Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec7e5637-f312-4c51-b644-29324b74734e.roa
File: ec7e5637-f312-4c51-b644-29324b74734e.roa (raw, json)
Hash identifier: xKyasNtVTzmbOMchwYLy+rZ879fLRB3Y2PCi1hZNcMQ=
Subject key identifier: 58:18:E3:33:B9:21:71:DA:C0:B3:86:0F:38:1C:DE:82:5E:9B:D4:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 60542DC2DF796224D4904F9155EB8E104DFD4E5F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec7e5637-f312-4c51-b644-29324b74734e.roa
Signing time: Fri 06 Jun 2025 15:00:58 +0000
ROA not before: Fri 06 Jun 2025 15:00:58 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:54:2d:c2:df:79:62:24:d4:90:4f:91:55:eb:8e:10:4d:fd:4e:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:00:58 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=1e5180c6ca7bc68e0cebc41784d7f3046dcee7ec4d464043c49dceff26e9a053, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:80:88:cf:8f:12:45:ba:0b:7f:49:42:1d:80:
f8:94:c2:d5:c3:49:ec:48:00:d6:82:36:ba:9b:69:
17:1b:8a:ac:d2:13:e8:75:d8:7b:98:68:45:a5:2e:
1f:25:fd:e4:29:5f:d6:9d:b3:59:3b:88:ce:2c:de:
9e:f9:8b:0a:43:3b:11:17:4c:93:27:1a:8c:bb:8c:
62:8b:ec:3a:a0:63:02:e1:5f:30:1c:54:c6:05:d5:
32:b2:88:02:55:d2:49:18:ee:5c:3f:82:e7:67:c4:
9b:c8:b3:f0:a5:10:95:df:4b:fb:6c:2d:74:20:f3:
80:09:2c:b7:30:99:1d:0a:7a:8b:89:4f:c8:d5:47:
b7:aa:ab:85:8b:e8:50:eb:00:d1:fd:bd:a3:f0:ea:
f4:75:46:5a:f7:90:5a:e0:49:bf:d9:cb:fc:1f:5f:
6d:fc:1d:c2:5d:6e:df:f3:4e:77:88:57:7e:06:0f:
09:e7:4a:ac:92:4d:4b:47:48:83:d8:7d:cb:37:a4:
48:ee:3a:25:9e:6d:87:47:0e:d7:e3:aa:77:cb:d8:
6b:ab:14:9d:c7:62:2c:1b:78:79:fd:cb:a6:31:71:
a2:5c:59:aa:03:bb:b8:9f:8f:fd:53:3a:34:a0:cf:
1f:59:71:06:0f:72:7d:37:ee:e9:8e:10:76:ee:93:
18:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:18:E3:33:B9:21:71:DA:C0:B3:86:0F:38:1C:DE:82:5E:9B:D4:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec7e5637-f312-4c51-b644-29324b74734e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.224.0/19
Signature Algorithm: sha256WithRSAEncryption
3c:29:ca:b5:09:b3:e6:18:3a:75:b1:d7:d7:8e:bc:99:ea:68:
61:60:07:22:0c:65:a4:d2:d7:f9:e0:82:68:5d:a9:cc:b3:21:
9d:0f:c7:88:fe:c1:3f:1c:dd:f0:7d:fd:2e:b4:80:f9:de:3a:
fc:d1:d0:46:36:10:6e:9d:a9:ee:4f:2f:22:fa:42:9c:ad:ae:
37:9a:06:3f:da:41:17:57:f6:38:c7:4f:2c:5f:88:82:35:ad:
a7:e8:46:c2:2b:a8:48:90:3a:e7:a3:14:22:40:4f:5f:89:d3:
ef:ca:54:10:ce:f8:24:39:ad:0f:aa:d5:e7:41:d9:9d:0b:bf:
93:3b:1f:94:3d:0b:13:ac:45:28:ca:0b:25:c7:b8:77:7d:57:
ae:2f:16:a5:da:a1:f7:d2:7d:b1:20:8b:4d:fb:da:ef:3d:a0:
ac:aa:8b:6f:76:10:a7:33:a7:85:35:69:3f:bc:5a:4c:be:32:
ca:96:68:86:e7:92:a7:81:10:68:b6:f0:f3:97:75:0a:7b:80:
97:6c:1f:ef:51:44:4c:1a:a4:cb:26:4e:fa:d4:2d:01:eb:8a:
16:26:a0:81:d3:fe:f5:84:0e:35:cd:e3:be:a0:44:48:ac:95:
ca:9a:dc:f5:0a:ac:19:9c:a6:ae:80:ff:13:76:cd:2d:2e:be:
46:14:20:6b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYFQtwt95YiTUkE+RVeuOEE39Tl8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTAwNThaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlNTE4MGM2Y2E3YmM2OGUwY2ViYzQxNzg0ZDdmMzA0NmRjZWU3ZWM0ZDQ2
NDA0M2M0OWRjZWZmMjZlOWEwNTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWAiM+PEkW6C39JQh2A+JTC1cNJ7EgA1oI2uptpFxuKrNIT6HXYe5hoRaUu
HyX95Clf1p2zWTuIzizenvmLCkM7ERdMkycajLuMYovsOqBjAuFfMBxUxgXVMrKI
AlXSSRjuXD+C52fEm8iz8KUQld9L+2wtdCDzgAkstzCZHQp6i4lPyNVHt6qrhYvo
UOsA0f29o/Dq9HVGWveQWuBJv9nL/B9fbfwdwl1u3/NOd4hXfgYPCedKrJJNS0dI
g9h9yzekSO46JZ5th0cO1+Oqd8vYa6sUncdiLBt4ef3LpjFxolxZqgO7uJ+P/VM6
NKDPH1lxBg9yfTfu6Y4Qdu6TGAkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRYGOMz
uSFx2sCzhg84HN6CXpvUajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWM3ZTU2MzctZjMxMi00YzUxLWI2NDQtMjkzMjRiNzQ3MzRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAi4DAN
BgkqhkiG9w0BAQsFAAOCAQEAPCnKtQmz5hg6dbHX1468mepoYWAHIgxlpNLX+eCC
aF2pzLMhnQ/HiP7BPxzd8H39LrSA+d46/NHQRjYQbp2p7k8vIvpCnK2uN5oGP9pB
F1f2OMdPLF+IgjWtp+hGwiuoSJA656MUIkBPX4nT78pUEM74JDmtD6rV50HZnQu/
kzsflD0LE6xFKMoLJce4d31Xri8Wpdqh99J9sSCLTfva7z2grKqLb3YQpzOnhTVp
P7xaTL4yypZohueSp4EQaLbw85d1CnuAl2wf71FETBqkyyZO+tQtAeuKFiaggdP+
9YQONc3jvqBESKyVyprc9QqsGZymroD/E3bNLS6+RhQgaw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:30 2025 by rpki-client