Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa
File: 5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa (raw, json)
Hash identifier: HXxMfOZQvu47cwOi52fwjnwONQUZ8rEWzPPEOBXqPMk=
Subject key identifier: 75:71:67:A5:84:DD:6B:71:B0:20:D5:31:99:E5:C6:E8:20:B0:F7:F3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 698B503B0298723D85F055085B139F90883DFD52
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa
Signing time: Tue 17 Jun 2025 00:40:17 +0000
ROA not before: Tue 17 Jun 2025 00:40:17 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.24.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:8b:50:3b:02:98:72:3d:85:f0:55:08:5b:13:9f:90:88:3d:fd:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:40:17 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=c70295f68d5720fa548b9af6e281d4d3639a33cb4d3f41fbd26f171b431f6afd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:20:1d:ac:04:99:0f:36:1e:05:d6:86:a6:38:
6b:17:20:53:4e:22:95:0d:5b:af:7b:a2:56:2c:4c:
a5:82:c3:b8:33:d1:8f:e9:3d:6b:db:ef:46:88:e3:
40:69:c1:e6:bd:44:be:4b:2b:6f:28:f9:42:1d:ed:
d4:04:87:7f:f1:38:ce:45:2c:65:1d:55:77:2a:09:
d3:90:6b:64:55:c0:67:bc:ec:ff:1f:1d:77:cd:90:
47:6a:06:75:e5:a5:81:59:87:08:a8:aa:eb:b4:f1:
10:c8:84:31:0a:22:38:5b:fd:fd:43:10:46:87:cf:
70:61:98:6b:c1:3d:1d:a7:83:5e:55:bc:70:07:a9:
45:d8:30:45:6f:bc:1e:98:44:e2:91:d0:3b:ca:17:
17:fb:b1:1e:49:2c:2c:a1:71:a8:7d:38:a3:6b:6a:
2a:e9:c3:ac:63:80:a8:94:fd:c2:db:4a:54:fa:be:
95:df:f7:02:f0:b3:68:fc:4a:fd:8a:62:f8:1a:e0:
6e:41:4c:42:1f:60:cc:fd:b5:80:c0:47:7e:ab:d6:
9d:00:ea:1f:df:ae:63:8a:25:e5:8b:90:78:6d:b1:
41:87:bd:44:a7:34:e2:98:fa:ae:a2:16:fe:de:15:
7d:53:0d:29:81:6d:99:ff:74:a4:79:4c:1a:b4:3a:
52:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:71:67:A5:84:DD:6B:71:B0:20:D5:31:99:E5:C6:E8:20:B0:F7:F3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.24.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:9d:aa:d9:b2:1c:34:b6:f5:62:69:be:87:13:ad:0c:b3:12:
1e:c6:d4:49:f0:0b:45:96:f4:3a:38:d3:fb:b5:2b:8e:ca:7f:
9f:2f:be:69:e6:36:a7:63:c8:48:e6:e4:48:28:ff:da:12:f7:
fe:d8:22:28:34:73:f0:4a:8d:12:ab:d9:b6:43:ab:de:e4:09:
94:dd:30:72:c1:de:c3:1c:6e:e2:ce:33:1b:7c:fd:8a:ae:56:
0c:09:e7:af:21:64:75:c6:93:58:71:0b:39:10:ac:d8:32:b7:
4a:0c:e4:e0:02:a5:93:10:22:8a:e7:e2:2d:18:1c:4d:55:63:
0c:6a:4c:34:41:7b:55:ec:20:bd:db:88:14:1f:62:0d:c0:31:
a6:8b:01:66:6a:63:f2:81:9c:98:d1:6c:ee:d2:33:92:9b:36:
dd:14:19:96:6f:8d:c8:3b:a4:e5:d3:0d:44:03:d6:88:bd:03:
82:36:2c:32:a8:27:1f:ff:1f:ac:4d:7b:08:47:ed:46:17:9d:
f9:1e:91:1a:98:52:17:88:1a:a3:8a:08:43:a4:88:92:4b:32:
60:2c:a4:61:96:84:30:99:08:37:d3:b5:4b:e3:56:65:54:5c:
37:11:53:87:69:c4:84:94:27:98:e0:48:38:2f:52:0a:11:5b:
62:8e:82:be
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUaYtQOwKYcj2F8FUIWxOfkIg9/VIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQwMTdaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3MDI5NWY2OGQ1NzIwZmE1NDhiOWFmNmUyODFkNGQzNjM5YTMzY2I0ZDNm
NDFmYmQyNmYxNzFiNDMxZjZhZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAgHawEmQ82HgXWhqY4axcgU04ilQ1br3uiVixMpYLDuDPRj+k9a9vvRojj
QGnB5r1Evksrbyj5Qh3t1ASHf/E4zkUsZR1VdyoJ05BrZFXAZ7zs/x8dd82QR2oG
deWlgVmHCKiq67TxEMiEMQoiOFv9/UMQRofPcGGYa8E9HaeDXlW8cAepRdgwRW+8
HphE4pHQO8oXF/uxHkksLKFxqH04o2tqKunDrGOAqJT9wttKVPq+ld/3AvCzaPxK
/Ypi+BrgbkFMQh9gzP21gMBHfqvWnQDqH9+uY4ol5YuQeG2xQYe9RKc04pj6rqIW
/t4VfVMNKYFtmf90pHlMGrQ6Un0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR1cWel
hN1rcbAg1TGZ5cboILD38zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWRjYTAyZTYtMDNhNC00MjUxLWI2ZDMtNWM5NmQyMmFmN2NiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99GDAN
BgkqhkiG9w0BAQsFAAOCAQEAsZ2q2bIcNLb1Ymm+hxOtDLMSHsbUSfALRZb0OjjT
+7Urjsp/ny++aeY2p2PISObkSCj/2hL3/tgiKDRz8EqNEqvZtkOr3uQJlN0wcsHe
wxxu4s4zG3z9iq5WDAnnryFkdcaTWHELORCs2DK3Sgzk4AKlkxAiiufiLRgcTVVj
DGpMNEF7VewgvduIFB9iDcAxposBZmpj8oGcmNFs7tIzkps23RQZlm+NyDuk5dMN
RAPWiL0DgjYsMqgnH/8frE17CEftRhed+R6RGphSF4gao4oIQ6SIkksyYCykYZaE
MJkIN9O1S+NWZVRcNxFTh2nEhJQnmOBIOC9SChFbYo6Cvg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:52 2025 by rpki-client