Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa
File: eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa (raw, json)
Hash identifier: /X2/dQ6Y9iYdAkKX3vOPXP76BjEg24jxDN8ZQ+SqXqw=
Subject key identifier: 7E:5D:64:97:45:02:D9:21:A6:DF:94:41:3B:42:ED:55:D8:CE:34:2C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0C332B67BE717DE783A944577AB42E5C3392CC9A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa
Signing time: Mon 12 May 2025 16:11:35 +0000
ROA not before: Mon 12 May 2025 16:11:35 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:33:2b:67:be:71:7d:e7:83:a9:44:57:7a:b4:2e:5c:33:92:cc:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:11:35 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=03cd7ca5a0e4103d7d8f83a93727b6bb499ea965d71e21ed252d755add54a0b0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8c:32:11:de:59:a0:23:61:93:24:42:2d:ae:
b9:66:37:98:15:b0:d3:87:6d:1b:3a:2f:c7:b7:d7:
75:69:c6:49:10:c0:48:8b:93:b1:a1:98:ed:a7:49:
86:85:0e:9f:e4:e6:6f:30:55:22:34:62:94:60:0a:
06:80:18:ee:ee:af:5e:02:eb:06:e2:30:33:12:07:
55:28:3c:0e:b9:75:34:48:1e:58:2c:43:c8:71:31:
76:96:9d:dd:77:79:49:f6:ce:c5:5b:e8:27:ad:24:
28:d8:79:22:31:cd:1f:74:83:d4:78:8b:e2:cc:8f:
35:ab:5a:66:1b:16:4f:c2:40:e6:00:f5:1c:4c:c6:
e6:5e:3f:36:1f:20:dc:73:e1:c0:8f:b7:df:c6:0c:
c1:3e:33:70:9c:21:ea:55:98:9e:cd:fd:6a:ec:db:
e8:09:59:10:dc:e1:1d:31:5c:c1:e5:37:29:42:d9:
55:6f:30:6e:6d:38:e0:56:68:b7:d1:96:4e:af:af:
a8:0e:a6:95:3a:de:c8:d5:60:9e:7f:f9:5a:73:05:
03:80:6a:ae:58:e4:76:1c:d2:ba:cb:55:5b:4d:f8:
03:6b:e2:ec:08:00:92:d0:b9:2c:15:11:4f:37:72:
b1:87:63:f5:9f:d0:8c:34:1c:20:0d:c4:b4:ae:6e:
a1:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:5D:64:97:45:02:D9:21:A6:DF:94:41:3B:42:ED:55:D8:CE:34:2C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/19
Signature Algorithm: sha256WithRSAEncryption
69:94:0b:32:05:56:6a:6a:5b:83:b6:0c:00:1b:4b:39:03:38:
73:a6:8e:d7:f2:35:2e:7d:73:99:34:01:89:20:d9:18:d7:54:
1e:c9:51:17:74:d8:86:95:96:dd:e8:92:6a:d6:e0:40:12:7d:
1c:da:da:ee:b4:74:bf:29:e1:b6:87:a9:75:7a:f5:2b:9f:b6:
04:db:19:47:85:bd:f1:74:76:54:63:36:27:05:cf:91:d9:81:
8e:2d:69:8b:b8:1f:dd:56:d0:bf:63:f6:f3:2b:08:98:45:51:
6b:ac:1b:3a:f7:ca:02:78:a2:d1:75:9a:42:7f:e0:3a:ed:d7:
cb:0d:c4:55:b0:b4:16:75:b1:70:0c:96:35:65:4c:59:55:2b:
2e:54:32:66:a7:5c:fd:f0:67:ca:89:cf:16:d4:6e:2e:d9:8e:
23:c8:90:64:25:80:30:54:a1:5b:f3:2f:43:e1:1c:7d:99:1e:
af:eb:0b:b7:0b:90:0c:88:3c:05:66:ca:00:5d:12:41:a1:db:
a0:d0:c7:2a:f6:b3:81:f8:a9:de:26:4f:b2:1b:da:39:52:d7:
81:23:c1:ed:93:fb:cb:85:7d:2b:d3:39:c7:1d:d6:fa:e0:e8:
f1:c3:97:22:19:da:76:2a:08:00:da:19:cb:a7:32:a1:86:37:
4c:0b:2e:9e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDDMrZ75xfeeDqURXerQuXDOSzJowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjExMzVaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzY2Q3Y2E1YTBlNDEwM2Q3ZDhmODNhOTM3MjdiNmJiNDk5ZWE5NjVkNzFl
MjFlZDI1MmQ3NTVhZGQ1NGEwYjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJOMMhHeWaAjYZMkQi2uuWY3mBWw04dtGzovx7fXdWnGSRDASIuTsaGY7adJ
hoUOn+TmbzBVIjRilGAKBoAY7u6vXgLrBuIwMxIHVSg8Drl1NEgeWCxDyHExdpad
3Xd5SfbOxVvoJ60kKNh5IjHNH3SD1HiL4syPNataZhsWT8JA5gD1HEzG5l4/Nh8g
3HPhwI+338YMwT4zcJwh6lWYns39auzb6AlZENzhHTFcweU3KULZVW8wbm044FZo
t9GWTq+vqA6mlTreyNVgnn/5WnMFA4BqrljkdhzSustVW034A2vi7AgAktC5LBUR
TzdysYdj9Z/QjDQcIA3EtK5uobECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR+XWSX
RQLZIabflEE7Qu1V2M40LDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWFiOGJhNjItNTkzNC00YzliLTliZDktMTBmZGQyNDk0NjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiADAN
BgkqhkiG9w0BAQsFAAOCAQEAaZQLMgVWampbg7YMABtLOQM4c6aO1/I1Ln1zmTQB
iSDZGNdUHslRF3TYhpWW3eiSatbgQBJ9HNra7rR0vynhtoepdXr1K5+2BNsZR4W9
8XR2VGM2JwXPkdmBji1pi7gf3VbQv2P28ysImEVRa6wbOvfKAnii0XWaQn/gOu3X
yw3EVbC0FnWxcAyWNWVMWVUrLlQyZqdc/fBnyonPFtRuLtmOI8iQZCWAMFShW/Mv
Q+EcfZker+sLtwuQDIg8BWbKAF0SQaHboNDHKvazgfip3iZPshvaOVLXgSPB7ZP7
y4V9K9M5xx3W+uDo8cOXIhnadioIANoZy6cyoYY3TAsung==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:27:30 2025 by rpki-client