Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec7e5637-f312-4c51-b644-29324b74734e.roa
File: ec7e5637-f312-4c51-b644-29324b74734e.roa (raw, json)
Hash identifier: R8/fix9zTzv7sifl7dBMYVgi5UXqOB6QQ25+mutOizI=
Subject key identifier: 9D:AA:30:FE:4F:E8:68:60:90:45:5D:D8:86:19:2A:C5:2E:4A:52:5E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F12B0F8E2628989EB2B2A54F52F6629AC2D0630
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec7e5637-f312-4c51-b644-29324b74734e.roa
Signing time: Tue 15 Apr 2025 15:00:56 +0000
ROA not before: Tue 15 Apr 2025 15:00:56 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:12:b0:f8:e2:62:89:89:eb:2b:2a:54:f5:2f:66:29:ac:2d:06:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:00:56 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=a8289e565c36d399f468da037b3fdf070c37b8dd9caaeb45cf2ed0d51b126272, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:19:7f:3a:48:f3:b9:a9:b2:9e:2f:8e:6d:9d:
8f:39:e5:b4:4c:14:24:47:4e:0b:5e:d9:d5:46:64:
c1:81:81:32:4e:8c:a2:37:13:b3:97:da:5a:d8:82:
99:ef:66:bb:6c:6f:c6:fe:8c:7e:e6:e2:10:f0:5e:
31:85:78:90:7b:71:11:5c:c4:1a:28:c6:de:70:4d:
ea:9a:78:ed:c0:f8:53:a8:53:e2:b2:06:8d:72:26:
e7:07:9d:f1:d8:4f:4c:c2:01:17:9a:95:27:51:61:
4c:90:69:70:47:21:61:ab:87:4a:4d:14:36:2b:db:
73:5c:cd:04:2c:b9:f0:74:c8:6e:b8:7c:f6:6e:21:
dd:e9:09:46:95:50:ca:2a:b9:e5:4d:04:e3:93:7e:
f4:23:1f:13:c5:d1:15:02:bd:5a:14:34:97:a3:9c:
29:2d:b0:6b:87:3a:fe:3c:3f:8f:79:00:29:8e:a0:
ea:f5:40:96:9e:6c:80:58:e6:cb:6b:34:0b:a3:bf:
8d:73:2f:ac:b7:b3:77:36:36:7f:10:49:cf:0b:29:
bc:51:a5:c6:df:97:a1:15:96:19:d1:65:d7:1d:ee:
7c:b5:6d:a4:d6:39:c7:38:0f:1c:37:98:bc:6b:1d:
f9:ce:12:41:66:0f:e5:73:a0:b3:a1:08:b2:08:56:
44:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:AA:30:FE:4F:E8:68:60:90:45:5D:D8:86:19:2A:C5:2E:4A:52:5E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec7e5637-f312-4c51-b644-29324b74734e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.224.0/19
Signature Algorithm: sha256WithRSAEncryption
be:7d:f6:a4:3b:35:14:0c:e1:47:76:d2:e4:a5:ef:26:44:d0:
92:46:7c:0f:e7:4b:8d:fb:66:84:df:78:e8:16:01:48:63:25:
e6:38:f6:bc:24:f2:04:ae:8e:16:56:e4:bd:f4:fa:7e:fe:b7:
1e:bc:bf:98:4e:51:9d:00:f2:e1:2c:4c:0c:7e:0f:65:d1:ae:
10:b7:54:61:63:c4:7e:68:48:b8:e0:61:81:31:c3:1f:1f:9c:
69:31:1e:29:53:32:bb:9d:a6:b5:e0:26:73:8a:2c:99:27:4e:
fa:31:f4:df:c2:d0:a3:2c:fe:40:76:5d:c3:6c:37:d6:fb:35:
90:6a:05:59:d4:23:51:f3:28:da:5d:fd:24:8a:58:f4:f1:2d:
d5:f1:b0:fa:e7:38:be:ed:67:6b:1f:88:0d:8a:31:7a:68:20:
57:f7:15:ad:11:aa:06:fb:79:62:a3:16:8a:b6:36:1f:8e:2e:
86:4a:3e:bd:c4:c4:c7:3a:25:82:33:61:a0:e2:1b:9c:c4:82:
db:2d:d0:f3:53:b7:9d:4f:d1:e7:04:e3:cc:7e:fe:a9:20:85:
7e:08:83:04:d3:2d:65:42:fd:67:9c:6d:d4:b4:f5:86:49:29:
aa:47:bf:a0:8e:8e:46:dc:f9:65:16:2d:78:70:7c:2c:db:18:
a7:34:1c:24
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXxKw+OJiiYnrKypU9S9mKawtBjAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAwNTZaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4Mjg5ZTU2NWMzNmQzOTlmNDY4ZGEwMzdiM2ZkZjA3MGMzN2I4ZGQ5Y2Fh
ZWI0NWNmMmVkMGQ1MWIxMjYyNzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOQZfzpI87mpsp4vjm2djznltEwUJEdOC17Z1UZkwYGBMk6MojcTs5faWtiC
me9mu2xvxv6MfubiEPBeMYV4kHtxEVzEGijG3nBN6pp47cD4U6hT4rIGjXIm5wed
8dhPTMIBF5qVJ1FhTJBpcEchYauHSk0UNivbc1zNBCy58HTIbrh89m4h3ekJRpVQ
yiq55U0E45N+9CMfE8XRFQK9WhQ0l6OcKS2wa4c6/jw/j3kAKY6g6vVAlp5sgFjm
y2s0C6O/jXMvrLezdzY2fxBJzwspvFGlxt+XoRWWGdFl1x3ufLVtpNY5xzgPHDeY
vGsd+c4SQWYP5XOgs6EIsghWRAcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSdqjD+
T+hoYJBFXdiGGSrFLkpSXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWM3ZTU2MzctZjMxMi00YzUxLWI2NDQtMjkzMjRiNzQ3MzRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAi4DAN
BgkqhkiG9w0BAQsFAAOCAQEAvn32pDs1FAzhR3bS5KXvJkTQkkZ8D+dLjftmhN94
6BYBSGMl5jj2vCTyBK6OFlbkvfT6fv63Hry/mE5RnQDy4SxMDH4PZdGuELdUYWPE
fmhIuOBhgTHDHx+caTEeKVMyu52mteAmc4osmSdO+jH038LQoyz+QHZdw2w31vs1
kGoFWdQjUfMo2l39JIpY9PEt1fGw+uc4vu1nax+IDYoxemggV/cVrRGqBvt5YqMW
irY2H44uhko+vcTExzolgjNhoOIbnMSC2y3Q81O3nU/R5wTjzH7+qSCFfgiDBNMt
ZUL9Z5xt1LT1hkkpqke/oI6ORtz5ZRYteHB8LNsYpzQcJA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:32 2025 by rpki-client