Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
File: 332d3a7e-56bb-435c-b479-a81f23cb0414.roa (raw, json)
Hash identifier: LzCGyM4LfW7xWgQeDDNe1Sn03is2lIFuCrDX/i6xLcQ=
Subject key identifier: DD:82:CD:2A:A4:75:B5:FF:5A:02:31:B2:17:45:89:00:7B:3F:0C:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 78AE9BAF27CED7F70768A02A566208F3B7DB45C0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
Signing time: Tue 01 Apr 2025 15:00:28 +0000
ROA not before: Tue 01 Apr 2025 15:00:28 +0000
ROA not after: Tue 06 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.28.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:ae:9b:af:27:ce:d7:f7:07:68:a0:2a:56:62:08:f3:b7:db:45:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 1 15:00:28 2025 GMT
Not After : May 6 23:59:59 2025 GMT
Subject: serialNumber=781f93eb28fb57663deb9d3ec46685fa5c76829049d8d6db71fa4083d946cd0e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ac:b3:f9:1b:fb:d3:08:27:a4:b6:d8:d8:eb:
6d:b6:87:33:bc:06:10:cb:3e:90:0d:b8:af:02:6e:
29:02:d5:43:b7:e3:da:1f:36:79:19:c2:89:26:18:
39:7d:8a:4a:11:53:aa:b9:ed:3c:a8:c0:ea:57:49:
d4:ae:c5:ff:a9:30:c0:a8:96:d6:ab:b4:9b:88:70:
1a:d2:4d:16:8b:67:74:66:0b:a5:be:db:85:31:f1:
70:68:b1:3e:15:8a:42:bb:43:5d:f8:2b:6b:b0:92:
f6:56:b4:2c:d2:4d:82:a0:6f:de:5e:5c:cf:87:8d:
85:1e:c2:51:a6:2a:e7:64:c2:20:a0:7d:6a:94:b5:
fc:18:10:3f:65:6a:3b:86:62:37:cb:e2:df:6a:99:
9f:b8:af:44:61:d6:2d:f9:1f:03:8a:9c:17:92:d1:
5c:67:3e:62:1e:43:a1:a0:cc:4d:c8:2c:c4:06:ae:
b5:f1:e7:d4:e4:b9:27:bd:0c:f0:31:46:09:5b:67:
68:68:69:17:64:d5:14:96:9d:0d:69:3d:c0:7c:23:
b5:09:5a:cc:d6:18:dc:75:7b:e9:9d:21:de:c3:66:
4d:d1:67:59:6b:14:17:19:20:22:8f:54:e6:4f:2b:
be:72:a8:7d:6c:91:fe:97:e2:47:a5:5a:02:3a:99:
7a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:82:CD:2A:A4:75:B5:FF:5A:02:31:B2:17:45:89:00:7B:3F:0C:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.28.0/22
Signature Algorithm: sha256WithRSAEncryption
26:8e:44:7b:a9:89:90:41:0e:c2:78:ef:04:29:c6:8f:65:6e:
b6:cf:fb:8b:23:b5:1e:a8:bb:9e:a0:9b:ac:ea:79:71:17:f4:
d4:98:7e:d4:1e:fd:a2:df:ab:73:18:aa:6c:91:c7:cf:d0:19:
73:14:8d:ee:f7:5b:20:b4:1c:47:44:2d:50:9a:31:b0:7f:63:
66:2e:6f:10:80:c1:3e:2a:f7:72:8a:9f:ee:a7:e5:b7:52:de:
1b:dc:d0:e1:b2:9c:f9:af:4a:bb:bc:95:95:49:1f:81:e8:d4:
cd:12:0e:d7:05:c8:be:33:07:dd:d0:4c:7a:73:82:70:40:b1:
7f:c6:63:a7:3d:45:79:9f:a2:96:1d:46:1c:23:49:b9:16:5a:
13:2b:f4:b7:b0:96:33:f8:7b:16:31:2a:bf:29:8a:ba:63:6f:
47:53:ba:d3:e0:f1:a0:a0:fa:9b:99:17:7d:18:3b:67:fd:ed:
b5:6b:c4:4f:3f:ff:63:80:5f:fc:8d:c2:b3:6d:75:42:3d:5f:
f3:99:64:4f:8e:a2:5f:e4:7a:9e:08:66:27:f9:89:2b:70:2e:
3f:2e:c1:30:8e:1b:fd:15:8f:3f:47:f8:2f:49:ae:30:f3:87:
e4:11:10:85:77:67:10:90:93:4b:ba:ed:dd:7f:6e:d2:1a:20:
a9:03:0a:28
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeK6bryfO1/cHaKAqVmII87fbRcAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MDExNTAwMjhaFw0yNTA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4MWY5M2ViMjhmYjU3NjYzZGViOWQzZWM0NjY4NWZhNWM3NjgyOTA0OWQ4
ZDZkYjcxZmE0MDgzZDk0NmNkMGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6ss/kb+9MIJ6S22NjrbbaHM7wGEMs+kA24rwJuKQLVQ7fj2h82eRnCiSYY
OX2KShFTqrntPKjA6ldJ1K7F/6kwwKiW1qu0m4hwGtJNFotndGYLpb7bhTHxcGix
PhWKQrtDXfgra7CS9la0LNJNgqBv3l5cz4eNhR7CUaYq52TCIKB9apS1/BgQP2Vq
O4ZiN8vi32qZn7ivRGHWLfkfA4qcF5LRXGc+Yh5DoaDMTcgsxAautfHn1OS5J70M
8DFGCVtnaGhpF2TVFJadDWk9wHwjtQlazNYY3HV76Z0h3sNmTdFnWWsUFxkgIo9U
5k8rvnKofWyR/pfiR6VaAjqZep0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTdgs0q
pHW1/1oCMbIXRYkAez8MezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzMyZDNhN2UtNTZiYi00MzVjLWI0NzktYTgxZjIzY2IwNDE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99HDAN
BgkqhkiG9w0BAQsFAAOCAQEAJo5Ee6mJkEEOwnjvBCnGj2Vuts/7iyO1Hqi7nqCb
rOp5cRf01Jh+1B79ot+rcxiqbJHHz9AZcxSN7vdbILQcR0QtUJoxsH9jZi5vEIDB
Pir3coqf7qflt1LeG9zQ4bKc+a9Ku7yVlUkfgejUzRIO1wXIvjMH3dBMenOCcECx
f8Zjpz1FeZ+ilh1GHCNJuRZaEyv0t7CWM/h7FjEqvymKumNvR1O60+DxoKD6m5kX
fRg7Z/3ttWvETz//Y4Bf/I3Cs211Qj1f85lkT46iX+R6nghmJ/mJK3AuPy7BMI4b
/RWPP0f4L0muMPOH5BEQhXdnEJCTS7rt3X9u0hogqQMKKA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:10 2025 by rpki-client