Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8364c06-b75e-4d85-8c8c-afad4df7cd1f.roa
File: d8364c06-b75e-4d85-8c8c-afad4df7cd1f.roa (raw, json)
Hash identifier: aFBLCaWdCm8CsLLILpAW8Ohi+jZbjD1K9gxB3RqmNGI=
Subject key identifier: BE:B4:E2:DC:09:E0:1A:F9:18:B7:73:4E:B2:10:F1:16:CF:4E:C5:D4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1AD393BC958B03F39C027B565FB63E9D81FF1773
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8364c06-b75e-4d85-8c8c-afad4df7cd1f.roa
Signing time: Fri 09 May 2025 16:31:00 +0000
ROA not before: Fri 09 May 2025 16:31:00 +0000
ROA not after: Fri 13 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.224.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:d3:93:bc:95:8b:03:f3:9c:02:7b:56:5f:b6:3e:9d:81:ff:17:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 9 16:31:00 2025 GMT
Not After : Jun 13 23:59:59 2025 GMT
Subject: serialNumber=c6609bdf70b3d27629b0bfe68dac15559dc220c78d51fb073673b0f720624e03, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:63:d3:66:6b:4b:38:0a:55:52:bb:7a:34:bd:
b9:60:0c:d6:5d:a0:45:6a:78:76:d1:aa:2e:a0:14:
04:f4:8b:29:1b:69:11:8d:d7:2b:7a:28:21:07:e5:
c4:2b:44:a3:da:25:75:ba:4c:e2:e9:69:1d:54:8b:
e4:2c:c8:f9:a7:fe:00:ce:0d:1b:71:7f:4a:db:82:
96:b1:b3:ba:2b:92:68:0f:e2:e8:89:9b:2b:2d:e6:
ce:48:84:fb:c9:30:ca:41:91:ee:09:ec:00:41:e9:
2e:90:c7:1e:b1:10:7a:b4:a5:a0:8d:81:94:d4:96:
f5:2d:4a:c5:56:85:24:fc:a4:e4:60:a5:7d:e8:7f:
b9:6d:1d:96:9f:03:58:dd:b8:a1:cd:02:02:57:a2:
b2:a2:95:28:22:86:d0:10:d9:a7:7a:b8:38:07:58:
6e:ff:30:83:d9:24:0f:29:66:71:5b:5a:da:a1:aa:
0e:f1:ec:33:f3:15:3c:f6:fe:59:0c:35:3b:97:3b:
ad:55:f0:fa:4b:04:0c:3f:6e:18:0f:14:c7:d0:a5:
3a:34:9b:e7:56:dc:1c:c2:35:1f:25:cd:06:cc:25:
07:9b:51:38:95:c0:45:3e:6d:52:88:9f:74:28:6f:
52:1d:e4:07:57:0a:2a:d9:3f:5e:df:32:25:ef:ab:
94:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:B4:E2:DC:09:E0:1A:F9:18:B7:73:4E:B2:10:F1:16:CF:4E:C5:D4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8364c06-b75e-4d85-8c8c-afad4df7cd1f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.224.0/20
Signature Algorithm: sha256WithRSAEncryption
b9:22:dc:41:7e:50:7d:08:02:83:ef:f6:28:bf:8c:98:f1:a0:
76:62:28:69:eb:db:94:c2:57:94:0c:e2:7f:94:a2:0d:90:fb:
08:38:d0:a2:6e:2d:d7:20:2f:d6:ad:2c:f1:dc:4f:80:1f:7b:
71:83:7c:ce:2b:ea:8a:2b:31:41:98:18:83:14:28:dd:30:86:
ba:18:df:71:22:5a:a6:66:3a:97:eb:46:03:3e:72:e9:0f:a6:
25:3b:54:c6:0f:db:cc:9c:c1:69:46:85:45:f5:f5:7b:c8:3f:
dd:d5:7a:5e:b8:f8:cf:52:36:0d:17:4b:ff:fc:c2:42:88:0e:
ec:46:5c:d3:4e:7f:15:ae:e2:c4:2b:a7:ab:37:d2:4b:3d:eb:
51:b6:63:29:6a:48:0d:f0:1b:96:b4:20:e6:0f:66:8b:23:f3:
01:3f:de:65:54:29:fb:fd:ca:fc:f5:00:8e:b9:1f:10:aa:4c:
f1:9b:2a:28:34:7b:a2:3f:f4:7c:14:17:99:70:54:79:34:34:
80:c6:6b:23:d7:03:43:c9:3c:09:22:eb:0d:07:0f:74:21:49:
36:89:44:12:c3:dd:00:71:0e:14:c5:c5:a9:89:30:74:5a:b8:
c8:c7:3d:be:80:7e:91:3c:0d:c4:43:74:88:3d:99:24:c7:77:
83:b3:7b:fb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGtOTvJWLA/OcAntWX7Y+nYH/F3MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MDkxNjMxMDBaFw0yNTA2MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2NjA5YmRmNzBiM2QyNzYyOWIwYmZlNjhkYWMxNTU1OWRjMjIwYzc4ZDUx
ZmIwNzM2NzNiMGY3MjA2MjRlMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhj02ZrSzgKVVK7ejS9uWAM1l2gRWp4dtGqLqAUBPSLKRtpEY3XK3ooIQfl
xCtEo9oldbpM4ulpHVSL5CzI+af+AM4NG3F/StuClrGzuiuSaA/i6ImbKy3mzkiE
+8kwykGR7gnsAEHpLpDHHrEQerSloI2BlNSW9S1KxVaFJPyk5GClfeh/uW0dlp8D
WN24oc0CAleisqKVKCKG0BDZp3q4OAdYbv8wg9kkDylmcVta2qGqDvHsM/MVPPb+
WQw1O5c7rVXw+ksEDD9uGA8Ux9ClOjSb51bcHMI1HyXNBswlB5tROJXART5tUoif
dChvUh3kB1cKKtk/Xt8yJe+rlGMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS+tOLc
CeAa+Ri3c06yEPEWz07F1DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDgzNjRjMDYtYjc1ZS00ZDg1LThjOGMtYWZhZDRkZjdjZDFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6J4DAN
BgkqhkiG9w0BAQsFAAOCAQEAuSLcQX5QfQgCg+/2KL+MmPGgdmIoaevblMJXlAzi
f5SiDZD7CDjQom4t1yAv1q0s8dxPgB97cYN8zivqiisxQZgYgxQo3TCGuhjfcSJa
pmY6l+tGAz5y6Q+mJTtUxg/bzJzBaUaFRfX1e8g/3dV6Xrj4z1I2DRdL//zCQogO
7EZc005/Fa7ixCunqzfSSz3rUbZjKWpIDfAblrQg5g9miyPzAT/eZVQp+/3K/PUA
jrkfEKpM8ZsqKDR7oj/0fBQXmXBUeTQ0gMZrI9cDQ8k8CSLrDQcPdCFJNolEEsPd
AHEOFMXFqYkwdFq4yMc9voB+kTwNxEN0iD2ZJMd3g7N7+w==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:37 2025 by rpki-client