Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa
File: eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa (raw, json)
Hash identifier: QYb88tReIG10ruYw+OGICZGGzg2AkmgdQpLPKmcHSeM=
Subject key identifier: 83:F2:4D:8C:99:8A:55:92:CC:41:14:10:B7:B9:B6:BF:00:EB:39:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6555B711B3089A3103089FCB8AAEBEC39522B816
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa
Signing time: Tue 15 Apr 2025 15:01:29 +0000
ROA not before: Tue 15 Apr 2025 15:01:29 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:55:b7:11:b3:08:9a:31:03:08:9f:cb:8a:ae:be:c3:95:22:b8:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:01:29 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=0e13f7a04eeba4da04ccd06579b90a8493d902303e0d5f36be8e537c5a56ef25, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:91:fd:b6:b3:23:47:66:d2:ff:18:6c:c1:32:
a6:80:5d:05:c9:10:d9:c1:fd:fa:6d:4b:11:21:e1:
99:12:88:71:b0:a3:a9:a8:8f:9f:5e:be:ed:97:12:
7b:52:d1:c0:1b:f0:e4:3f:b4:78:fe:4e:78:b7:69:
c9:b6:ca:ce:41:33:ba:99:f1:e8:56:79:3f:79:08:
5d:b7:2c:b2:af:5b:29:a8:e8:b4:da:02:b0:f2:39:
32:35:71:bb:d7:76:24:4d:30:6e:d8:19:ae:e3:13:
5c:39:c6:08:e8:f0:6b:18:43:6f:1d:40:4e:f8:e8:
de:1e:78:6f:00:50:c3:16:77:ae:86:58:47:c9:d8:
27:85:7f:ea:32:8d:ee:ca:3e:49:57:06:18:84:92:
6c:da:68:a0:7a:2f:fd:fa:de:52:41:d6:9e:32:d8:
4f:11:7f:71:ee:af:b8:42:62:70:37:ee:52:69:c5:
49:c1:4c:13:6a:0a:21:b7:85:b6:47:6d:95:6a:af:
71:8b:24:c3:2a:94:13:a2:dd:15:ae:d9:7f:7e:8d:
8f:1e:41:83:fd:e5:d0:ee:da:0e:7c:82:66:2c:4f:
61:69:36:05:cd:e7:54:57:09:17:82:77:9c:1e:ef:
11:ff:db:5d:77:a1:74:e5:79:96:42:60:c5:de:37:
7d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:F2:4D:8C:99:8A:55:92:CC:41:14:10:B7:B9:B6:BF:00:EB:39:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/19
Signature Algorithm: sha256WithRSAEncryption
0c:1e:35:5e:8c:a9:08:b4:fb:7d:9b:28:f6:2f:c4:17:bf:56:
f1:ef:29:5a:8b:9c:bc:ce:e8:bb:47:16:12:2f:fe:3f:3a:76:
6d:3b:82:6c:ec:a5:5e:5e:68:41:2e:27:58:cf:5a:88:79:9b:
f5:71:1e:22:57:0b:55:b5:d4:90:24:e4:3f:ad:0e:68:c9:3a:
49:a9:5d:1a:2e:90:e1:ef:60:06:3f:95:c3:7c:e1:37:2b:5d:
f7:2b:b3:90:7f:fb:44:13:e4:ee:2b:78:3c:0d:d4:f1:35:6a:
7f:f1:49:02:75:22:d8:25:1c:43:10:0b:50:d1:f1:1d:11:34:
e7:c6:52:38:da:87:b9:f2:fd:5e:d2:f6:6b:22:b1:9d:55:dc:
86:d7:27:c8:a8:62:3f:0b:57:eb:62:f6:64:b5:74:66:18:d8:
a1:db:c0:11:15:45:86:fd:bd:6f:19:5b:f7:c1:14:9a:79:1a:
cc:93:97:d5:24:f3:00:e6:1a:e4:83:34:66:c5:6a:5e:2a:e3:
5e:0f:0a:66:fc:be:db:85:19:f5:87:1f:3a:ce:d8:43:fa:96:
6e:f8:2d:45:8e:5f:b6:f6:c4:58:b6:08:f7:e7:19:05:87:22:
d9:c7:53:69:56:5c:9f:e4:07:67:8b:cb:34:45:33:13:48:07:
73:65:f8:ef
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZVW3EbMImjEDCJ/Liq6+w5UiuBYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAxMjlaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlMTNmN2EwNGVlYmE0ZGEwNGNjZDA2NTc5YjkwYTg0OTNkOTAyMzAzZTBk
NWYzNmJlOGU1MzdjNWE1NmVmMjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKuR/bazI0dm0v8YbMEypoBdBckQ2cH9+m1LESHhmRKIcbCjqaiPn16+7ZcS
e1LRwBvw5D+0eP5OeLdpybbKzkEzupnx6FZ5P3kIXbcssq9bKajotNoCsPI5MjVx
u9d2JE0wbtgZruMTXDnGCOjwaxhDbx1ATvjo3h54bwBQwxZ3roZYR8nYJ4V/6jKN
7so+SVcGGISSbNpooHov/freUkHWnjLYTxF/ce6vuEJicDfuUmnFScFME2oKIbeF
tkdtlWqvcYskwyqUE6LdFa7Zf36Njx5Bg/3l0O7aDnyCZixPYWk2Bc3nVFcJF4J3
nB7vEf/bXXehdOV5lkJgxd43fScCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSD8k2M
mYpVksxBFBC3uba/AOs5GTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWFiOGJhNjItNTkzNC00YzliLTliZDktMTBmZGQyNDk0NjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiADAN
BgkqhkiG9w0BAQsFAAOCAQEADB41XoypCLT7fZso9i/EF79W8e8pWoucvM7ou0cW
Ei/+Pzp2bTuCbOylXl5oQS4nWM9aiHmb9XEeIlcLVbXUkCTkP60OaMk6SaldGi6Q
4e9gBj+Vw3zhNytd9yuzkH/7RBPk7it4PA3U8TVqf/FJAnUi2CUcQxALUNHxHRE0
58ZSONqHufL9XtL2ayKxnVXchtcnyKhiPwtX62L2ZLV0ZhjYodvAERVFhv29bxlb
98EUmnkazJOX1STzAOYa5IM0ZsVqXirjXg8KZvy+24UZ9YcfOs7YQ/qWbvgtRY5f
tvbEWLYI9+cZBYci2cdTaVZcn+QHZ4vLNEUzE0gHc2X47w==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:17 2025 by rpki-client