:
25:6a:0a:00:d1:d0:a2:30:af:35:f0:8d:ca:0e:0f:
8a:52:ae:67:0a:bd:75:27:23:cc:7b:75:b0:2b:1b:
1d:df:61:26:47:48:22:30:74:ad:1f:d4:ab:ec:50:
48:19:09:fa:e9:4b:97:4b:7e:f7:51:1a:47:1c:78:
95:6a:e0:4b:15:16:e8:10:bd:f0:3d:f1:2d:92:1a:
35:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:41:8B:F6:D5:5A:21:3B:AE:ED:B4:45:E4:68:EE:DD:ED:E9:4A:BA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:a000::/40
Signature Algorithm: sha256WithRSAEncryption
67:e2:db:98:f4:5e:1f:41:a8:f0:49:c8:89:bc:63:9d:44:24:
e8:89:bc:d1:38:a4:d6:78:48:d5:e8:b5:86:35:09:ac:5a:68:
35:d6:d4:1a:30:0f:71:f9:4f:80:aa:bb:4a:3b:02:2a:f4:fd:
34:e5:55:5a:da:e4:ef:9b:e9:31:c6:3c:d3:f0:e4:aa:73:23:
7c:8b:96:18:1d:f9:f5:b9:36:be:c8:d2:87:4c:93:94:c8:23:
d1:9e:ce:13:69:4e:2f:21:2d:84:92:3a:e2:44:6f:aa:d4:34:
7f:d7:a0:a7:57:c7:6c:fa:67:66:8a:ba:a7:90:42:01:7c:02:
2d:4d:5a:9c:45:96:5e:3f:7a:52:f2:0e:a5:c0:3d:5b:3b:77:
97:2a:9f:fb:91:e8:12:e6:ac:44:60:ed:fd:5f:5d:12:b7:e1:
af:96:42:22:30:f2:4a:41:74:df:2a:a4:af:b5:1c:09:91:c1:
0a:a8:68:96:28:cd:55:38:20:3e:82:0f:ca:c9:bd:24:e2:d7:
d4:43:13:86:d8:24:19:5d:0e:ea:84:ba:8b:cd:a2:80:77:4b:
6e:92:6c:60:88:d1:fd:14:eb:35:7d:f1:60:dd:e2:09:b1:34:
ec:61:4f:6d:b7:21:5a:00:33:0c:60:83:dd:dc:d5:c8:69:14:
3f:90:27:80
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY5la2CJTYuwhwJSLJVy7sDJewx4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQwNDNaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4ZmQ3NDdhYTdkMmE4NmYyZGZjZjY1ZWViNTBjZjUyYWM2M2M4ZGRiOTlh
YjliNmI4MzM5YzQ2ZmRjYzc2NzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK188cNviBtCNKCcCh4DeaoM7wtTjrMZ0YRzY8NfO/DSfE9TIUDf/8vZwb8k
bs/I/m1YYF55nW/wTBEr+r4xBympjDFoWIXSXeTWgYIRoWO+JAjRSx7VkktrsQaY
kTtf90mThvyIk7evQXQEZaFRWL7ssPqmjSAFqjWZ3F68I3s6Zx559+aafPhqZJUP
DOedollpxKEgLL4wzyviuTT6XyGOnWzwXe/zUPeS6ZB/FC6m4dzPJWoKANHQojCv
NfCNyg4PilKuZwq9dScjzHt1sCsbHd9hJkdIIjB0rR/Uq+xQSBkJ+ulLl0t+91Ea
Rxx4lWrgSxUW6BC98D3xLZIaNT8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTWQYv2
1VohO67ttEXkaO7d7elKujAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2UyYmMxZDctZTQyOS00MzUwLWI5Y2QtYTQ5MTU4ZDJiMTE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dig
MA0GCSqGSIb3DQEBCwUAA4IBAQBn4tuY9F4fQajwSciJvGOdRCToibzROKTWeEjV
6LWGNQmsWmg11tQaMA9x+U+AqrtKOwIq9P005VVa2uTvm+kxxjzT8OSqcyN8i5YY
Hfn1uTa+yNKHTJOUyCPRns4TaU4vIS2EkjriRG+q1DR/16CnV8ds+mdmirqnkEIB
fAItTVqcRZZeP3pS8g6lwD1bO3eXKp/7kegS5qxEYO39X10St+GvlkIiMPJKQXTf
KqSvtRwJkcEKqGiWKM1VOCA+gg/Kyb0k4tfUQxOG2CQZXQ7qhLqLzaKAd0tukmxg
iNH9FOs1ffFg3eIJsTTsYU9ttyFaADMMYIPd3NXIaRQ/kCeA
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:58 2025 by rpki-client