Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
File: 4cdfefba-9573-485f-8040-202e038ebf78.roa (raw, json)
Hash identifier: qDDegPMXrhwSPyY3Z+0siemFDnwghbORpcqc1gDK+Pw=
Subject key identifier: F2:5D:57:9F:81:A5:67:AA:7D:4B:AE:06:79:39:F9:7C:14:FC:D1:A1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7F0A590216E28B611EE6D0EF683313EC23AE12
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
Signing time: Mon 28 Apr 2025 15:50:10 +0000
ROA not before: Mon 28 Apr 2025 15:50:10 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.8.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:0a:59:02:16:e2:8b:61:1e:e6:d0:ef:68:33:13:ec:23:ae:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:50:10 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=ccb8eaf969c2c9f7a615ebce1f725ce65f17302eac69579482cbb23a37218678, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:91:5b:b5:02:01:94:06:47:80:3d:ad:2f:88:
c4:66:a2:2f:3c:64:fb:39:71:40:3d:4c:94:4d:3e:
e5:4e:3a:4d:77:5f:73:d7:0c:8e:2e:bb:7d:dc:91:
2b:ae:27:22:10:6c:0c:79:5e:48:e2:30:41:99:c6:
65:48:2d:0e:38:b6:97:73:1b:bd:3e:1e:c4:c8:88:
85:3c:08:89:19:65:e0:90:3c:a6:51:71:42:b1:27:
0d:07:1f:ab:91:9e:0f:52:53:20:3b:5f:91:27:82:
56:3a:d5:fc:0b:1e:5f:55:9d:96:9e:23:35:49:0d:
64:f1:1b:b9:df:d0:db:6f:ad:01:ab:f2:8a:08:85:
50:a2:0b:d5:d9:0b:95:d2:87:b2:2b:75:49:ed:d8:
1b:30:26:85:b0:00:93:95:46:65:54:af:c8:f2:c0:
8b:6f:a9:e9:c3:09:ca:c2:42:62:66:43:e2:dd:c3:
2a:eb:59:5b:93:0f:7f:c0:34:a7:48:1a:c6:b9:56:
c0:f2:e9:3e:ce:4e:cf:8d:70:a1:b9:a1:47:89:de:
ab:90:64:db:81:ad:0c:d3:b9:39:a9:a6:ce:d7:7a:
99:32:b8:ba:fc:10:ec:48:9c:c1:ff:7c:40:ab:d4:
68:e1:ca:ce:63:58:15:69:b0:e5:bb:99:f0:1e:30:
86:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:5D:57:9F:81:A5:67:AA:7D:4B:AE:06:79:39:F9:7C:14:FC:D1:A1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.8.0/21
Signature Algorithm: sha256WithRSAEncryption
17:3f:ee:58:79:d2:21:d8:c5:c8:53:6f:85:57:9c:5f:dd:50:
44:7a:ac:e3:8e:97:d6:3b:ed:1d:ba:40:7f:82:af:16:69:78:
68:71:62:41:d7:51:b2:4a:23:a8:ca:67:d9:41:28:fb:42:4b:
03:23:d8:6d:aa:23:1a:40:63:c7:62:e0:2d:28:d9:1e:4d:40:
be:69:5b:32:b6:81:93:ed:3f:4b:a4:90:f1:a3:30:dc:71:4a:
57:08:c7:35:3d:a1:12:11:84:a7:1b:c0:32:e8:4d:a3:e9:3a:
23:8e:50:eb:c0:db:46:0a:56:bc:8c:b7:2e:2c:06:30:0a:d6:
89:fe:5e:da:e8:9d:8b:11:c8:18:b7:b0:1e:65:31:3f:a5:75:
97:37:05:07:ec:88:66:cb:b6:32:b1:62:ac:3a:31:d4:c4:d1:
a6:fe:2f:62:1c:ad:b0:47:8a:0d:e2:d8:4c:bd:50:07:6c:ac:
cd:6c:48:48:6d:3b:dd:0e:6f:01:37:6f:03:c8:8a:10:04:d1:
5b:da:c8:f5:0c:f0:95:a2:07:2c:c7:81:8d:c1:60:19:90:81:
c5:47:5e:87:00:76:87:5e:05:f8:89:03:c1:d8:9b:de:26:10:
ff:51:06:c1:2a:57:b1:30:e6:9b:c3:bc:e8:91:8c:24:9f:2b:
e9:b0:b6:a0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgITfwpZAhbii2Ee5tDvaDMT7COuEjANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MDQyODE1NTAxMFoXDTI1MDYwMjIzNTk1OVowejFJMEcGA1UE
BRNAY2NiOGVhZjk2OWMyYzlmN2E2MTVlYmNlMWY3MjVjZTY1ZjE3MzAyZWFjNjk1
Nzk0ODJjYmIyM2EzNzIxODY3ODEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnJFbtQIBlAZHgD2tL4jEZqIvPGT7OXFAPUyUTT7lTjpNd19z1wyOLrt93JEr
riciEGwMeV5I4jBBmcZlSC0OOLaXcxu9Ph7EyIiFPAiJGWXgkDymUXFCsScNBx+r
kZ4PUlMgO1+RJ4JWOtX8Cx5fVZ2WniM1SQ1k8Ru539Dbb60Bq/KKCIVQogvV2QuV
0oeyK3VJ7dgbMCaFsACTlUZlVK/I8sCLb6npwwnKwkJiZkPi3cMq61lbkw9/wDSn
SBrGuVbA8uk+zk7PjXChuaFHid6rkGTbga0M07k5qabO13qZMri6/BDsSJzB/3xA
q9Ro4crOY1gVabDlu5nwHjCGTwIDAQABo4ICITCCAh0wHQYDVR0OBBYEFPJdV5+B
pWeqfUuuBnk5+XwU/NGhMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC80
Y2RmZWZiYS05NTczLTQ4NWYtODA0MC0yMDJlMDM4ZWJmNzgucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDT30IMA0G
CSqGSIb3DQEBCwUAA4IBAQAXP+5YedIh2MXIU2+FV5xf3VBEeqzjjpfWO+0dukB/
gq8WaXhocWJB11GySiOoymfZQSj7QksDI9htqiMaQGPHYuAtKNkeTUC+aVsytoGT
7T9LpJDxozDccUpXCMc1PaESEYSnG8Ay6E2j6TojjlDrwNtGCla8jLcuLAYwCtaJ
/l7a6J2LEcgYt7AeZTE/pXWXNwUH7Ihmy7YysWKsOjHUxNGm/i9iHK2wR4oN4thM
vVAHbKzNbEhIbTvdDm8BN28DyIoQBNFb2sj1DPCVogcsx4GNwWAZkIHFR16HAHaH
XgX4iQPB2JveJhD/UQbBKlexMOabw7zokYwknyvpsLag
-----END CERTIFICATE-----
Generated at Mon May 5 05:59:14 2025 by rpki-client