Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/042e82d3-e08f-4fca-9e40-387fde51dfd5.roa
File: 042e82d3-e08f-4fca-9e40-387fde51dfd5.roa (raw, json)
Hash identifier: Gd1m1vVR2CsltuQsLAiSCuHi4TFm/rdkNnAGwqEvEco=
Subject key identifier: C8:26:38:18:D2:49:53:20:E2:D4:5D:CC:C7:FE:10:FA:82:A9:2D:98
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 64021B0A3F78E11FDF18CD2A79B813016635CA78
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/042e82d3-e08f-4fca-9e40-387fde51dfd5.roa
Signing time: Tue 17 Jun 2025 00:40:22 +0000
ROA not before: Tue 17 Jun 2025 00:40:22 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.104.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:02:1b:0a:3f:78:e1:1f:df:18:cd:2a:79:b8:13:01:66:35:ca:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:40:22 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=b293946728889e6174ecbeba339ada80793413f1e1fa35dd459363fbf62366c7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:67:8d:20:9a:82:ff:9d:20:d8:54:79:25:dd:
e5:28:e7:e3:56:bc:d5:4e:04:4c:fd:47:bc:96:56:
04:c0:2d:d3:27:78:12:31:e6:3f:56:9e:57:31:16:
9c:16:50:d2:94:f6:21:f5:8b:8a:3f:69:16:f6:13:
0a:7b:a1:7e:6c:12:8c:d0:89:9e:56:64:3d:dd:2a:
d8:5e:bd:0d:e1:71:b6:70:97:63:2d:62:f1:c3:ee:
9f:3d:57:8c:bc:ad:e2:cb:fa:84:89:02:20:90:30:
bd:a9:48:94:76:24:b6:d1:44:34:db:1f:be:38:c8:
89:d9:02:8a:cf:95:f8:83:d2:cf:ba:0e:7c:29:92:
63:d5:dc:1f:1a:7a:8f:af:0c:2c:90:cd:0d:ca:e6:
96:bf:8b:06:e7:1d:48:b9:ef:b6:48:66:bf:68:50:
cc:90:dc:56:ad:c8:54:7d:3a:05:62:4d:3d:4b:6a:
4d:b1:6d:fb:c8:d6:39:cc:3c:bb:88:9f:33:4a:88:
04:71:cc:f8:45:35:fc:5d:7a:a8:4a:25:9f:f4:1f:
5d:78:e0:b3:07:d3:9f:9a:d1:20:a8:dc:72:cf:8b:
d3:15:db:3e:fc:a6:ed:55:25:79:25:13:33:fe:cf:
9c:d9:fb:5e:11:d1:3f:5c:ca:df:94:a4:93:df:c7:
0d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:26:38:18:D2:49:53:20:E2:D4:5D:CC:C7:FE:10:FA:82:A9:2D:98
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/042e82d3-e08f-4fca-9e40-387fde51dfd5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.104.0/21
Signature Algorithm: sha256WithRSAEncryption
af:56:6e:2b:90:fe:b0:42:e9:26:dd:3e:37:ef:94:7d:f5:06:
4d:d0:f9:d2:4f:d9:2e:0a:9d:96:5e:3e:9d:a0:cc:86:03:ce:
41:5c:b1:c5:1d:d8:51:1a:fe:f8:53:28:4a:ef:ee:3c:47:3e:
c1:32:7c:18:ed:53:00:6f:8f:9a:46:64:c2:62:76:3c:88:3d:
0e:91:d1:07:1e:3c:38:b7:f0:56:99:ef:10:10:08:8d:48:10:
12:3b:ae:bb:b8:03:1c:63:51:d4:22:0a:a9:52:76:0b:58:6e:
8b:01:38:0d:9b:67:ed:70:53:7d:da:25:31:6b:b2:36:08:62:
c4:2a:b0:c6:f5:fe:85:03:1a:a9:7f:ce:6a:e7:28:ad:be:40:
89:41:83:66:6f:91:71:69:ef:97:94:02:94:4a:d9:ef:bc:43:
da:b7:cd:5d:1f:5b:93:63:95:b9:2f:fa:8e:18:5d:24:59:4b:
ce:2c:62:e2:37:fd:5f:98:f7:7c:6a:f2:ca:f6:25:ab:47:c4:
fa:c3:e0:32:dd:a4:10:40:f3:07:87:f1:0f:ed:8e:ac:43:cc:
3f:e6:82:ef:d3:23:4e:68:53:6b:e7:15:f6:63:2f:6f:72:d0:
a2:07:ac:c8:b6:9f:77:53:5f:9b:f6:9b:5c:de:92:3f:70:f2:
69:77:31:db
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZAIbCj944R/fGM0qebgTAWY1yngwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQwMjJaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyOTM5NDY3Mjg4ODllNjE3NGVjYmViYTMzOWFkYTgwNzkzNDEzZjFlMWZh
MzVkZDQ1OTM2M2ZiZjYyMzY2YzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZnjSCagv+dINhUeSXd5Sjn41a81U4ETP1HvJZWBMAt0yd4EjHmP1aeVzEW
nBZQ0pT2IfWLij9pFvYTCnuhfmwSjNCJnlZkPd0q2F69DeFxtnCXYy1i8cPunz1X
jLyt4sv6hIkCIJAwvalIlHYkttFENNsfvjjIidkCis+V+IPSz7oOfCmSY9XcHxp6
j68MLJDNDcrmlr+LBucdSLnvtkhmv2hQzJDcVq3IVH06BWJNPUtqTbFt+8jWOcw8
u4ifM0qIBHHM+EU1/F16qEoln/QfXXjgswfTn5rRIKjccs+L0xXbPvym7VUleSUT
M/7PnNn7XhHRP1zK35Skk9/HDZsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTIJjgY
0klTIOLUXczH/hD6gqktmDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQyZTgyZDMtZTA4Zi00ZmNhLTllNDAtMzg3ZmRlNTFkZmQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099aDAN
BgkqhkiG9w0BAQsFAAOCAQEAr1ZuK5D+sELpJt0+N++UffUGTdD50k/ZLgqdll4+
naDMhgPOQVyxxR3YURr++FMoSu/uPEc+wTJ8GO1TAG+PmkZkwmJ2PIg9DpHRBx48
OLfwVpnvEBAIjUgQEjuuu7gDHGNR1CIKqVJ2C1huiwE4DZtn7XBTfdolMWuyNghi
xCqwxvX+hQMaqX/Oaucorb5AiUGDZm+RcWnvl5QClErZ77xD2rfNXR9bk2OVuS/6
jhhdJFlLzixi4jf9X5j3fGryyvYlq0fE+sPgMt2kEEDzB4fxD+2OrEPMP+aC79Mj
TmhTa+cV9mMvb3LQogesyLafd1Nfm/abXN6SP3DyaXcx2w==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:31 2025 by rpki-client