Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83509a5e-2ad7-421b-90ef-fcdfda3fdfc7.roa
File: 83509a5e-2ad7-421b-90ef-fcdfda3fdfc7.roa (raw, json)
Hash identifier: HX9sFuNACHsKLAq2jgasNLvGG0YcciyvTfgU7e+U0nc=
Subject key identifier: 39:FA:E3:93:A5:B8:5D:3B:2A:02:CD:22:18:3B:A2:2F:56:DD:D4:F6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1CE225965E7C1DDD29482E80775658A8B06D7082
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83509a5e-2ad7-421b-90ef-fcdfda3fdfc7.roa
Signing time: Fri 23 May 2025 00:50:07 +0000
ROA not before: Fri 23 May 2025 00:50:07 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.0.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:e2:25:96:5e:7c:1d:dd:29:48:2e:80:77:56:58:a8:b0:6d:70:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:50:07 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=88d0425d2d46a379d014e77eeecb56cb796d489f5066bf0ba9928bbc86f565ca, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3e:5b:71:5c:d6:38:76:29:9a:bb:08:5e:ff:
be:99:df:ee:67:44:d8:0f:8b:e1:4b:d4:56:36:0e:
1c:4a:a4:65:44:6a:c4:cd:ca:b2:2c:22:4d:a6:02:
eb:58:8a:48:c1:cf:b1:ef:ac:86:42:41:50:95:10:
5e:8f:34:f4:34:54:62:55:79:a7:df:8b:d5:12:43:
a5:f3:f1:01:09:0e:73:50:7c:f0:b0:22:e5:7f:65:
07:96:8d:7c:9f:78:e4:91:4d:82:ae:6f:c8:3c:a8:
8e:75:58:89:ef:2e:b7:43:2c:98:60:c8:d6:3b:9c:
55:2a:6c:8b:aa:1c:d8:a6:3f:76:40:3c:fb:c8:b7:
3a:5d:8e:90:3f:f3:ac:3e:4b:c0:b1:a7:20:ce:a7:
5b:69:8c:cd:c0:b9:49:92:c8:1f:1d:85:fe:f4:54:
a4:35:bf:03:23:88:20:69:63:e9:ab:ae:60:0c:2e:
8a:7f:7f:53:d1:d1:00:b0:84:b5:6a:dd:5e:70:e3:
dc:74:9b:e1:2d:2c:66:44:65:07:dd:d3:f8:6c:c7:
97:4c:1a:ec:48:6d:49:bf:d0:84:e7:8a:91:95:50:
25:a3:e5:51:88:63:e1:81:f9:39:3d:0a:17:3a:d1:
ad:bf:c3:1c:d0:99:6b:d3:f1:20:15:25:f1:ea:5f:
ab:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:FA:E3:93:A5:B8:5D:3B:2A:02:CD:22:18:3B:A2:2F:56:DD:D4:F6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83509a5e-2ad7-421b-90ef-fcdfda3fdfc7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.0.0/18
Signature Algorithm: sha256WithRSAEncryption
66:db:bd:d1:9a:ef:b5:ac:7a:36:07:04:90:cb:75:76:27:c7:
3a:d2:49:86:b5:52:d9:a8:4c:9e:9c:34:36:d1:cb:4b:4a:4a:
29:2a:fc:92:65:6f:4d:ea:0b:06:3f:61:d6:c4:c4:2f:81:28:
b7:33:78:56:34:86:6a:d0:d9:63:62:b0:9b:20:49:18:6f:74:
5c:b8:a8:8a:27:51:a2:65:70:51:83:cc:79:ed:e8:55:b2:a8:
a4:22:16:c8:d2:92:e6:f1:7c:de:44:8d:b7:8f:91:15:3b:c0:
fb:c4:cd:a2:94:17:b5:9a:38:d9:f9:bc:e0:ed:33:79:ca:8e:
67:31:1a:7a:6b:e9:97:73:c9:57:41:68:5a:b0:d1:dd:df:70:
77:f8:fc:88:30:f9:3a:da:78:c6:13:e5:03:0b:ee:f9:95:3f:
20:eb:1e:b7:39:2f:a7:d5:34:0a:53:26:8d:19:bb:c1:5f:0b:
e2:b4:3b:02:62:7d:cf:11:e8:0c:38:d5:66:20:99:5f:5f:d9:
e2:27:83:22:54:d7:3d:d1:dc:9c:1f:2d:3b:f3:d3:cf:88:61:
6b:4c:58:3f:f9:3b:34:80:17:b0:d4:75:1e:15:32:2b:ac:f3:
41:e1:b8:66:3b:3c:58:89:7d:bb:74:50:d2:58:9f:59:6e:b7:
18:e0:15:08
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHOIlll58Hd0pSC6Ad1ZYqLBtcIIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDUwMDdaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4ZDA0MjVkMmQ0NmEzNzlkMDE0ZTc3ZWVlY2I1NmNiNzk2ZDQ4OWY1MDY2
YmYwYmE5OTI4YmJjODZmNTY1Y2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKo+W3Fc1jh2KZq7CF7/vpnf7mdE2A+L4UvUVjYOHEqkZURqxM3KsiwiTaYC
61iKSMHPse+shkJBUJUQXo809DRUYlV5p9+L1RJDpfPxAQkOc1B88LAi5X9lB5aN
fJ945JFNgq5vyDyojnVYie8ut0MsmGDI1jucVSpsi6oc2KY/dkA8+8i3Ol2OkD/z
rD5LwLGnIM6nW2mMzcC5SZLIHx2F/vRUpDW/AyOIIGlj6auuYAwuin9/U9HRALCE
tWrdXnDj3HSb4S0sZkRlB93T+GzHl0wa7EhtSb/QhOeKkZVQJaPlUYhj4YH5OT0K
FzrRrb/DHNCZa9PxIBUl8epfq8ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ5+uOT
pbhdOyoCzSIYO6IvVt3U9jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODM1MDlhNWUtMmFkNy00MjFiLTkwZWYtZmNkZmRhM2ZkZmM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBk99ADAN
BgkqhkiG9w0BAQsFAAOCAQEAZtu90Zrvtax6NgcEkMt1difHOtJJhrVS2ahMnpw0
NtHLS0pKKSr8kmVvTeoLBj9h1sTEL4EotzN4VjSGatDZY2KwmyBJGG90XLioiidR
omVwUYPMee3oVbKopCIWyNKS5vF83kSNt4+RFTvA+8TNopQXtZo42fm84O0zecqO
ZzEaemvpl3PJV0FoWrDR3d9wd/j8iDD5Otp4xhPlAwvu+ZU/IOsetzkvp9U0ClMm
jRm7wV8L4rQ7AmJ9zxHoDDjVZiCZX1/Z4ieDIlTXPdHcnB8tO/PTz4hha0xYP/k7
NIAXsNR1HhUyK6zzQeG4Zjs8WIl9u3RQ0lifWW63GOAVCA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:14 2025 by rpki-client