Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ee0a48b-ba88-465e-9e42-d0732351f46e.roa
File: 9ee0a48b-ba88-465e-9e42-d0732351f46e.roa (raw, json)
Hash identifier: Itip1DSJlWx6JO0fKtkZuYpxQyDIzywavWJQfP8q6ns=
Subject key identifier: 61:24:7F:21:15:8F:CE:08:56:AF:1C:77:A3:ED:57:69:8B:99:64:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A640909FEADEFFEDDA7EB7B3C759B833D8572BE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ee0a48b-ba88-465e-9e42-d0732351f46e.roa
Signing time: Mon 28 Apr 2025 15:50:14 +0000
ROA not before: Mon 28 Apr 2025 15:50:14 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.112.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:64:09:09:fe:ad:ef:fe:dd:a7:eb:7b:3c:75:9b:83:3d:85:72:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:50:14 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=6bd3ccc8231faac8ddbb6ac028f9839a6050bb9d4ecb07c5db0008cbf1d0af33, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b5:c1:57:57:fc:4b:96:4b:e1:9d:a2:7b:56:
aa:d3:f4:2d:43:71:65:ac:c0:32:c9:45:4b:56:eb:
68:90:32:62:19:3f:1e:f4:3d:0c:3b:d9:7e:fe:a3:
b0:09:40:68:79:ff:6b:58:13:cd:15:0b:d9:e9:51:
4a:19:20:37:47:82:35:b2:f9:ba:e4:31:e7:c2:88:
03:d9:52:36:f8:53:d4:fc:0e:33:7c:c2:cc:d6:c8:
9f:b3:51:00:2f:7e:fc:ba:0f:10:a7:fd:4a:5f:7b:
99:fd:11:0b:2e:47:53:8a:48:a1:92:16:af:f4:37:
ca:7f:48:4c:2a:40:5e:65:86:c5:b2:cd:72:56:e0:
a6:25:43:e7:8c:f8:44:d4:da:98:4f:a1:db:77:d3:
75:3e:bb:b5:b8:99:e5:6c:85:35:75:d9:dc:49:02:
85:e9:46:38:b1:98:3a:f0:ca:75:5e:e1:ee:26:00:
ae:2e:c0:12:ab:a0:f7:49:47:73:4e:f7:51:2c:40:
02:27:18:1b:b0:95:ca:f2:42:66:81:7c:e7:79:ee:
f5:15:b0:79:8b:5a:fb:22:d9:06:d1:8c:36:57:88:
39:93:d9:89:d1:5b:9e:90:7b:99:af:82:cf:80:b2:
c1:e1:5e:1c:5d:49:67:cb:87:09:35:66:af:99:85:
81:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:24:7F:21:15:8F:CE:08:56:AF:1C:77:A3:ED:57:69:8B:99:64:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ee0a48b-ba88-465e-9e42-d0732351f46e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.112.0/20
Signature Algorithm: sha256WithRSAEncryption
02:12:6c:2e:59:54:b4:98:ce:15:6e:1a:a4:7f:65:76:3d:0e:
53:20:cb:34:7a:7c:d5:2a:a0:c4:fd:fe:ce:33:61:41:56:fa:
69:dc:43:fa:08:97:5b:17:c2:17:2d:92:82:b0:05:e6:6d:43:
5b:11:d4:b7:1c:f8:25:b5:20:e9:b2:57:91:b1:cf:83:40:f4:
83:20:7b:85:37:26:d8:d3:74:35:ce:6b:5d:d6:9d:a7:5a:cb:
8e:e7:db:3f:e3:16:b4:a0:ac:61:49:f6:6e:9a:ea:05:bb:7f:
70:5d:77:48:6e:19:9b:23:d9:74:c8:f4:40:0b:7c:b1:12:8f:
63:56:f7:ed:f3:1e:85:1f:0e:e7:0d:51:e5:12:31:cc:66:4c:
4a:6c:ff:6d:f1:ca:c7:de:1e:90:d9:6e:5d:cb:ac:18:bf:b2:
f5:ee:06:21:3d:a8:6a:05:91:d7:9b:4b:f9:3c:0a:db:08:80:
39:08:fd:bd:07:4b:24:2b:72:3e:23:0f:ab:19:1a:0d:1c:62:
d5:a4:20:42:1b:2a:b4:60:b1:bb:46:e9:67:83:c6:fa:c6:36:
58:89:0f:82:2d:83:3c:02:5f:cc:99:40:55:e9:19:2d:6e:12:
1a:06:e0:75:4a:e9:f2:11:de:72:ef:7d:c2:d0:a1:3e:15:dc:
18:4d:b8:3d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOmQJCf6t7/7dp+t7PHWbgz2Fcr4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTUwMTRaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiZDNjY2M4MjMxZmFhYzhkZGJiNmFjMDI4Zjk4MzlhNjA1MGJiOWQ0ZWNi
MDdjNWRiMDAwOGNiZjFkMGFmMzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMe1wVdX/EuWS+GdontWqtP0LUNxZazAMslFS1braJAyYhk/HvQ9DDvZfv6j
sAlAaHn/a1gTzRUL2elRShkgN0eCNbL5uuQx58KIA9lSNvhT1PwOM3zCzNbIn7NR
AC9+/LoPEKf9Sl97mf0RCy5HU4pIoZIWr/Q3yn9ITCpAXmWGxbLNclbgpiVD54z4
RNTamE+h23fTdT67tbiZ5WyFNXXZ3EkChelGOLGYOvDKdV7h7iYAri7AEqug90lH
c073USxAAicYG7CVyvJCZoF853nu9RWweYta+yLZBtGMNleIOZPZidFbnpB7ma+C
z4CyweFeHF1JZ8uHCTVmr5mFgXECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRhJH8h
FY/OCFavHHej7Vdpi5lkVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWVlMGE0OGItYmE4OC00NjVlLTllNDItZDA3MzIzNTFmNDZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBE99cDAN
BgkqhkiG9w0BAQsFAAOCAQEAAhJsLllUtJjOFW4apH9ldj0OUyDLNHp81SqgxP3+
zjNhQVb6adxD+giXWxfCFy2SgrAF5m1DWxHUtxz4JbUg6bJXkbHPg0D0gyB7hTcm
2NN0Nc5rXdadp1rLjufbP+MWtKCsYUn2bprqBbt/cF13SG4ZmyPZdMj0QAt8sRKP
Y1b37fMehR8O5w1R5RIxzGZMSmz/bfHKx94ekNluXcusGL+y9e4GIT2oagWR15tL
+TwK2wiAOQj9vQdLJCtyPiMPqxkaDRxi1aQgQhsqtGCxu0bpZ4PG+sY2WIkPgi2D
PAJfzJlAVekZLW4SGgbgdUrp8hHecu99wtChPhXcGE24PQ==
-----END CERTIFICATE-----
Generated at Mon May 5 03:45:31 2025 by rpki-client