Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
File: 4cdfefba-9573-485f-8040-202e038ebf78.roa (raw, json)
Hash identifier: fV4N+kL8UTgkhIoinGVKijnPAr8ahsuZmIL2GzUy0cY=
Subject key identifier: 7C:CD:66:C3:50:87:C8:73:0D:03:C8:7F:08:AD:9E:C8:E2:9E:BC:44
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47C7283E248F426EC24BFA4F2E2B130906D3ECAE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
Signing time: Tue 17 Jun 2025 00:40:21 +0000
ROA not before: Tue 17 Jun 2025 00:40:21 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.8.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:c7:28:3e:24:8f:42:6e:c2:4b:fa:4f:2e:2b:13:09:06:d3:ec:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:40:21 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=de8743aeb91e041fa39ffb86c3443b47ccdb772dbf62a781cec90e1575848118, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:85:d5:62:07:12:29:9c:47:3d:39:ad:67:4b:
62:fa:d8:72:96:0c:a9:c2:9c:88:8a:16:4b:93:a8:
6f:bb:bb:1b:10:76:74:c2:55:a5:97:64:ac:93:35:
65:1b:90:45:ae:e4:4a:cb:8a:66:63:5c:3e:ae:5f:
f8:6e:ad:9f:85:ba:02:54:5f:52:6d:b5:ec:6a:4b:
2c:b3:5d:88:f1:c3:7f:68:33:42:e8:c7:1f:2a:22:
12:0d:08:a1:7c:c4:f7:02:ce:90:66:b6:a2:34:af:
09:5a:31:69:97:5c:10:23:5b:b3:ec:c6:2d:7a:d9:
f3:cd:06:80:a7:83:d3:7b:af:cb:77:d8:f8:5c:71:
ed:55:df:3b:cf:14:06:2a:86:02:ec:70:17:35:43:
71:f9:dc:df:b1:79:e9:ae:48:c2:22:de:97:0d:18:
be:7f:1c:69:2d:2b:0a:39:0d:da:68:95:62:17:b2:
e0:21:46:b7:41:98:9b:35:70:05:c9:f4:e8:30:a4:
20:e8:56:b6:e1:45:f8:ac:62:82:27:ee:0c:34:39:
3f:f3:aa:f8:db:f8:db:d0:be:91:94:c8:f6:9f:30:
c2:c7:a8:82:2b:96:5c:a4:bb:f2:d0:e3:ab:8e:52:
78:05:4c:47:ae:8b:ab:95:65:99:ec:d0:45:6b:2d:
a5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:CD:66:C3:50:87:C8:73:0D:03:C8:7F:08:AD:9E:C8:E2:9E:BC:44
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.8.0/21
Signature Algorithm: sha256WithRSAEncryption
84:66:3a:6a:1f:42:ef:dc:47:c1:35:4a:9e:3b:c9:21:06:6c:
26:5b:d8:40:51:71:e5:35:c7:ab:a4:a3:16:4f:79:84:96:a7:
78:b0:70:6f:e2:24:43:3b:36:1b:80:d4:33:8d:61:2f:fa:4f:
d2:26:72:60:69:38:2f:20:6b:7b:bc:b5:9f:94:26:1c:fc:6e:
9b:24:ff:a7:3c:5c:9a:cc:38:16:9f:21:7d:79:9f:c8:51:6f:
d7:86:d3:1f:7e:7f:c5:87:da:07:50:66:f5:0b:7b:03:8a:8e:
98:6e:ef:a5:e1:b0:9e:1d:8a:75:e5:a9:c7:6d:6d:5f:7d:2d:
df:d5:dc:a5:df:04:6f:61:67:1c:56:bf:ae:87:b4:e4:68:94:
24:23:be:40:fb:a4:d4:ea:40:6a:95:5f:f9:e8:ae:74:cd:77:
ad:56:f7:15:24:ce:7d:be:ac:52:ea:bc:0e:78:17:cb:0f:d9:
d8:74:ec:5c:ba:66:1e:9f:b9:69:1b:33:c1:b2:27:4f:68:05:
0c:ca:98:46:9c:80:0c:f1:bc:e2:3b:77:be:c2:1d:3d:65:03:
20:85:d4:3c:d0:a7:d8:71:f6:6e:1e:9a:41:bc:3a:05:e4:26:
29:19:88:16:7f:29:74:f8:7d:f0:bf:d3:47:b6:1a:83:d2:7c:
16:ff:2c:1a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUR8coPiSPQm7CS/pPLisTCQbT7K4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQwMjFaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlODc0M2FlYjkxZTA0MWZhMzlmZmI4NmMzNDQzYjQ3Y2NkYjc3MmRiZjYy
YTc4MWNlYzkwZTE1NzU4NDgxMTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+F1WIHEimcRz05rWdLYvrYcpYMqcKciIoWS5Oob7u7GxB2dMJVpZdkrJM1
ZRuQRa7kSsuKZmNcPq5f+G6tn4W6AlRfUm217GpLLLNdiPHDf2gzQujHHyoiEg0I
oXzE9wLOkGa2ojSvCVoxaZdcECNbs+zGLXrZ880GgKeD03uvy3fY+Fxx7VXfO88U
BiqGAuxwFzVDcfnc37F56a5IwiLelw0Yvn8caS0rCjkN2miVYhey4CFGt0GYmzVw
Bcn06DCkIOhWtuFF+KxigifuDDQ5P/Oq+Nv429C+kZTI9p8wwseogiuWXKS78tDj
q45SeAVMR66Lq5VlmezQRWstpWsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR8zWbD
UIfIcw0DyH8IrZ7I4p68RDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGNkZmVmYmEtOTU3My00ODVmLTgwNDAtMjAyZTAzOGViZjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099CDAN
BgkqhkiG9w0BAQsFAAOCAQEAhGY6ah9C79xHwTVKnjvJIQZsJlvYQFFx5TXHq6Sj
Fk95hJaneLBwb+IkQzs2G4DUM41hL/pP0iZyYGk4LyBre7y1n5QmHPxumyT/pzxc
msw4Fp8hfXmfyFFv14bTH35/xYfaB1Bm9Qt7A4qOmG7vpeGwnh2KdeWpx21tX30t
39Xcpd8Eb2FnHFa/roe05GiUJCO+QPuk1OpAapVf+eiudM13rVb3FSTOfb6sUuq8
DngXyw/Z2HTsXLpmHp+5aRszwbInT2gFDMqYRpyADPG84jt3vsIdPWUDIIXUPNCn
2HH2bh6aQbw6BeQmKRmIFn8pdPh98L/TR7Yag9J8Fv8sGg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:15:21 2025 by rpki-client