Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b51c4d29-13a7-4610-ab02-6dce63bec7e5.roa
File: b51c4d29-13a7-4610-ab02-6dce63bec7e5.roa (raw, json)
Hash identifier: TMk0LYGnRBj3s66LcvvxkzaYHZB4QlYAfEgFQ22XO6s=
Subject key identifier: CC:A1:03:B6:CD:43:77:94:85:34:6A:8D:64:2D:D8:5C:C6:B6:7E:1A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14C491D3400AA4F72402148BD2C32C86565228BC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b51c4d29-13a7-4610-ab02-6dce63bec7e5.roa
Signing time: Fri 09 May 2025 16:30:07 +0000
ROA not before: Fri 09 May 2025 16:30:07 +0000
ROA not after: Fri 13 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:c4:91:d3:40:0a:a4:f7:24:02:14:8b:d2:c3:2c:86:56:52:28:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 9 16:30:07 2025 GMT
Not After : Jun 13 23:59:59 2025 GMT
Subject: serialNumber=1d663d922ab629d196cd3fa9d6bb9224f8df53e66596d575c35e864b57f0fd6c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:65:7d:85:d8:51:4f:ab:fe:2d:fd:3c:5f:ca:
db:72:83:b6:d9:1d:48:93:da:e4:b4:cf:a2:38:cd:
7b:82:1a:82:a1:63:8c:7b:1b:5b:b7:74:c9:3e:28:
e0:36:32:e2:67:17:ed:cc:f1:35:e9:25:17:ba:91:
5e:00:fd:7a:02:64:69:68:e6:ea:17:8a:4a:ba:ec:
d4:87:72:96:7f:50:64:47:fd:fd:c7:24:ad:f5:32:
0c:ac:4d:c7:23:76:98:6a:36:fe:fa:c8:40:b7:c0:
05:bb:1f:ce:8f:34:da:43:82:5f:f2:aa:20:65:7b:
f0:eb:32:e1:98:f2:a9:91:16:3d:3b:3b:a6:81:23:
67:4b:4f:79:5c:77:62:25:97:65:1c:01:ca:90:75:
e2:a2:52:81:43:cf:b5:86:32:cc:88:34:cf:da:b0:
22:91:de:0c:99:26:7d:da:a5:9a:16:f2:32:49:e7:
b9:03:e6:b3:b9:50:98:e5:76:c2:5c:0e:17:ec:f0:
4f:77:59:27:f8:3d:db:ce:d1:84:17:6d:ae:6a:46:
11:8a:23:9d:af:6f:e2:6a:2f:e6:94:d1:a3:f3:3e:
c6:8a:75:be:ee:b1:4a:60:d6:6b:b1:b5:02:20:63:
b8:0f:f0:fa:03:71:85:7d:2e:1b:69:5c:3b:52:b6:
4f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:A1:03:B6:CD:43:77:94:85:34:6A:8D:64:2D:D8:5C:C6:B6:7E:1A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b51c4d29-13a7-4610-ab02-6dce63bec7e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.222.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:4c:0c:57:f8:5f:76:07:dd:b2:ab:a8:17:cc:06:69:9b:b1:
81:a1:b5:60:01:c6:eb:57:0f:c7:b1:42:a8:53:2f:56:66:31:
17:7d:4b:99:d3:bf:37:d4:a0:02:dd:d5:ca:86:52:f9:95:08:
59:41:ec:8e:e6:fe:74:4b:78:f3:4f:42:da:72:6d:09:dd:5c:
e2:6e:8e:db:36:81:a6:f0:5d:9e:a8:98:70:30:c2:36:65:c5:
9e:79:7b:8f:ff:40:2d:2d:4f:ea:8c:09:01:64:d4:3a:98:63:
0b:e8:85:49:a3:78:87:c6:c2:4e:b2:5d:02:26:4b:c4:41:03:
86:8b:36:cb:33:0e:de:33:b5:33:ff:c2:a1:54:b1:33:9a:c5:
cb:db:d4:3c:f4:87:7e:5a:1c:2d:17:74:f5:31:63:d5:f4:f7:
6a:d1:e7:5c:05:81:d1:4a:70:45:6b:f1:94:03:08:5a:2a:88:
92:9f:76:0d:b1:ce:33:86:38:49:5c:9e:a0:6a:20:a8:b5:fe:
bc:16:3a:48:55:94:69:ab:d2:4f:c9:8d:87:f1:78:6b:54:ca:
45:66:a2:c4:0a:e2:47:4f:ad:9d:fb:62:bd:f5:26:bf:b1:e5:
23:ef:dd:f7:23:37:a7:ce:88:3e:8a:97:2a:b0:67:aa:fc:23:
1d:7a:f6:43
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFMSR00AKpPckAhSL0sMshlZSKLwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MDkxNjMwMDdaFw0yNTA2MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkNjYzZDkyMmFiNjI5ZDE5NmNkM2ZhOWQ2YmI5MjI0ZjhkZjUzZTY2NTk2
ZDU3NWMzNWU4NjRiNTdmMGZkNmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRlfYXYUU+r/i39PF/K23KDttkdSJPa5LTPojjNe4IagqFjjHsbW7d0yT4o
4DYy4mcX7czxNeklF7qRXgD9egJkaWjm6heKSrrs1Idyln9QZEf9/cckrfUyDKxN
xyN2mGo2/vrIQLfABbsfzo802kOCX/KqIGV78Osy4ZjyqZEWPTs7poEjZ0tPeVx3
YiWXZRwBypB14qJSgUPPtYYyzIg0z9qwIpHeDJkmfdqlmhbyMknnuQPms7lQmOV2
wlwOF+zwT3dZJ/g9287RhBdtrmpGEYojna9v4mov5pTRo/M+xop1vu6xSmDWa7G1
AiBjuA/w+gNxhX0uG2lcO1K2T1ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTMoQO2
zUN3lIU0ao1kLdhcxrZ+GjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjUxYzRkMjktMTNhNy00NjEwLWFiMDItNmRjZTYzYmVjN2U1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC6J3jAN
BgkqhkiG9w0BAQsFAAOCAQEArUwMV/hfdgfdsquoF8wGaZuxgaG1YAHG61cPx7FC
qFMvVmYxF31LmdO/N9SgAt3VyoZS+ZUIWUHsjub+dEt4809C2nJtCd1c4m6O2zaB
pvBdnqiYcDDCNmXFnnl7j/9ALS1P6owJAWTUOphjC+iFSaN4h8bCTrJdAiZLxEED
hos2yzMO3jO1M//CoVSxM5rFy9vUPPSHflocLRd09TFj1fT3atHnXAWB0UpwRWvx
lAMIWiqIkp92DbHOM4Y4SVyeoGogqLX+vBY6SFWUaavST8mNh/F4a1TKRWaixAri
R0+tnftivfUmv7HlI+/d9yM3p86IPoqXKrBnqvwjHXr2Qw==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:38 2025 by rpki-client