Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
File: 5326a6e7-9660-4ae8-a80a-996863be862e.roa (raw, json)
Hash identifier: 3tcUrCu1J2KY8m/2WZINh3vtMlKp/+8ftQT0gRRA3PQ=
Subject key identifier: E1:D0:93:28:86:98:81:BC:33:98:A5:AA:F3:F5:F3:52:55:08:6D:62
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 760625A6276C1B719898D751D236B4B28666CC0F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
Signing time: Fri 23 May 2025 00:50:10 +0000
ROA not before: Fri 23 May 2025 00:50:10 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:06:25:a6:27:6c:1b:71:98:98:d7:51:d2:36:b4:b2:86:66:cc:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:50:10 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=bea01ff9a581585ac9583ee4e99dd9e9bab3141982a0413ff72f7ab71077f1a3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5c:4e:fe:5c:71:b7:70:c0:fe:49:ac:91:a3:
d2:b6:0a:3e:88:1a:b7:f2:73:4a:64:1e:e3:e2:3f:
dd:fc:4e:e4:5d:60:13:69:2b:90:50:de:80:ec:c7:
b5:77:37:9f:c4:6c:f0:42:39:b1:f9:62:74:3d:5a:
47:42:11:cf:c6:de:14:74:9f:d2:ce:d9:7e:d0:a7:
fc:67:fb:16:e1:9a:60:ec:5d:0d:22:03:19:87:72:
29:16:f9:fe:49:2f:d9:40:7a:d7:47:f0:7f:4e:82:
f5:61:ea:34:84:42:77:4a:bd:f6:6e:d5:8c:70:55:
89:7a:24:a9:23:44:c6:15:0c:47:87:6c:42:85:82:
f6:84:4e:0b:bb:1b:55:44:6a:ce:36:77:a6:1e:75:
f0:b6:23:c2:a5:94:a7:8e:61:1c:66:98:d0:96:90:
27:68:9f:fe:6a:d8:19:8a:ce:d4:bf:38:63:89:6a:
b1:65:f5:8d:d5:de:e6:cc:dc:9e:8e:75:55:10:83:
d9:f9:22:49:40:3b:50:33:f8:95:b4:11:7a:96:f1:
72:a8:97:c9:7e:7a:f2:79:9e:67:71:96:0f:cd:4d:
89:09:fc:82:2c:70:b1:34:b5:64:37:26:b8:6f:92:
01:80:aa:0f:2b:72:98:68:39:4f:c0:2c:59:b9:37:
f9:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:D0:93:28:86:98:81:BC:33:98:A5:AA:F3:F5:F3:52:55:08:6D:62
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.64.0/19
Signature Algorithm: sha256WithRSAEncryption
5e:b3:b7:26:41:d5:52:a2:d1:53:2b:83:cd:f1:7b:1c:f4:f2:
02:cd:af:20:07:6d:ab:29:db:35:00:39:6b:bd:10:cf:a9:7b:
f3:63:be:9e:76:f8:fa:9c:8c:13:53:b8:12:bc:c9:f8:8d:cd:
6f:03:7b:9a:ca:eb:8b:4a:31:7a:c4:bd:96:d2:20:4d:39:28:
1a:a0:7f:07:ad:d5:c5:51:45:7c:5b:eb:3e:e3:38:02:dd:35:
c5:d5:4f:5a:8b:d6:16:7f:e8:ea:67:ea:f1:b5:3f:78:72:2d:
4c:bd:2c:8b:a9:ba:d3:3f:a0:f3:07:b9:b6:0d:1b:a7:84:20:
73:9a:87:e2:2c:32:0c:50:39:0c:ba:3e:c3:23:7b:53:61:0e:
14:67:3e:a5:66:9b:71:65:89:d7:cb:53:ab:18:46:6f:27:fb:
eb:23:a4:d6:58:db:e9:53:2a:96:47:f6:cc:68:bc:3b:dc:f4:
f8:32:11:71:b0:f6:b3:7a:40:af:ad:56:b7:11:93:40:f5:e7:
e3:f0:aa:de:d0:5b:5b:ec:8e:96:d7:52:75:da:21:e8:6c:88:
15:67:57:0d:e5:76:82:e4:86:82:76:3e:5e:c4:29:10:eb:f8:
2b:0f:71:2e:3f:38:0c:90:f6:1f:1d:c5:60:c6:1a:3e:5c:47:
b9:0d:a0:bc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdgYlpidsG3GYmNdR0ja0soZmzA8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDUwMTBaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlYTAxZmY5YTU4MTU4NWFjOTU4M2VlNGU5OWRkOWU5YmFiMzE0MTk4MmEw
NDEzZmY3MmY3YWI3MTA3N2YxYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJRcTv5ccbdwwP5JrJGj0rYKPogat/JzSmQe4+I/3fxO5F1gE2krkFDegOzH
tXc3n8Rs8EI5sflidD1aR0IRz8beFHSf0s7ZftCn/Gf7FuGaYOxdDSIDGYdyKRb5
/kkv2UB610fwf06C9WHqNIRCd0q99m7VjHBViXokqSNExhUMR4dsQoWC9oROC7sb
VURqzjZ3ph518LYjwqWUp45hHGaY0JaQJ2if/mrYGYrO1L84Y4lqsWX1jdXe5szc
no51VRCD2fkiSUA7UDP4lbQRepbxcqiXyX568nmeZ3GWD81NiQn8gixwsTS1ZDcm
uG+SAYCqDytymGg5T8AsWbk3+a0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTh0JMo
hpiBvDOYparz9fNSVQhtYjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTMyNmE2ZTctOTY2MC00YWU4LWE4MGEtOTk2ODYzYmU4NjJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBU99QDAN
BgkqhkiG9w0BAQsFAAOCAQEAXrO3JkHVUqLRUyuDzfF7HPTyAs2vIAdtqynbNQA5
a70Qz6l782O+nnb4+pyME1O4ErzJ+I3NbwN7msrri0oxesS9ltIgTTkoGqB/B63V
xVFFfFvrPuM4At01xdVPWovWFn/o6mfq8bU/eHItTL0si6m60z+g8we5tg0bp4Qg
c5qH4iwyDFA5DLo+wyN7U2EOFGc+pWabcWWJ18tTqxhGbyf76yOk1ljb6VMqlkf2
zGi8O9z0+DIRcbD2s3pAr61WtxGTQPXn4/Cq3tBbW+yOltdSddoh6GyIFWdXDeV2
guSGgnY+XsQpEOv4Kw9xLj84DJD2Hx3FYMYaPlxHuQ2gvA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:26 2025 by rpki-client