Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
File: 0b022346-638e-4570-8b19-5cf9b4c378c8.roa (raw, json)
Hash identifier: WuTAMttmQcY141Hl8HL+u1aE1etPRfqVZr63xeu60Gg=
Subject key identifier: 23:34:D6:2D:31:64:0E:62:60:F2:20:49:00:30:DC:AF:C9:43:1B:5E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 475FA50869306DE4D5EEE0F9A6983F021AFB88E2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
Signing time: Mon 28 Apr 2025 15:50:13 +0000
ROA not before: Mon 28 Apr 2025 15:50:13 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.96.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:5f:a5:08:69:30:6d:e4:d5:ee:e0:f9:a6:98:3f:02:1a:fb:88:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:50:13 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=a2c42108cf2f5e8fecf40b4f82cf2d05f2378ce7cad650f3dc792077bc5788bc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e2:90:62:2c:49:51:4e:e6:93:58:b0:12:a7:
a8:40:e6:2d:5c:c1:c3:a8:45:2a:d5:dc:ff:f8:37:
66:17:82:83:15:64:80:d4:4a:72:10:c1:24:12:20:
29:01:31:1d:79:f1:a8:6a:cf:ba:80:10:f1:1c:80:
0d:56:57:1e:69:46:7e:91:7a:3e:6c:10:ae:10:d1:
9b:0c:eb:28:c6:dc:8f:5b:46:12:0c:5b:27:1d:ca:
6c:a5:e1:a5:6f:ee:ab:9a:82:fe:ed:d0:c5:95:21:
e9:ca:96:6c:d3:d2:56:51:51:3e:0e:51:54:07:4e:
99:ce:79:ab:ee:a6:d7:b7:3f:3d:f1:43:9a:14:75:
c1:9e:13:d9:ae:24:de:38:08:f4:7f:24:7e:68:49:
54:e6:09:b0:5f:8d:f8:ec:e7:da:f5:8c:45:64:10:
2a:dd:fa:25:b9:14:38:0b:ff:d1:15:53:ea:b4:e6:
87:3d:a7:72:de:36:0d:37:df:c9:b0:33:d1:ec:ce:
61:bc:c8:da:47:f9:ef:28:37:e9:57:55:bd:54:30:
6d:c0:fb:d1:d9:b1:85:ef:f5:96:0c:81:2c:13:c6:
40:a6:c8:d9:db:9e:af:50:e7:90:c8:5c:d2:02:03:
ae:c1:35:bd:24:ed:63:34:77:f6:63:ec:9d:21:22:
01:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:34:D6:2D:31:64:0E:62:60:F2:20:49:00:30:DC:AF:C9:43:1B:5E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.96.0/21
Signature Algorithm: sha256WithRSAEncryption
1b:2f:4e:3d:33:33:f2:40:17:1f:33:fb:90:bc:77:53:1d:a7:
c6:bd:32:dc:d3:94:c2:bc:28:5d:f4:05:b6:ff:29:9a:ef:9a:
4c:67:18:f4:ec:ee:8b:89:ff:0f:a6:9c:c6:f5:c7:61:02:20:
70:19:1e:ae:46:d7:39:32:c6:f4:9c:f5:1b:8a:11:3d:11:20:
6d:42:e6:6c:e8:e8:68:c6:48:25:f6:96:80:f8:89:28:ef:22:
a1:cf:3c:e8:d3:37:1c:0a:ed:2a:7d:36:75:0a:a5:28:30:24:
36:f2:3a:74:c8:e8:a3:55:64:fc:ee:5b:45:e4:6d:36:3d:70:
51:d1:85:8c:87:22:08:cb:02:33:8c:4d:3e:7f:6a:70:49:66:
6c:cf:34:5a:68:7c:c8:9b:d9:ed:46:4e:e6:3e:47:aa:e8:6f:
54:68:d0:1c:c2:14:77:16:19:e4:18:3a:50:6c:f3:2d:76:b9:
c9:e2:49:af:91:50:62:d6:c0:f9:70:56:bd:3c:95:ca:22:e6:
a5:51:5a:8a:a9:3e:ab:fa:64:30:ef:26:87:88:f7:69:f2:79:
af:cc:4b:ea:1c:c0:6d:8a:7f:14:ad:0d:cb:1d:19:32:95:50:
d5:57:fe:1d:9f:f4:52:53:38:68:3e:c3:2d:1a:d1:1e:7e:14:
d3:a9:11:92
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUR1+lCGkwbeTV7uD5ppg/Ahr7iOIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTUwMTNaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyYzQyMTA4Y2YyZjVlOGZlY2Y0MGI0ZjgyY2YyZDA1ZjIzNzhjZTdjYWQ2
NTBmM2RjNzkyMDc3YmM1Nzg4YmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAITikGIsSVFO5pNYsBKnqEDmLVzBw6hFKtXc//g3ZheCgxVkgNRKchDBJBIg
KQExHXnxqGrPuoAQ8RyADVZXHmlGfpF6PmwQrhDRmwzrKMbcj1tGEgxbJx3KbKXh
pW/uq5qC/u3QxZUh6cqWbNPSVlFRPg5RVAdOmc55q+6m17c/PfFDmhR1wZ4T2a4k
3jgI9H8kfmhJVOYJsF+N+Ozn2vWMRWQQKt36JbkUOAv/0RVT6rTmhz2nct42DTff
ybAz0ezOYbzI2kf57yg36VdVvVQwbcD70dmxhe/1lgyBLBPGQKbI2duer1DnkMhc
0gIDrsE1vSTtYzR39mPsnSEiAWUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQjNNYt
MWQOYmDyIEkAMNyvyUMbXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIwMjIzNDYtNjM4ZS00NTcwLThiMTktNWNmOWI0YzM3OGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099YDAN
BgkqhkiG9w0BAQsFAAOCAQEAGy9OPTMz8kAXHzP7kLx3Ux2nxr0y3NOUwrwoXfQF
tv8pmu+aTGcY9Ozui4n/D6acxvXHYQIgcBkerkbXOTLG9Jz1G4oRPREgbULmbOjo
aMZIJfaWgPiJKO8ioc886NM3HArtKn02dQqlKDAkNvI6dMjoo1Vk/O5bReRtNj1w
UdGFjIciCMsCM4xNPn9qcElmbM80Wmh8yJvZ7UZO5j5HquhvVGjQHMIUdxYZ5Bg6
UGzzLXa5yeJJr5FQYtbA+XBWvTyVyiLmpVFaiqk+q/pkMO8mh4j3afJ5r8xL6hzA
bYp/FK0Nyx0ZMpVQ1Vf+HZ/0UlM4aD7DLRrRHn4U06kRkg==
-----END CERTIFICATE-----
Generated at Mon May 5 18:51:34 2025 by rpki-client