Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa
File: 5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa (raw, json)
Hash identifier: 8FIWgiB6oFmawbSRdJubsZkNCSHHF0cuVIGZRkePcN0=
Subject key identifier: 75:10:BD:04:23:94:5A:44:9C:1C:D8:97:DE:41:50:6C:EA:76:7D:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B702D488BA1C15854A40A9BCC8899B0E2B5286E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa
Signing time: Wed 06 Aug 2025 00:50:17 +0000
ROA not before: Wed 06 Aug 2025 00:50:17 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.24.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:70:2d:48:8b:a1:c1:58:54:a4:0a:9b:cc:88:99:b0:e2:b5:28:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:17 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=91b2049c393be542f6fdbc9407577b02a8f35f98d84fedf178c8ccff50ef8934, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6f:8e:5b:1e:ec:74:86:81:20:2f:54:56:fb:
6d:7d:de:6a:a2:3b:5c:66:64:ef:99:56:62:58:72:
f2:a6:75:d1:96:7b:56:48:63:37:f9:df:b2:52:e4:
e6:20:63:2f:10:8e:e3:f3:eb:28:61:5a:83:99:78:
05:5e:d8:58:c6:a4:61:74:dc:4e:54:ac:0a:45:af:
91:00:af:bc:15:39:54:b1:14:b3:0c:12:79:c6:b6:
f6:2c:5f:80:ab:b6:c1:22:a7:ed:02:d9:3c:b5:f6:
55:14:fc:30:83:74:10:a2:68:f5:fc:ff:91:c8:4c:
f2:a4:8b:c5:76:39:c8:b3:2c:d6:03:45:6a:54:c5:
d5:28:63:97:96:a8:fb:31:2f:43:40:89:75:b9:44:
ed:b5:c5:0a:f5:e4:e2:2f:f4:47:cf:df:fe:6b:5a:
ac:67:36:fc:2f:50:a9:5b:20:ab:c7:78:5b:c0:ad:
a7:30:3f:35:fd:7d:f5:2f:d1:54:a1:b0:e1:30:e5:
b3:84:32:12:88:5b:31:e0:e4:ae:c3:bd:8e:de:3c:
b1:aa:4c:10:56:57:a0:70:4e:24:b8:21:8b:37:7b:
c3:0a:c3:c5:ef:09:dc:5a:29:3c:3d:b0:24:c1:11:
61:43:e2:5e:38:6a:69:1e:f0:6f:08:1e:9f:e4:ce:
24:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:10:BD:04:23:94:5A:44:9C:1C:D8:97:DE:41:50:6C:EA:76:7D:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.24.0/22
Signature Algorithm: sha256WithRSAEncryption
29:71:3b:0a:c2:0e:0b:8f:45:84:9d:02:a7:31:44:c8:da:b9:
fb:b8:6a:3f:e1:61:56:a0:4b:ce:80:57:e5:8d:f5:cd:cd:84:
9c:73:ad:62:3c:79:15:02:30:3a:93:35:8e:2e:7f:ac:62:5a:
8b:4c:37:64:fb:e8:54:1f:47:5e:64:0c:e4:6e:f4:56:c4:33:
96:20:1a:5f:f2:91:71:82:01:56:0a:bf:0b:dd:8b:b9:8d:f1:
72:f6:87:4b:cd:ed:b0:a9:fd:b9:4b:bb:1f:6b:15:62:f4:ec:
dd:b9:46:0a:d6:c8:44:85:43:8a:3b:03:d3:f1:8c:5a:33:eb:
0f:1c:a0:f7:16:ef:e5:06:bb:73:83:36:6a:2e:38:4c:89:04:
47:2a:1a:a9:84:8e:29:86:2f:19:55:13:e2:67:0d:57:60:22:
e7:8b:af:dd:0e:2d:9b:0d:73:04:fc:22:05:d6:9f:20:6e:76:
70:1e:f0:de:cc:b1:dc:8b:ef:65:74:b3:55:3a:80:09:41:47:
e3:ff:b2:24:30:60:fa:90:d2:ee:ed:cb:de:58:1f:8b:51:09:
52:3b:e8:10:ec:66:1a:4e:4b:ec:a2:92:fd:01:97:9f:95:4e:
4e:09:10:50:60:27:bc:d5:a3:92:45:ee:ca:8d:31:a0:b3:a0:
65:e2:1e:d9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUK3AtSIuhwVhUpAqbzIiZsOK1KG4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwMTdaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxYjIwNDljMzkzYmU1NDJmNmZkYmM5NDA3NTc3YjAyYThmMzVmOThkODRm
ZWRmMTc4YzhjY2ZmNTBlZjg5MzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZvjlse7HSGgSAvVFb7bX3eaqI7XGZk75lWYlhy8qZ10ZZ7VkhjN/nfslLk
5iBjLxCO4/PrKGFag5l4BV7YWMakYXTcTlSsCkWvkQCvvBU5VLEUswwSeca29ixf
gKu2wSKn7QLZPLX2VRT8MIN0EKJo9fz/kchM8qSLxXY5yLMs1gNFalTF1Shjl5ao
+zEvQ0CJdblE7bXFCvXk4i/0R8/f/mtarGc2/C9QqVsgq8d4W8CtpzA/Nf199S/R
VKGw4TDls4QyEohbMeDkrsO9jt48sapMEFZXoHBOJLghizd7wwrDxe8J3FopPD2w
JMERYUPiXjhqaR7wbwgen+TOJHcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR1EL0E
I5RaRJwc2JfeQVBs6nZ9mTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWRjYTAyZTYtMDNhNC00MjUxLWI2ZDMtNWM5NmQyMmFmN2NiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99GDAN
BgkqhkiG9w0BAQsFAAOCAQEAKXE7CsIOC49FhJ0CpzFEyNq5+7hqP+FhVqBLzoBX
5Y31zc2EnHOtYjx5FQIwOpM1ji5/rGJai0w3ZPvoVB9HXmQM5G70VsQzliAaX/KR
cYIBVgq/C92LuY3xcvaHS83tsKn9uUu7H2sVYvTs3blGCtbIRIVDijsD0/GMWjPr
Dxyg9xbv5Qa7c4M2ai44TIkERyoaqYSOKYYvGVUT4mcNV2Ai54uv3Q4tmw1zBPwi
BdafIG52cB7w3syx3IvvZXSzVTqACUFH4/+yJDBg+pDS7u3L3lgfi1EJUjvoEOxm
Gk5L7KKS/QGXn5VOTgkQUGAnvNWjkkXuyo0xoLOgZeIe2Q==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:26 2025 by rpki-client