Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
File: c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa (raw, json)
Hash identifier: y5jszS6pzBqxf0SNUEe7o7aIw4R+WaNlCD/IZoGlQPA=
Subject key identifier: 48:E3:F4:51:70:5B:07:C8:58:3C:CF:54:5F:6F:46:BA:C2:B4:53:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3BE8D9DD90462D91B6DD0AADF952CC47E0EBC544
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
Signing time: Sun 01 Mar 2026 00:00:34 +0000
ROA not before: Sun 01 Mar 2026 00:00:34 +0000
ROA not after: Sat 30 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.32.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:e8:d9:dd:90:46:2d:91:b6:dd:0a:ad:f9:52:cc:47:e0:eb:c5:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 1 00:00:34 2026 GMT
Not After : May 30 23:59:59 2026 GMT
Subject: serialNumber=4502b7c42b467249c909abaeda000c2b9cc85dab2fdead0a48a2bfdc2883dc36, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:dd:6c:db:64:ac:0f:79:ff:71:e9:e2:a2:dd:
5e:22:3a:3d:37:7f:ea:cc:ec:0a:e6:35:79:f8:78:
6e:b8:6b:97:c4:08:b8:ef:e1:2d:9d:4b:92:88:df:
04:7a:c8:a8:bd:99:9b:a1:98:16:07:12:67:58:67:
14:92:11:83:c1:a6:f5:d9:a0:5a:6d:f9:57:4f:90:
f3:5d:31:d2:85:1c:eb:7e:be:4d:b4:d5:30:95:08:
79:07:73:cb:65:7d:e1:fa:01:98:39:02:8f:49:5d:
f0:f4:1f:fc:74:04:af:f1:3d:cd:53:4b:c5:3d:7a:
86:1c:df:d9:f4:6a:56:c8:11:6f:6d:5e:f2:ac:62:
11:e3:66:d1:4b:6c:82:2a:3f:9d:e5:36:c9:7e:c0:
a3:50:27:73:08:47:04:89:cd:75:7b:10:6b:e9:e7:
76:1b:b4:7d:80:ee:f4:c4:19:92:d1:24:b8:22:12:
3f:dc:48:eb:8d:06:63:71:d0:22:75:52:ea:68:13:
32:80:3c:d1:7e:06:3d:f6:dd:c2:97:6f:fd:77:3c:
5e:a2:f1:05:38:67:2d:b1:11:69:14:f8:11:e6:d2:
dd:38:68:a2:05:a9:a6:80:cd:3d:f7:69:17:a1:37:
25:8a:6e:b5:a0:4b:59:5b:3c:09:ef:3e:42:6a:93:
de:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:E3:F4:51:70:5B:07:C8:58:3C:CF:54:5F:6F:46:BA:C2:B4:53:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.32.0/19
Signature Algorithm: sha256WithRSAEncryption
6c:80:c4:1e:e5:b3:de:54:a3:c1:2a:f3:ae:60:2b:fb:ba:ea:
c4:bc:4f:ce:3b:af:88:00:f3:4d:13:f8:7d:46:12:67:b4:25:
1a:3a:c9:bd:2f:c5:0b:a2:e3:f9:a9:74:fd:a2:e7:6b:4c:c4:
a8:aa:cc:cf:a3:18:0a:00:77:47:27:a6:df:a6:1f:cd:26:53:
4d:b1:34:9a:34:b9:30:dd:d2:11:2f:1e:94:6d:a1:91:41:26:
3f:23:3b:c2:77:1b:0a:1b:11:20:67:9e:95:9c:a8:b8:4c:2f:
7b:c0:08:60:17:3d:be:c1:f9:5c:b9:e4:35:08:24:86:ec:4e:
7b:db:f7:23:a8:e8:32:01:e3:f2:bf:af:8f:0f:01:c4:58:76:
b8:1e:ba:1a:04:9c:a1:fc:04:b7:b4:b3:2f:25:c4:d5:06:0d:
56:b0:85:c5:92:ab:74:d1:99:9c:79:bb:31:c4:cd:1b:e6:30:
fb:49:4e:17:f1:06:54:8e:86:57:e3:e3:53:fd:1e:16:d5:55:
38:f1:49:05:2b:f1:b2:50:5c:4a:94:d6:08:49:19:18:97:7f:
3d:e6:94:20:c9:4f:c4:fb:a3:d0:7c:79:e7:ed:f5:5f:9a:83:
6c:30:46:e1:1c:fd:95:3e:58:20:c7:1a:bb:58:bb:f0:c2:f0:
7a:e8:b4:12
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUO+jZ3ZBGLZG23Qqt+VLMR+DrxUQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMDEwMDAwMzRaFw0yNjA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1MDJiN2M0MmI0NjcyNDljOTA5YWJhZWRhMDAwYzJiOWNjODVkYWIyZmRl
YWQwYTQ4YTJiZmRjMjg4M2RjMzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3dbNtkrA95/3Hp4qLdXiI6PTd/6szsCuY1efh4brhrl8QIuO/hLZ1Lkojf
BHrIqL2Zm6GYFgcSZ1hnFJIRg8Gm9dmgWm35V0+Q810x0oUc636+TbTVMJUIeQdz
y2V94foBmDkCj0ld8PQf/HQEr/E9zVNLxT16hhzf2fRqVsgRb21e8qxiEeNm0Uts
gio/neU2yX7Ao1AncwhHBInNdXsQa+nndhu0fYDu9MQZktEkuCISP9xI640GY3HQ
InVS6mgTMoA80X4GPfbdwpdv/Xc8XqLxBThnLbERaRT4EebS3ThoogWppoDNPfdp
F6E3JYputaBLWVs8Ce8+QmqT3pMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRI4/RR
cFsHyFg8z1Rfb0a6wrRTJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzRmZWRjMDQtMjRlMC00MWRjLWExZjgtM2JhY2FlM2Q2NjE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBU99IDAN
BgkqhkiG9w0BAQsFAAOCAQEAbIDEHuWz3lSjwSrzrmAr+7rqxLxPzjuviADzTRP4
fUYSZ7QlGjrJvS/FC6Lj+al0/aLna0zEqKrMz6MYCgB3Ryem36YfzSZTTbE0mjS5
MN3SES8elG2hkUEmPyM7wncbChsRIGeelZyouEwve8AIYBc9vsH5XLnkNQgkhuxO
e9v3I6joMgHj8r+vjw8BxFh2uB66GgScofwEt7SzLyXE1QYNVrCFxZKrdNGZnHm7
McTNG+Yw+0lOF/EGVI6GV+PjU/0eFtVVOPFJBSvxslBcSpTWCEkZGJd/PeaUIMlP
xPuj0Hx55+31X5qDbDBG4Rz9lT5YIMcau1i78MLweui0Eg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:48:56 2026 by rpki-client