Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bfae711e-b0c4-404f-be1f-a99990818ac6.roa
File: bfae711e-b0c4-404f-be1f-a99990818ac6.roa (raw, json)
Hash identifier: 3M0hLKHSd1E8hj2fGRw+WJ99sUKjKKZd3SAGIzqNJ/4=
Subject key identifier: 88:2D:8B:09:57:1E:EB:9B:0A:17:7F:D7:BB:00:CC:4C:26:3F:E2:CF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 773D2241725F4A7883C10BCDAF06C2CC182D8DFE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bfae711e-b0c4-404f-be1f-a99990818ac6.roa
Signing time: Fri 23 May 2025 00:40:13 +0000
ROA not before: Fri 23 May 2025 00:40:13 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.0.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:3d:22:41:72:5f:4a:78:83:c1:0b:cd:af:06:c2:cc:18:2d:8d:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:40:13 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=ad9833055b1d50f89854275957c425aa4f26027a8743bdb602af922b84beebf9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:88:4b:48:28:43:0c:1b:97:4d:a0:b0:2f:5c:
1a:65:ea:e0:92:03:25:a7:60:45:ff:88:b2:7a:1c:
32:d6:ef:8c:f7:ed:41:89:2a:b8:49:b4:8a:56:87:
b3:00:30:6f:32:b0:3a:01:03:26:42:f5:d3:d4:2d:
19:84:fc:0c:08:62:32:f4:39:9b:b0:aa:ba:9b:02:
ae:d1:7a:c2:f8:3e:3b:54:0d:b7:4c:45:5f:66:1b:
4e:01:47:62:4f:29:a1:02:f2:25:f7:5d:40:38:10:
5f:4d:49:91:b2:63:ba:b3:68:39:c4:47:7b:f5:58:
6d:ed:56:3a:13:71:55:b7:13:d8:54:22:62:17:eb:
af:ee:a5:50:ad:2c:06:8f:f1:ea:1c:44:89:fa:f5:
52:5c:2c:eb:56:05:e3:a5:b5:6e:1a:2a:a6:6b:1a:
63:66:7c:48:a6:7c:89:aa:a4:35:c8:d5:7e:7a:e2:
5f:2b:fe:ac:4b:f5:67:ff:ee:67:06:86:ee:96:31:
a4:f4:c6:67:8a:73:0c:eb:08:48:01:87:2c:32:2b:
7a:31:42:75:c3:8f:52:aa:6c:90:7e:dc:c9:e1:ee:
79:af:a0:d0:70:a2:ed:70:f9:55:14:2b:20:0b:cb:
1c:f3:76:07:dd:5a:58:0e:e6:53:a8:1d:c5:cc:aa:
24:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:2D:8B:09:57:1E:EB:9B:0A:17:7F:D7:BB:00:CC:4C:26:3F:E2:CF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bfae711e-b0c4-404f-be1f-a99990818ac6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.0.0/23
Signature Algorithm: sha256WithRSAEncryption
92:67:b4:fd:05:37:88:80:a7:d8:10:3f:ca:8c:53:2c:2d:5d:
da:09:cd:89:00:c3:37:d4:81:50:d3:12:59:1b:93:2d:a7:9d:
53:4e:8f:76:ee:47:65:eb:a4:c0:92:37:e0:04:bf:df:ab:b5:
ac:c4:64:02:f1:cf:85:c5:1f:31:82:85:7c:52:68:dc:d1:68:
f6:bb:86:06:51:bc:4d:9b:37:9c:73:7b:2a:32:bd:08:7d:33:
21:c3:73:f3:8c:fd:fe:47:bf:4e:99:98:d4:56:13:17:54:16:
e7:56:c6:3b:3b:37:8a:dc:1c:c3:0f:ca:54:6e:6e:61:0d:0f:
3c:7a:b2:38:31:f7:ad:45:86:47:37:ff:fd:3a:96:40:3f:89:
c7:e4:04:b9:3e:49:16:0f:29:83:f1:aa:06:b9:ed:11:b3:e4:
9e:7b:90:f6:cf:2f:97:7c:34:59:92:a8:6f:f0:7f:9f:44:f3:
58:df:76:8d:cc:5b:f6:e0:07:38:a2:9e:f2:fa:32:ed:d2:3f:
07:1c:15:7f:d9:42:c2:2d:e8:d6:07:52:c8:91:dd:69:19:cb:
c5:e4:19:92:d7:a9:ee:3e:9a:16:a3:c9:9e:18:58:ab:1b:71:
69:55:83:e3:2e:dc:f0:19:0f:21:9f:ba:25:61:de:6c:a4:48:
52:34:48:3d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdz0iQXJfSniDwQvNrwbCzBgtjf4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQwMTNaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkOTgzMzA1NWIxZDUwZjg5ODU0Mjc1OTU3YzQyNWFhNGYyNjAyN2E4NzQz
YmRiNjAyYWY5MjJiODRiZWViZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGIS0goQwwbl02gsC9cGmXq4JIDJadgRf+IsnocMtbvjPftQYkquEm0ilaH
swAwbzKwOgEDJkL109QtGYT8DAhiMvQ5m7CqupsCrtF6wvg+O1QNt0xFX2YbTgFH
Yk8poQLyJfddQDgQX01JkbJjurNoOcRHe/VYbe1WOhNxVbcT2FQiYhfrr+6lUK0s
Bo/x6hxEifr1Ulws61YF46W1bhoqpmsaY2Z8SKZ8iaqkNcjVfnriXyv+rEv1Z//u
ZwaG7pYxpPTGZ4pzDOsISAGHLDIrejFCdcOPUqpskH7cyeHuea+g0HCi7XD5VRQr
IAvLHPN2B91aWA7mU6gdxcyqJAcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSILYsJ
Vx7rmwoXf9e7AMxMJj/izzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmZhZTcxMWUtYjBjNC00MDRmLWJlMWYtYTk5OTkwODE4YWM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAU99ADAN
BgkqhkiG9w0BAQsFAAOCAQEAkme0/QU3iICn2BA/yoxTLC1d2gnNiQDDN9SBUNMS
WRuTLaedU06Pdu5HZeukwJI34AS/36u1rMRkAvHPhcUfMYKFfFJo3NFo9ruGBlG8
TZs3nHN7KjK9CH0zIcNz84z9/ke/TpmY1FYTF1QW51bGOzs3itwcww/KVG5uYQ0P
PHqyODH3rUWGRzf//TqWQD+Jx+QEuT5JFg8pg/GqBrntEbPknnuQ9s8vl3w0WZKo
b/B/n0TzWN92jcxb9uAHOKKe8voy7dI/BxwVf9lCwi3o1gdSyJHdaRnLxeQZktep
7j6aFqPJnhhYqxtxaVWD4y7c8BkPIZ+6JWHebKRIUjRIPQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:24 2025 by rpki-client