Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
File: ec82a459-cf20-418a-8b9d-03c08dc90b73.roa (raw, json)
Hash identifier: CNS/7cBOB3qfEs97u8QZ6UEcuJEk2+PQ8J0ML8ZbQNQ=
Subject key identifier: 0F:AE:E1:60:61:9C:F1:17:CD:FA:47:74:76:8C:B9:C9:40:51:5A:47
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7985818D48CD4EE08FA06A841E4CF1B005DD1CBD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
Signing time: Fri 23 May 2025 00:40:11 +0000
ROA not before: Fri 23 May 2025 00:40:11 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:85:81:8d:48:cd:4e:e0:8f:a0:6a:84:1e:4c:f1:b0:05:dd:1c:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:40:11 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=cd6bccba587705785c2e9a8158e6a52a658b7cd3bca19d9842ce8bfaca8adedd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:97:c3:e8:81:37:9e:0e:87:c0:f9:45:0b:50:
c1:d9:2f:b1:a2:db:ef:e9:52:2f:67:c4:25:bd:32:
4e:67:58:f5:d3:3f:49:0e:eb:80:29:1b:a2:80:58:
b5:51:fc:35:6a:4b:bf:a3:23:dc:68:8b:64:2e:2a:
08:6f:fa:52:18:09:4e:e0:53:63:d0:20:7a:f3:74:
2c:1e:4f:5e:fb:73:40:fe:5a:5d:a4:a5:c0:32:aa:
15:2f:98:67:e1:64:da:73:a1:d2:90:97:f3:fb:17:
23:03:29:6b:e2:6a:08:cc:2b:f4:b6:59:6f:dd:43:
5f:5f:3c:83:5c:37:5f:e3:84:ed:8c:c1:6b:b7:25:
e0:d1:7e:a3:25:9d:ea:2b:74:09:45:b6:5b:ae:ef:
0e:93:8c:e2:03:30:04:0e:60:a8:c3:ab:6c:0e:69:
35:6b:84:dd:8a:16:f3:b1:53:87:8f:88:35:c0:e1:
62:ad:db:cd:cc:04:57:bd:55:7f:9d:a1:b1:11:68:
48:67:38:9d:46:a2:87:56:13:7d:9b:01:32:5d:f7:
56:6a:a4:35:bf:f4:bc:cb:66:50:0d:4f:39:9f:4d:
b8:6d:09:c1:2e:6f:a5:7a:50:4b:17:58:4a:a4:97:
e1:39:c5:01:d2:11:0c:c2:ff:6f:95:81:da:1d:2b:
38:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:AE:E1:60:61:9C:F1:17:CD:FA:47:74:76:8C:B9:C9:40:51:5A:47
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.3.0/24
Signature Algorithm: sha256WithRSAEncryption
27:22:75:8f:26:ce:70:67:39:e0:7c:86:a3:67:7d:ca:96:e6:
6e:6e:69:67:d1:4f:3a:7c:e5:23:88:31:2c:6c:f0:f9:1a:89:
af:a6:93:33:9a:b6:a1:ca:be:95:e9:f2:2c:21:1e:58:b2:68:
70:96:cc:ad:ab:8e:2f:09:24:46:4d:19:ed:01:05:4a:0a:6d:
1b:0e:00:bd:46:25:1c:0e:74:64:cf:7e:a5:0c:e9:31:d6:c7:
52:26:70:e4:b7:23:e8:f1:55:c3:91:0b:f3:26:ab:62:1c:b5:
17:c1:2f:d4:08:c5:5a:62:ed:9e:5f:3c:08:ea:c6:6a:74:8b:
ea:7a:77:67:b9:8b:cd:c8:96:ce:99:44:56:d2:89:9a:93:d3:
f8:76:5a:ba:40:51:0d:f7:b1:b5:53:43:e0:34:db:1d:6c:a6:
f5:4b:14:94:bb:9c:71:66:f7:a0:be:fc:3b:0f:ff:5f:66:bd:
f9:bb:bc:48:30:6e:13:30:15:b1:08:d4:9c:cc:b8:85:7a:b4:
d7:47:77:24:cf:ae:9b:ed:e2:56:7d:57:67:70:bd:1d:76:2d:
36:fa:36:e2:2c:97:83:f7:1d:ed:f9:14:d1:c7:2d:14:86:42:
8e:f9:cf:0a:6c:44:d1:11:a8:2e:ed:4b:6d:fe:5e:6a:53:85:
1b:5a:da:41
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeYWBjUjNTuCPoGqEHkzxsAXdHL0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQwMTFaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkNmJjY2JhNTg3NzA1Nzg1YzJlOWE4MTU4ZTZhNTJhNjU4YjdjZDNiY2Ex
OWQ5ODQyY2U4YmZhY2E4YWRlZGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMyXw+iBN54Oh8D5RQtQwdkvsaLb7+lSL2fEJb0yTmdY9dM/SQ7rgCkbooBY
tVH8NWpLv6Mj3GiLZC4qCG/6UhgJTuBTY9AgevN0LB5PXvtzQP5aXaSlwDKqFS+Y
Z+Fk2nOh0pCX8/sXIwMpa+JqCMwr9LZZb91DX188g1w3X+OE7YzBa7cl4NF+oyWd
6it0CUW2W67vDpOM4gMwBA5gqMOrbA5pNWuE3YoW87FTh4+INcDhYq3bzcwEV71V
f52hsRFoSGc4nUaih1YTfZsBMl33VmqkNb/0vMtmUA1POZ9NuG0JwS5vpXpQSxdY
SqSX4TnFAdIRDML/b5WB2h0rOM8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQPruFg
YZzxF836R3R2jLnJQFFaRzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWM4MmE0NTktY2YyMC00MThhLThiOWQtMDNjMDhkYzkwYjczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE99AzAN
BgkqhkiG9w0BAQsFAAOCAQEAJyJ1jybOcGc54HyGo2d9ypbmbm5pZ9FPOnzlI4gx
LGzw+RqJr6aTM5q2ocq+lenyLCEeWLJocJbMrauOLwkkRk0Z7QEFSgptGw4AvUYl
HA50ZM9+pQzpMdbHUiZw5Lcj6PFVw5EL8yarYhy1F8Ev1AjFWmLtnl88COrGanSL
6np3Z7mLzciWzplEVtKJmpPT+HZaukBRDfextVND4DTbHWym9UsUlLuccWb3oL78
Ow//X2a9+bu8SDBuEzAVsQjUnMy4hXq010d3JM+um+3iVn1XZ3C9HXYtNvo24iyX
g/cd7fkU0cctFIZCjvnPCmxE0RGoLu1Lbf5ealOFG1raQQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:10 2025 by rpki-client