Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
File: e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa (raw, json)
Hash identifier: zk8oHwWhZ58WDyX9S7pr/il9uYdA92IUtvvCSMR7ZII=
Subject key identifier: 0D:F3:FB:83:5A:42:7C:9B:9E:96:67:D7:EC:08:EF:3A:EE:38:96:8B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3945A1D309F22758282A9EB8E3CED9A0A324BEFC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
Signing time: Fri 22 Aug 2025 15:00:23 +0000
ROA not before: Fri 22 Aug 2025 15:00:23 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.40.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:45:a1:d3:09:f2:27:58:28:2a:9e:b8:e3:ce:d9:a0:a3:24:be:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:00:23 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=e5c53c1006768a91dcf148c9f3d7b9eb563f45f47b578480288a71dcf2005990, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ea:2c:f1:81:36:ff:ce:f6:9d:56:1d:e4:47:
17:15:ce:a3:fc:70:06:7b:44:3f:4a:06:d0:91:ec:
6d:d3:d6:e4:69:71:f2:80:07:01:58:f8:18:53:c6:
a5:d3:58:5f:62:b4:2e:2c:7c:db:78:38:b7:5d:5d:
5c:94:51:e3:23:b2:69:33:c3:ff:fc:47:bf:2b:08:
c3:91:14:1f:3e:d9:84:f4:79:c9:cf:cd:6c:48:a9:
b1:2f:4c:4b:b1:d0:0c:a4:28:e8:48:97:0d:15:71:
bd:22:fc:3d:dc:ad:9a:11:94:1c:9f:fa:9b:ee:74:
0d:16:df:4b:8e:ff:82:7e:cf:b3:10:7c:ed:35:54:
89:5b:c9:ca:1b:49:9d:6e:4a:d9:43:1c:4b:4d:ea:
05:5d:f0:5c:eb:f7:99:0e:7a:fd:39:03:16:5a:85:
c8:31:c0:cd:bf:4a:8d:86:7d:32:4a:48:88:32:8f:
75:77:b7:3a:2d:39:84:8d:8d:3b:f3:f7:63:6a:4b:
f1:3c:0d:7a:0d:23:9a:8b:77:96:17:31:e6:3f:1e:
cc:5d:65:b6:9b:54:8e:c0:f0:3a:60:cd:1d:7e:ff:
03:63:9f:b4:35:39:42:5f:1b:7a:bf:f9:0a:b2:b3:
76:b3:a6:81:ae:19:32:03:1c:88:12:f6:47:9c:d9:
3b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:F3:FB:83:5A:42:7C:9B:9E:96:67:D7:EC:08:EF:3A:EE:38:96:8B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.40.0/22
Signature Algorithm: sha256WithRSAEncryption
af:c6:f8:ae:40:1c:7b:01:4f:3f:b4:aa:b9:47:6e:ed:c0:cb:
7d:e5:f9:ad:ea:a3:22:50:5b:cd:69:c0:f5:e9:e0:75:cc:f7:
70:2e:a3:d0:29:ac:3d:a0:23:59:d6:a7:0b:bb:bc:cc:39:a8:
73:f6:46:b9:86:4c:8f:5a:56:35:41:c6:17:c0:b8:71:5b:cf:
b8:51:37:9b:97:a8:1d:54:bf:9f:d5:02:93:48:10:8c:62:25:
e5:c2:91:38:55:bc:92:31:d4:6f:d4:da:27:5e:ff:dc:70:fc:
96:d0:a0:27:5e:88:73:29:2a:c9:dc:31:91:e5:81:19:9e:09:
a4:6a:ae:86:0b:a8:b9:79:e7:99:2e:77:8b:4a:29:be:71:da:
59:56:8e:ed:d1:8f:82:8f:55:09:47:53:a9:a0:3d:63:4d:9a:
1d:1a:0c:d0:3c:51:5f:be:b2:84:14:58:1e:88:ba:ce:a1:8e:
b5:59:48:a9:98:b6:52:3a:0f:a5:9d:4a:d5:8f:65:c8:22:7a:
ac:b0:f9:c8:42:1b:1a:58:2f:ee:3b:63:fc:50:bf:82:a7:5a:
08:e9:06:07:47:8b:32:6f:d2:1a:a7:b7:59:da:07:91:69:c2:
de:bf:fa:ff:ca:7d:ee:32:e8:a2:da:70:f4:3a:1c:73:ab:c4:
06:92:cb:1b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOUWh0wnyJ1goKp64487ZoKMkvvwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTAwMjNaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1YzUzYzEwMDY3NjhhOTFkY2YxNDhjOWYzZDdiOWViNTYzZjQ1ZjQ3YjU3
ODQ4MDI4OGE3MWRjZjIwMDU5OTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJfqLPGBNv/O9p1WHeRHFxXOo/xwBntEP0oG0JHsbdPW5Glx8oAHAVj4GFPG
pdNYX2K0Lix823g4t11dXJRR4yOyaTPD//xHvysIw5EUHz7ZhPR5yc/NbEipsS9M
S7HQDKQo6EiXDRVxvSL8PdytmhGUHJ/6m+50DRbfS47/gn7PsxB87TVUiVvJyhtJ
nW5K2UMcS03qBV3wXOv3mQ56/TkDFlqFyDHAzb9KjYZ9MkpIiDKPdXe3Oi05hI2N
O/P3Y2pL8TwNeg0jmot3lhcx5j8ezF1ltptUjsDwOmDNHX7/A2OftDU5Ql8ber/5
CrKzdrOmga4ZMgMciBL2R5zZO/ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQN8/uD
WkJ8m56WZ9fsCO867jiWizAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTUyZTlkYWQtY2JmMy00YWMwLWE1MmUtZGEyYmYwM2U5MGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiKDAN
BgkqhkiG9w0BAQsFAAOCAQEAr8b4rkAcewFPP7SquUdu7cDLfeX5reqjIlBbzWnA
9engdcz3cC6j0CmsPaAjWdanC7u8zDmoc/ZGuYZMj1pWNUHGF8C4cVvPuFE3m5eo
HVS/n9UCk0gQjGIl5cKROFW8kjHUb9TaJ17/3HD8ltCgJ16IcykqydwxkeWBGZ4J
pGquhguouXnnmS53i0opvnHaWVaO7dGPgo9VCUdTqaA9Y02aHRoM0DxRX76yhBRY
Hoi6zqGOtVlIqZi2UjoPpZ1K1Y9lyCJ6rLD5yEIbGlgv7jtj/FC/gqdaCOkGB0eL
Mm/SGqe3WdoHkWnC3r/6/8p97jLootpw9Docc6vEBpLLGw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:48:21 2025 by rpki-client