Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa
File: c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa (raw, json)
Hash identifier: CxDd3PGi0BZXoRV91mBs29UoUMg+ZFJpj0SsS7qiLpg=
Subject key identifier: FC:1B:D1:C1:09:D5:0C:90:77:AB:72:39:70:71:BE:7A:21:42:6C:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5EBDBEBA2809A8BA7ADA118549771989CECD4AAD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa
Signing time: Mon 12 May 2025 16:10:20 +0000
ROA not before: Mon 12 May 2025 16:10:20 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.128.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:bd:be:ba:28:09:a8:ba:7a:da:11:85:49:77:19:89:ce:cd:4a:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:10:20 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=2ee7f66ac5ab9e03549bb82035f35168d672252701afa044d222483d44c446df, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ff:b6:5e:7f:e1:b3:b8:c8:0c:73:9a:0e:7f:
84:b1:5a:d4:46:5a:80:2f:56:56:95:2e:7a:bd:f3:
dd:a2:12:cd:4c:cf:3d:b0:17:68:ef:c2:fe:08:02:
94:f8:e0:84:8b:22:bc:01:22:a5:19:84:17:c2:cf:
36:ce:a8:1d:ef:24:67:4f:b6:ca:49:1a:09:c7:70:
4b:d1:fc:4c:68:07:f2:a2:9f:96:9b:37:e2:c1:ec:
84:c6:9f:d9:81:e7:17:3a:3e:14:46:c6:90:40:a1:
4a:30:52:8e:e3:04:5c:44:fa:e7:fd:4d:31:c3:d7:
70:68:04:14:98:cc:17:2e:62:2c:e9:61:72:8f:b3:
c8:cb:68:67:cb:9c:ea:33:2d:8f:55:bd:a1:3a:fc:
b0:7c:43:49:30:fb:31:73:cf:fb:e4:c4:96:e3:bd:
41:dc:08:de:cc:61:7a:ab:d2:85:47:3d:ec:48:c9:
66:62:f3:d5:dc:22:c1:3f:c9:7f:1c:39:eb:de:29:
12:f9:7e:cf:97:8c:9e:e8:cb:eb:36:3c:bb:ff:7e:
67:00:ce:77:f4:d3:4e:54:d2:c4:3d:73:4d:be:c7:
23:24:3a:4b:f5:26:70:2f:3b:0a:22:5b:58:25:6a:
a3:12:a2:06:76:0b:02:e8:2f:4f:00:a3:e9:b5:a6:
63:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:1B:D1:C1:09:D5:0C:90:77:AB:72:39:70:71:BE:7A:21:42:6C:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.128.0/20
Signature Algorithm: sha256WithRSAEncryption
3e:8a:51:8f:1f:e3:dd:cc:07:4d:dd:66:50:0a:10:de:d4:58:
52:a5:44:23:aa:09:14:8d:aa:62:e6:b2:7c:0b:86:37:6e:6b:
e0:b9:ce:e4:22:c9:67:0c:9d:6c:90:5c:c9:4a:e0:c0:ef:5d:
74:be:86:3a:f3:83:bf:77:9e:cb:82:9e:6c:ca:37:64:ca:33:
eb:44:df:26:d3:ed:b8:43:46:56:73:88:34:38:0f:e5:e8:95:
52:73:a9:7f:9e:8c:c5:8a:3b:cd:2c:34:2c:d9:47:eb:82:20:
9e:53:60:2b:01:c8:77:95:1e:e8:06:a5:83:f9:82:f2:54:4d:
14:b6:7c:a7:ec:57:2f:ff:80:4d:cf:0e:b6:18:e3:c5:34:db:
85:83:12:5a:18:9e:a5:ad:64:bb:87:cf:2f:ea:40:e2:e5:45:
48:47:38:dd:64:a0:e1:69:45:75:dd:ce:dc:cc:3c:47:78:27:
bb:2f:6a:fa:ed:6c:63:10:9c:cc:db:68:42:02:54:ba:6c:cf:
5e:b8:a6:a1:24:13:4f:cf:d8:1d:bf:3e:9a:55:5b:99:08:28:
43:12:2e:26:c4:20:96:ef:ba:e4:d8:64:2f:28:d2:55:64:0d:
81:5b:e7:9f:dc:66:8d:f8:da:47:c7:a3:9f:d4:32:68:2e:11:
d8:39:7d:95
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXr2+uigJqLp62hGFSXcZic7NSq0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjEwMjBaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlZTdmNjZhYzVhYjllMDM1NDliYjgyMDM1ZjM1MTY4ZDY3MjI1MjcwMWFm
YTA0NGQyMjI0ODNkNDRjNDQ2ZGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIP/tl5/4bO4yAxzmg5/hLFa1EZagC9WVpUuer3z3aISzUzPPbAXaO/C/ggC
lPjghIsivAEipRmEF8LPNs6oHe8kZ0+2ykkaCcdwS9H8TGgH8qKflps34sHshMaf
2YHnFzo+FEbGkEChSjBSjuMEXET65/1NMcPXcGgEFJjMFy5iLOlhco+zyMtoZ8uc
6jMtj1W9oTr8sHxDSTD7MXPP++TEluO9QdwI3sxheqvShUc97EjJZmLz1dwiwT/J
fxw5694pEvl+z5eMnujL6zY8u/9+ZwDOd/TTTlTSxD1zTb7HIyQ6S/UmcC87CiJb
WCVqoxKiBnYLAugvTwCj6bWmYwkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT8G9HB
CdUMkHercjlwcb56IUJsazAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzJjZDRkZGYtOWEzOC00MjVhLTgwMjEtYzQ1ZWQ5NmM1MGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAigDAN
BgkqhkiG9w0BAQsFAAOCAQEAPopRjx/j3cwHTd1mUAoQ3tRYUqVEI6oJFI2qYuay
fAuGN25r4LnO5CLJZwydbJBcyUrgwO9ddL6GOvODv3eey4KebMo3ZMoz60TfJtPt
uENGVnOINDgP5eiVUnOpf56MxYo7zSw0LNlH64IgnlNgKwHId5Ue6Aalg/mC8lRN
FLZ8p+xXL/+ATc8OthjjxTTbhYMSWhiepa1ku4fPL+pA4uVFSEc43WSg4WlFdd3O
3Mw8R3gnuy9q+u1sYxCczNtoQgJUumzPXrimoSQTT8/YHb8+mlVbmQgoQxIuJsQg
lu+65NhkLyjSVWQNgVvnn9xmjfjaR8ejn9QyaC4R2Dl9lQ==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:46 2025 by rpki-client