Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c2e3ffab-b8ab-476f-9c6e-5e4842d705f6.roa
File: c2e3ffab-b8ab-476f-9c6e-5e4842d705f6.roa (raw, json)
Hash identifier: YctlHlealCbhLsHPSb8MRf6pqHgGmd0nQVU1nu82pKg=
Subject key identifier: AD:71:FC:68:44:75:97:85:5E:C8:A7:E0:E7:00:63:81:40:B8:45:5E
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5DA12A5F0FBDBCC9A95ED4DD36B32FB6B9CAFFBC
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c2e3ffab-b8ab-476f-9c6e-5e4842d705f6.roa
Signing time: Wed 30 Apr 2025 00:20:13 +0000
ROA not before: Wed 30 Apr 2025 00:20:13 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:1800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:a1:2a:5f:0f:bd:bc:c9:a9:5e:d4:dd:36:b3:2f:b6:b9:ca:ff:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:20:13 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=883f959658a68903c536cdbf8ac5036d3c15df53efce7827971dd27f9057c37c, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c4:3b:ca:32:38:cd:bc:ad:da:fd:60:a1:1e:
89:24:ac:98:6a:a4:56:80:4b:3c:f8:5f:4c:78:1b:
28:e0:95:03:61:aa:d1:ec:6e:6d:8d:6f:93:30:79:
c1:09:3a:64:fe:3e:2b:5f:07:f8:2d:ed:52:2b:00:
ad:10:d0:de:c1:19:9c:4d:06:12:b9:a0:ad:54:7c:
f8:a6:b5:63:07:8f:14:60:32:31:50:80:ca:f0:8a:
f8:b3:37:50:5c:17:af:02:95:64:a0:11:53:ef:97:
99:db:fb:67:1a:57:68:cf:db:8c:b5:4a:a9:73:02:
6b:bb:3c:b4:4a:9e:c4:0d:55:80:e8:3b:89:96:53:
bc:d0:bb:09:ea:ab:8d:1b:a7:fb:47:c9:9e:54:a5:
ac:48:f4:df:75:c6:30:a5:55:c6:fc:1b:39:78:1e:
a7:93:1b:be:18:a0:ed:cf:04:bb:7f:85:a3:3d:d5:
1f:22:91:66:14:b1:2d:5b:25:9b:f0:43:c5:64:a9:
a1:ac:d7:94:aa:4f:6e:19:7b:f3:ed:f1:ae:fe:73:
3c:b9:8d:54:f6:18:9f:93:36:f2:07:1e:92:b5:48:
75:0c:a4:87:6a:3d:25:60:d4:a1:ca:17:9e:27:3d:
f1:8f:82:93:cf:74:ea:ce:48:a7:2c:01:df:8b:21:
cf:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:71:FC:68:44:75:97:85:5E:C8:A7:E0:E7:00:63:81:40:B8:45:5E
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c2e3ffab-b8ab-476f-9c6e-5e4842d705f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:1800::/40
Signature Algorithm: sha256WithRSAEncryption
57:6a:e2:ed:8f:90:17:ce:08:e1:f9:62:31:9d:55:78:f4:a7:
b1:86:00:3f:32:15:a6:8a:a5:4a:c2:bd:21:05:d8:e3:e3:92:
1e:9a:f9:59:0c:ac:c7:eb:28:8b:e8:96:5b:ee:8a:53:34:e4:
50:81:9e:08:c3:65:c2:42:3c:1e:51:84:33:ac:c9:2d:9b:cf:
78:f8:65:6a:2c:e1:b5:36:f1:ec:aa:df:c4:07:27:7e:b3:6f:
db:d6:76:65:0a:ca:0e:c9:6c:e7:57:05:06:cd:f9:9c:07:23:
e7:1b:83:cf:d0:0a:72:35:27:1b:ef:eb:fc:89:50:c2:86:26:
b1:09:04:35:d6:35:23:f6:54:44:6f:a3:22:8b:ea:db:b2:b4:
12:c1:9f:b7:6b:e0:70:00:8e:55:b3:ff:b2:9a:44:78:32:1a:
45:0e:cb:94:5e:5b:c3:84:28:df:7b:49:47:8c:a7:36:dd:ca:
97:34:bc:bb:6b:29:a3:da:ee:d7:56:a5:9d:94:88:6e:d1:d1:
39:f8:40:95:ef:30:f0:18:82:45:cb:41:97:1b:45:af:26:dc:
a8:cd:7c:a9:ac:f5:26:21:60:13:c4:da:62:49:7d:28:87:b7:
de:f4:2d:da:cb:30:2e:5c:d0:b4:72:e8:b2:27:df:3d:0c:14:
43:db:53:44
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXaEqXw+9vMmpXtTdNrMvtrnK/7wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIwMTNaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4M2Y5NTk2NThhNjg5MDNjNTM2Y2RiZjhhYzUwMzZkM2MxNWRmNTNlZmNl
NzgyNzk3MWRkMjdmOTA1N2MzN2MxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANHEO8oyOM28rdr9YKEeiSSsmGqkVoBLPPhfTHgbKOCVA2Gq0exubY1vkzB5
wQk6ZP4+K18H+C3tUisArRDQ3sEZnE0GErmgrVR8+Ka1YwePFGAyMVCAyvCK+LM3
UFwXrwKVZKARU++Xmdv7ZxpXaM/bjLVKqXMCa7s8tEqexA1VgOg7iZZTvNC7Ceqr
jRun+0fJnlSlrEj033XGMKVVxvwbOXgep5Mbvhig7c8Eu3+Foz3VHyKRZhSxLVsl
m/BDxWSpoazXlKpPbhl78+3xrv5zPLmNVPYYn5M28gcekrVIdQykh2o9JWDUocoX
nic98Y+Ck8906s5IpywB34shz20CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBStcfxo
RHWXhV7Ip+DnAGOBQLhFXjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YzJlM2ZmYWItYjhhYi00NzZmLTljNmUtNWU0ODQyZDcwNWY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8cY
MA0GCSqGSIb3DQEBCwUAA4IBAQBXauLtj5AXzgjh+WIxnVV49KexhgA/MhWmiqVK
wr0hBdjj45IemvlZDKzH6yiL6JZb7opTNORQgZ4Iw2XCQjweUYQzrMktm894+GVq
LOG1NvHsqt/EByd+s2/b1nZlCsoOyWznVwUGzfmcByPnG4PP0ApyNScb7+v8iVDC
hiaxCQQ11jUj9lREb6Mii+rbsrQSwZ+3a+BwAI5Vs/+ymkR4MhpFDsuUXlvDhCjf
e0lHjKc23cqXNLy7aymj2u7XVqWdlIhu0dE5+ECV7zDwGIJFy0GXG0WvJtyozXyp
rPUmIWATxNpiSX0oh7fe9C3ayzAuXNC0cuiyJ989DBRD21NE
-----END CERTIFICATE-----
Generated at Mon May 5 03:39:33 2025 by rpki-client