Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbe6491-8b72-4a7b-a538-1d2f7866c8e3.roa
File: ddbe6491-8b72-4a7b-a538-1d2f7866c8e3.roa (raw, json)
Hash identifier: 5GNJokUB+LajM0vxZKc0KI1m6fgKNayG30CLrYH2ojY=
Subject key identifier: 72:1F:F3:C9:39:E7:97:21:32:E4:A4:50:7B:37:80:52:17:50:F4:42
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1AC0AF126826F5C34324DED224D0A4B33D97909C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbe6491-8b72-4a7b-a538-1d2f7866c8e3.roa
Signing time: Tue 20 May 2025 19:40:20 +0000
ROA not before: Tue 20 May 2025 19:40:20 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:1040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:c0:af:12:68:26:f5:c3:43:24:de:d2:24:d0:a4:b3:3d:97:90:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:40:20 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=aa5fab0e858dca69a6c3389cb9785c9008f6a7e41431732886234a9d23a20e06, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c4:ef:a0:86:d5:46:9f:bb:58:4d:c1:78:73:
50:9f:0a:79:ca:9c:97:c9:1f:5c:d4:fd:3d:af:4b:
84:b5:af:e4:95:76:80:a1:17:19:23:c9:39:8b:01:
a2:a9:46:f4:99:e0:79:89:5f:18:21:63:c8:42:13:
a2:38:4d:5c:3f:aa:19:c3:82:7b:3e:da:8d:4e:b9:
3e:1b:b6:db:5f:6e:90:2d:59:88:26:45:4d:4a:6f:
72:a9:4c:1f:cf:0c:7b:35:f9:c9:f4:62:b4:55:27:
86:f5:c2:6c:f9:6a:59:71:1e:d8:86:6b:64:d7:2c:
9f:68:f1:d0:13:b1:7c:d3:d3:c9:a3:a9:a7:3b:d0:
80:1b:fc:23:81:9d:e7:60:64:48:a4:9e:e1:e9:86:
f5:7c:d5:f2:57:ba:ff:ed:59:1f:27:50:c2:64:65:
cd:17:05:5b:19:00:0b:47:e5:48:12:61:ca:00:56:
cd:db:7f:16:95:cb:2e:fe:9a:80:45:91:7b:0f:03:
21:5b:1a:2e:f4:2b:2b:54:9d:14:ba:29:b3:e0:04:
88:11:ad:a3:b2:73:00:e5:e8:e8:48:d9:8c:7b:de:
38:21:18:be:8e:b5:ff:21:73:b5:e0:67:0b:f8:a4:
e6:27:2e:0d:f2:de:d0:2f:53:06:27:df:0b:25:b6:
59:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:1F:F3:C9:39:E7:97:21:32:E4:A4:50:7B:37:80:52:17:50:F4:42
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbe6491-8b72-4a7b-a538-1d2f7866c8e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:1040::/46
Signature Algorithm: sha256WithRSAEncryption
46:ba:dd:42:76:dd:9b:07:d3:b3:6b:07:f2:73:7c:da:51:23:
d1:8a:9d:cc:d7:ab:b5:9d:ce:d9:48:19:cf:c3:c4:92:46:14:
a9:3f:1d:53:39:82:3c:90:0e:9c:1d:1e:a0:4d:41:db:92:fe:
df:4f:02:d8:6d:1c:a4:c7:21:8c:df:1f:eb:14:63:5d:ca:27:
16:af:c2:f7:4f:61:05:1d:e8:d4:33:38:10:ec:3b:ad:52:79:
45:5b:77:40:9c:31:ce:5a:8c:e0:9f:02:ee:2f:65:71:06:7f:
7c:cc:4e:9c:40:ec:79:ed:b6:13:84:b1:3f:f9:3e:91:cc:5c:
f1:26:30:45:13:d2:99:66:25:be:c1:c5:84:6e:1d:7d:07:f8:
78:ae:82:51:91:e3:d5:55:a6:57:eb:81:f4:96:e7:d0:db:7e:
b3:8c:07:a5:12:97:c5:2e:52:ae:6f:ac:14:6b:c6:b4:77:52:
5e:de:bb:40:5a:87:9a:c9:86:c3:1a:9d:0b:42:94:1e:fa:e7:
d6:af:83:24:89:59:b6:39:31:bc:6f:10:8b:b8:47:9c:0f:aa:
b2:35:ee:1a:66:d1:7e:0f:4b:9d:97:5f:a9:a8:6e:ee:4f:21:
e6:8c:03:33:32:ed:5d:d9:2e:83:80:b2:13:16:d0:10:fc:a0:
23:97:90:da
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGsCvEmgm9cNDJN7SJNCksz2XkJwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTQwMjBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhNWZhYjBlODU4ZGNhNjlhNmMzMzg5Y2I5Nzg1YzkwMDhmNmE3ZTQxNDMx
NzMyODg2MjM0YTlkMjNhMjBlMDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANbE76CG1Uafu1hNwXhzUJ8Kecqcl8kfXNT9Pa9LhLWv5JV2gKEXGSPJOYsB
oqlG9JngeYlfGCFjyEITojhNXD+qGcOCez7ajU65Phu2219ukC1ZiCZFTUpvcqlM
H88MezX5yfRitFUnhvXCbPlqWXEe2IZrZNcsn2jx0BOxfNPTyaOppzvQgBv8I4Gd
52BkSKSe4emG9XzV8le6/+1ZHydQwmRlzRcFWxkAC0flSBJhygBWzdt/FpXLLv6a
gEWRew8DIVsaLvQrK1SdFLops+AEiBGto7JzAOXo6EjZjHveOCEYvo61/yFzteBn
C/ik5icuDfLe0C9TBiffCyW2WW8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRyH/PJ
OeeXITLkpFB7N4BSF1D0QjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGRiZTY0OTEtOGI3Mi00YTdiLWE1MzgtMWQyZjc4NjZjOGUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DUQ
QDANBgkqhkiG9w0BAQsFAAOCAQEARrrdQnbdmwfTs2sH8nN82lEj0YqdzNertZ3O
2UgZz8PEkkYUqT8dUzmCPJAOnB0eoE1B25L+308C2G0cpMchjN8f6xRjXconFq/C
909hBR3o1DM4EOw7rVJ5RVt3QJwxzlqM4J8C7i9lcQZ/fMxOnEDsee22E4SxP/k+
kcxc8SYwRRPSmWYlvsHFhG4dfQf4eK6CUZHj1VWmV+uB9Jbn0Nt+s4wHpRKXxS5S
rm+sFGvGtHdSXt67QFqHmsmGwxqdC0KUHvrn1q+DJIlZtjkxvG8Qi7hHnA+qsjXu
GmbRfg9LnZdfqahu7k8h5owDMzLtXdkug4CyExbQEPygI5eQ2g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:46 2025 by rpki-client