Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e00516db-a674-4a02-8de9-e0ad569ecc6f.roa
File: e00516db-a674-4a02-8de9-e0ad569ecc6f.roa (raw, json)
Hash identifier: XBHNEk6lxznNot0EItlbymOk1NQA+4OBQi9hgYoLgsE=
Subject key identifier: F2:25:80:59:EA:52:7D:D7:A5:CA:27:EC:94:EF:22:17:9E:D3:C0:DA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D61858F0CF35E7F4B63C24CC64526D495E16E54
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e00516db-a674-4a02-8de9-e0ad569ecc6f.roa
Signing time: Mon 12 May 2025 16:11:29 +0000
ROA not before: Mon 12 May 2025 16:11:29 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:61:85:8f:0c:f3:5e:7f:4b:63:c2:4c:c6:45:26:d4:95:e1:6e:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:11:29 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=47c001fc96788e5f3322612ddc3a872ae117b0f2f38450ecfee3b5005c4dfa93, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c0:69:6d:4d:2e:0f:86:88:e9:9e:0e:79:89:
92:af:5e:3a:d2:09:0a:46:42:50:da:61:60:b5:fc:
15:6f:dd:49:f7:52:37:15:e1:f7:8c:b3:cb:3d:27:
65:08:82:c1:03:dd:7d:89:b2:58:b6:10:52:5c:93:
b4:a2:b1:0e:73:3d:70:f5:cf:33:fb:94:e3:1c:9e:
ab:58:57:47:6c:17:32:85:17:98:6e:ea:6b:e9:23:
73:e0:1e:ae:6e:0f:33:69:c0:ba:47:36:b3:8e:bc:
08:fe:e5:f1:85:e4:29:fa:c7:c6:ac:4e:38:23:17:
4a:d7:a3:34:63:ed:0e:b6:44:83:c8:ad:44:5b:49:
dd:84:41:ae:97:a8:2e:d0:9d:f1:b5:70:fd:07:b5:
ba:8c:6c:13:f6:9b:19:0f:0c:93:76:b5:c3:eb:11:
4a:a9:9e:e5:37:17:5d:6a:a1:5a:b0:91:65:fc:e9:
0d:f7:dc:c0:47:d0:35:16:54:98:6b:92:2a:6b:e6:
b9:59:c5:8e:04:21:3a:7f:94:ee:a3:b0:7e:0b:65:
55:c9:26:d0:39:9a:10:d2:fb:e9:57:cf:b3:89:6b:
13:22:38:2a:a9:d0:89:32:8d:e7:ed:1f:b9:54:ce:
08:d4:1c:32:8f:fd:75:ed:76:2b:c9:38:6a:16:2e:
49:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:25:80:59:EA:52:7D:D7:A5:CA:27:EC:94:EF:22:17:9E:D3:C0:DA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e00516db-a674-4a02-8de9-e0ad569ecc6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.176.0/20
Signature Algorithm: sha256WithRSAEncryption
6f:c8:f4:e9:fb:9c:64:2a:d1:46:f5:d9:b9:3d:9d:00:dc:cf:
ae:62:d5:5a:b0:41:9b:0b:1c:67:17:a1:71:98:57:01:ab:5c:
98:f3:6f:32:82:e7:21:a4:f6:a6:35:04:a4:4d:fb:e4:d5:78:
db:e2:65:79:aa:f3:6a:24:12:34:38:67:98:28:47:fa:5f:d2:
81:f6:0d:f6:28:a6:f1:e1:cf:d3:37:26:19:fc:71:f7:7a:5f:
17:ec:d0:92:bd:47:31:b7:e7:46:d7:c4:8e:f1:ac:75:b3:ac:
7c:0d:ae:a5:5a:46:60:ce:f7:fc:82:36:95:9a:38:27:ab:0a:
b7:b6:c0:36:f4:ac:91:ee:e3:24:68:a1:53:49:f7:30:20:47:
a2:35:2d:0f:56:7b:16:a7:78:e8:61:aa:c9:ae:d8:e1:5f:1b:
84:1b:4f:8d:1a:44:eb:08:fe:f6:77:98:44:bd:4b:6c:57:d7:
16:6f:f9:15:15:50:f8:27:60:d4:80:20:08:98:03:d3:f6:23:
43:fa:a3:f2:c9:b3:29:60:4f:3f:58:43:a8:fc:ee:4f:a5:90:
2b:e5:b8:e3:aa:48:92:df:36:c9:6a:5e:d0:4f:70:24:50:58:
26:11:73:2c:bd:bb:17:65:72:9e:2c:d9:c7:7f:c9:04:9c:e9:
91:37:72:44
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbWGFjwzzXn9LY8JMxkUm1JXhblQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjExMjlaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3YzAwMWZjOTY3ODhlNWYzMzIyNjEyZGRjM2E4NzJhZTExN2IwZjJmMzg0
NTBlY2ZlZTNiNTAwNWM0ZGZhOTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIfAaW1NLg+GiOmeDnmJkq9eOtIJCkZCUNphYLX8FW/dSfdSNxXh94yzyz0n
ZQiCwQPdfYmyWLYQUlyTtKKxDnM9cPXPM/uU4xyeq1hXR2wXMoUXmG7qa+kjc+Ae
rm4PM2nAukc2s468CP7l8YXkKfrHxqxOOCMXStejNGPtDrZEg8itRFtJ3YRBrpeo
LtCd8bVw/Qe1uoxsE/abGQ8Mk3a1w+sRSqme5TcXXWqhWrCRZfzpDffcwEfQNRZU
mGuSKmvmuVnFjgQhOn+U7qOwfgtlVckm0DmaENL76VfPs4lrEyI4KqnQiTKN5+0f
uVTOCNQcMo/9de12K8k4ahYuSTsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTyJYBZ
6lJ916XKJ+yU7yIXntPA2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTAwNTE2ZGItYTY3NC00YTAyLThkZTktZTBhZDU2OWVjYzZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAisDAN
BgkqhkiG9w0BAQsFAAOCAQEAb8j06fucZCrRRvXZuT2dANzPrmLVWrBBmwscZxeh
cZhXAatcmPNvMoLnIaT2pjUEpE375NV42+JlearzaiQSNDhnmChH+l/SgfYN9iim
8eHP0zcmGfxx93pfF+zQkr1HMbfnRtfEjvGsdbOsfA2upVpGYM73/II2lZo4J6sK
t7bANvSske7jJGihU0n3MCBHojUtD1Z7Fqd46GGqya7Y4V8bhBtPjRpE6wj+9neY
RL1LbFfXFm/5FRVQ+Cdg1IAgCJgD0/YjQ/qj8smzKWBPP1hDqPzuT6WQK+W446pI
kt82yWpe0E9wJFBYJhFzLL27F2VynizZx3/JBJzpkTdyRA==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:31 2025 by rpki-client