Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa
File: ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa (raw, json)
Hash identifier: miqM4LzZTn538jFKZ0cUD+RMpJ3FbWz3KQNqmvFf5Pg=
Subject key identifier: 7B:3E:2E:AC:C5:84:F2:52:95:DD:B4:EE:87:11:D4:B0:4E:20:5F:05
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72A1C86C9943FCFDE693C5E5E33389E7BEDB67A4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa
Signing time: Sat 31 May 2025 00:50:12 +0000
ROA not before: Sat 31 May 2025 00:50:12 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 87.238.80.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:a1:c8:6c:99:43:fc:fd:e6:93:c5:e5:e3:33:89:e7:be:db:67:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 00:50:12 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=9d92ab224c244405de160a298b1c000edcbfb037404623142ac5e60f0b787c0f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:eb:59:d2:f8:80:f1:bf:b0:32:a1:c1:2b:ea:
e3:2f:fd:49:ce:cb:ff:e4:e2:be:8e:a4:f8:aa:87:
0f:c3:de:b2:15:fe:2d:98:5b:ae:f2:e4:dc:e3:4b:
6a:5b:5a:19:2c:45:21:6b:fb:42:33:c5:3d:80:3e:
13:58:d6:73:b5:fa:a0:a0:d0:d3:81:9b:e3:e9:54:
8e:6b:6b:80:3a:26:6e:04:3e:11:f8:93:eb:4d:65:
45:b4:c9:ad:62:d2:90:14:f4:70:5c:53:b8:6c:c3:
d1:60:2b:bc:e7:09:40:ae:6e:72:ec:08:75:ff:83:
3c:ff:40:13:87:43:68:87:23:c1:df:49:9d:84:95:
45:88:b8:ff:ed:3e:31:09:2c:a5:7f:c0:d4:e4:76:
15:07:27:a4:17:d6:17:4e:18:16:95:ed:a7:16:9c:
f0:64:5d:7e:ff:76:b5:3d:eb:8d:87:83:d0:0e:7d:
e9:57:89:65:12:f0:ba:34:46:8d:6a:f3:05:42:39:
d1:b5:9f:4e:be:0f:9b:1b:e2:66:9c:37:4b:89:44:
1d:ff:e2:68:69:6e:b3:24:cb:34:00:cd:81:8f:5e:
6b:88:38:06:c3:65:b3:6c:80:5f:a3:82:08:93:bc:
8e:8d:38:3e:bd:35:6d:66:76:0b:f3:d5:86:ad:01:
71:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:3E:2E:AC:C5:84:F2:52:95:DD:B4:EE:87:11:D4:B0:4E:20:5F:05
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.80.0/21
Signature Algorithm: sha256WithRSAEncryption
73:ae:46:e1:32:ab:57:c7:9c:91:08:1c:ca:df:79:63:e2:ea:
c7:ef:eb:d4:aa:f1:8f:12:33:ef:aa:bd:07:f9:39:a7:70:c8:
96:8e:b9:94:28:e9:84:00:52:b2:97:9e:f2:38:b7:7d:66:79:
d4:79:0f:7f:98:ad:fe:32:d8:c2:da:3f:82:58:ed:0b:59:3f:
9c:66:19:1c:c6:08:23:96:74:e7:c4:95:37:7a:22:77:0c:89:
2b:d2:d5:26:df:5c:9f:a4:4e:5b:9e:62:a1:65:f4:3e:e7:43:
e8:42:eb:0c:40:ba:4a:12:a9:4a:ed:22:d2:52:d1:e3:70:39:
04:97:e8:fa:52:09:33:c6:6d:ac:b6:c2:5e:6e:30:75:14:d7:
51:a9:bb:d6:84:ae:5f:6c:8f:6b:d1:cc:fd:25:e9:18:37:9a:
6e:a1:c7:54:cf:76:34:c3:89:b3:a4:e4:0d:7b:5d:ed:9c:72:
6c:c8:8a:55:7d:ab:3d:43:24:3b:83:ca:53:40:bc:89:cd:17:
50:79:99:df:86:6c:4d:56:09:57:d8:c5:60:98:42:f3:72:1c:
ec:21:24:29:9b:ad:ab:f8:6e:0a:5d:4a:21:b6:5c:25:eb:a0:
da:ea:d3:47:a7:2a:bc:91:23:24:3e:5c:56:0e:7a:f2:cf:cf:
dc:88:87:b3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcqHIbJlD/P3mk8Xl4zOJ577bZ6QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MzEwMDUwMTJaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkOTJhYjIyNGMyNDQ0MDVkZTE2MGEyOThiMWMwMDBlZGNiZmIwMzc0MDQ2
MjMxNDJhYzVlNjBmMGI3ODdjMGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJnrWdL4gPG/sDKhwSvq4y/9Sc7L/+Tivo6k+KqHD8PeshX+LZhbrvLk3ONL
altaGSxFIWv7QjPFPYA+E1jWc7X6oKDQ04Gb4+lUjmtrgDombgQ+EfiT601lRbTJ
rWLSkBT0cFxTuGzD0WArvOcJQK5ucuwIdf+DPP9AE4dDaIcjwd9JnYSVRYi4/+0+
MQkspX/A1OR2FQcnpBfWF04YFpXtpxac8GRdfv92tT3rjYeD0A596VeJZRLwujRG
jWrzBUI50bWfTr4PmxviZpw3S4lEHf/iaGlusyTLNADNgY9ea4g4BsNls2yAX6OC
CJO8jo04Pr01bWZ2C/PVhq0Bcc8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR7Pi6s
xYTyUpXdtO6HEdSwTiBfBTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmE3MGE4OWMtNWU2Yy00MGFjLTlhNzMtZjkyYmVlMDA1ZDViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1fuUDAN
BgkqhkiG9w0BAQsFAAOCAQEAc65G4TKrV8eckQgcyt95Y+Lqx+/r1KrxjxIz76q9
B/k5p3DIlo65lCjphABSspee8ji3fWZ51HkPf5it/jLYwto/gljtC1k/nGYZHMYI
I5Z058SVN3oidwyJK9LVJt9cn6ROW55ioWX0PudD6ELrDEC6ShKpSu0i0lLR43A5
BJfo+lIJM8ZtrLbCXm4wdRTXUam71oSuX2yPa9HM/SXpGDeabqHHVM92NMOJs6Tk
DXtd7ZxybMiKVX2rPUMkO4PKU0C8ic0XUHmZ34ZsTVYJV9jFYJhC83Ic7CEkKZut
q/huCl1KIbZcJeug2urTR6cqvJEjJD5cVg568s/P3IiHsw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:24 2025 by rpki-client