Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cc30fcc-ec23-4e26-be16-37db80dbf3a0.roa
File: 4cc30fcc-ec23-4e26-be16-37db80dbf3a0.roa (raw, json)
Hash identifier: 63b9O1RX3ae/CQIcF7X9VWCw3TdSp9YQVJ6bv/M79wc=
Subject key identifier: 58:8D:52:BF:94:3A:48:D8:F2:CB:57:49:1C:CD:47:90:95:83:47:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 119B73493849607337C79A67AE1CB23FA83079E2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cc30fcc-ec23-4e26-be16-37db80dbf3a0.roa
Signing time: Fri 23 May 2025 00:40:15 +0000
ROA not before: Fri 23 May 2025 00:40:15 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.4.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:9b:73:49:38:49:60:73:37:c7:9a:67:ae:1c:b2:3f:a8:30:79:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:40:15 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=5641a88ee9656cf41c93f162a2d4f5627ad212fef214a829b91c146bb8a32a44, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:83:1a:12:eb:b9:bf:56:c6:3e:96:ba:0d:54:
dc:25:92:20:05:ca:56:b3:d8:4a:b6:27:44:79:f6:
5d:ba:91:06:f0:54:5f:26:5a:2d:1b:5e:b9:2a:b8:
12:0e:1f:fb:35:c9:b1:65:b3:d7:1e:0a:61:73:a5:
d2:dc:89:03:58:68:3c:c3:99:c3:b2:29:60:0b:76:
f5:12:a6:78:9c:27:cd:00:51:66:81:91:19:cd:8c:
ed:18:97:58:8b:04:ff:fc:56:91:59:f0:0f:55:ef:
32:27:5c:97:7f:62:15:89:0a:68:5d:c0:c6:31:19:
a3:30:07:3b:5e:2d:2b:a5:f8:84:b8:5b:c4:79:e1:
02:94:34:02:51:fe:df:52:0a:4a:67:32:3b:3c:4c:
3f:5e:70:83:50:1f:81:80:ed:2c:06:58:72:b0:5b:
2e:d3:42:62:9c:bd:13:f3:e5:34:23:11:e6:1f:2f:
f3:cf:0e:cb:4f:c7:23:09:5a:ec:d8:d4:3e:53:6a:
84:9d:72:ec:77:c3:80:a9:d4:94:4e:e6:47:6a:eb:
a8:d9:22:03:e4:a5:63:96:05:e1:c6:fd:aa:04:b5:
15:e7:93:6a:4e:1c:a8:b7:6f:53:cb:d0:3d:c5:8f:
47:ca:52:ad:ae:e5:96:95:47:1f:0c:cf:82:06:c1:
65:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:8D:52:BF:94:3A:48:D8:F2:CB:57:49:1C:CD:47:90:95:83:47:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cc30fcc-ec23-4e26-be16-37db80dbf3a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.4.0/22
Signature Algorithm: sha256WithRSAEncryption
42:b4:35:40:97:69:be:7d:9a:ef:65:37:3a:e9:59:49:13:12:
4d:ca:9c:4e:bb:9f:d4:7d:85:f0:c5:56:c0:97:21:54:3b:c8:
80:f9:d3:06:d5:a1:4b:b7:88:f9:d5:67:46:36:c9:7d:d2:ef:
88:02:f8:f4:24:b7:9c:88:84:fd:ee:07:e2:2e:d6:2f:60:20:
bb:48:a9:b3:3d:36:98:d2:cb:76:bc:1b:e2:e9:e3:64:24:77:
af:a4:57:c8:47:94:f0:b7:ad:2b:cb:ba:22:ef:55:3e:c4:c2:
de:59:c4:a8:4f:1f:65:dd:5d:aa:84:68:b3:0f:49:5f:b4:ef:
eb:72:5f:2b:55:e6:33:ef:de:e4:1b:1e:4e:01:a6:e5:e8:73:
2f:90:0d:e5:e1:4e:e0:3d:fc:37:ed:b4:e4:e5:37:c8:0b:65:
69:f9:7e:b5:21:17:26:8d:eb:13:9c:d2:77:fc:f1:83:c6:23:
ae:09:e8:93:a9:79:48:5c:4a:78:80:78:bd:11:3e:57:c7:33:
9e:82:00:67:cc:d9:79:29:a2:ad:5e:b8:96:c6:2e:16:38:97:
da:43:59:e5:68:f8:49:6b:64:e2:ee:45:db:a6:32:67:87:2c:
3d:99:61:9a:a4:39:5d:76:02:c9:57:69:07:72:e6:e6:53:96:
bd:6e:ab:ad
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEZtzSThJYHM3x5pnrhyyP6gweeIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQwMTVaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2NDFhODhlZTk2NTZjZjQxYzkzZjE2MmEyZDRmNTYyN2FkMjEyZmVmMjE0
YTgyOWI5MWMxNDZiYjhhMzJhNDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIqDGhLrub9Wxj6Wug1U3CWSIAXKVrPYSrYnRHn2XbqRBvBUXyZaLRteuSq4
Eg4f+zXJsWWz1x4KYXOl0tyJA1hoPMOZw7IpYAt29RKmeJwnzQBRZoGRGc2M7RiX
WIsE//xWkVnwD1XvMidcl39iFYkKaF3AxjEZozAHO14tK6X4hLhbxHnhApQ0AlH+
31IKSmcyOzxMP15wg1AfgYDtLAZYcrBbLtNCYpy9E/PlNCMR5h8v888Oy0/HIwla
7NjUPlNqhJ1y7HfDgKnUlE7mR2rrqNkiA+SlY5YF4cb9qgS1FeeTak4cqLdvU8vQ
PcWPR8pSra7llpVHHwzPggbBZQsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRYjVK/
lDpI2PLLV0kczUeQlYNHZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGNjMzBmY2MtZWMyMy00ZTI2LWJlMTYtMzdkYjgwZGJmM2EwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99BDAN
BgkqhkiG9w0BAQsFAAOCAQEAQrQ1QJdpvn2a72U3OulZSRMSTcqcTruf1H2F8MVW
wJchVDvIgPnTBtWhS7eI+dVnRjbJfdLviAL49CS3nIiE/e4H4i7WL2Agu0ipsz02
mNLLdrwb4unjZCR3r6RXyEeU8LetK8u6Iu9VPsTC3lnEqE8fZd1dqoRosw9JX7Tv
63JfK1XmM+/e5BseTgGm5ehzL5AN5eFO4D38N+205OU3yAtlafl+tSEXJo3rE5zS
d/zxg8Yjrgnok6l5SFxKeIB4vRE+V8cznoIAZ8zZeSmirV64lsYuFjiX2kNZ5Wj4
SWtk4u5F26YyZ4csPZlhmqQ5XXYCyVdpB3Lm5lOWvW6rrQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:11 2025 by rpki-client