Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
File: c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa (raw, json)
Hash identifier: lh+CugvXoAvw0vGmDdLsLPMvvWIF58scL+VgHjM3KHY=
Subject key identifier: 03:A7:2C:14:9B:36:F3:1D:4A:4A:E6:43:CF:D7:87:B4:3B:61:A8:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 580DE98B80D7555986F0FB1A2A767E2A5AD828B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
Signing time: Tue 17 Jun 2025 00:50:08 +0000
ROA not before: Tue 17 Jun 2025 00:50:08 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.32.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:0d:e9:8b:80:d7:55:59:86:f0:fb:1a:2a:76:7e:2a:5a:d8:28:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:50:08 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=856315a783c24260577651fe7ae442725eb9aa1f11b20d7ca8adf66dfe123dac, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ba:50:61:1d:fb:8a:89:aa:37:1c:0c:14:f6:
6c:86:b8:99:4f:4f:5a:59:c2:d9:61:d4:24:9b:6c:
e3:99:f4:a1:45:3f:5b:1c:4d:fe:a1:e6:53:3c:cf:
c4:06:36:cc:a6:a4:75:a8:25:f5:c3:48:bf:e1:93:
78:bd:54:92:65:c1:c8:ab:b8:01:98:c2:e7:7c:e7:
02:13:cf:37:0d:94:61:02:b1:70:bb:de:4c:d5:ab:
15:f5:22:8e:41:77:a5:c4:98:37:49:b3:99:6e:33:
11:d8:06:77:76:77:81:7e:a9:40:87:86:c7:7a:e3:
1c:11:ad:eb:3b:d7:e7:86:8f:3a:fe:08:8f:da:80:
d5:0e:7c:a2:c4:99:c4:93:7a:16:3e:29:3c:66:dc:
95:bb:0b:4a:ce:d2:32:46:1b:24:ff:d8:7e:ef:a5:
b5:12:d4:3f:85:c2:c6:b2:d1:32:bb:d7:25:8f:f6:
21:18:54:e8:5c:b1:88:3d:18:89:19:00:a7:8b:96:
8a:c1:18:0e:fd:05:7b:73:f1:79:8e:18:07:9d:17:
b9:9b:b0:ff:79:02:78:db:cb:6e:69:90:08:de:04:
56:8a:b1:98:2b:35:20:39:5c:0a:4f:13:5f:5f:0d:
d9:aa:2b:64:cb:88:9f:67:b5:a7:ce:db:a7:c7:bf:
09:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:A7:2C:14:9B:36:F3:1D:4A:4A:E6:43:CF:D7:87:B4:3B:61:A8:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.32.0/19
Signature Algorithm: sha256WithRSAEncryption
49:09:2a:31:3e:5b:c5:55:11:d5:36:c7:a6:6c:7e:15:c5:f7:
2f:2d:94:ec:99:67:61:26:15:e3:ec:c2:c9:e1:9f:82:42:ee:
31:60:aa:bb:3f:59:09:b2:d8:e7:41:25:50:fa:e1:48:0b:17:
a9:15:0c:53:76:b5:cc:d1:21:e3:a3:ed:01:85:e3:34:46:21:
72:ea:4d:98:ee:35:6a:e4:92:c8:d5:b0:5a:71:73:64:e7:64:
c2:f9:7d:2f:d9:44:4d:fb:0b:d2:37:a3:ba:7b:f5:52:5f:1a:
42:36:25:7a:a5:67:dc:6d:37:f0:2b:19:d3:6d:07:74:f8:7f:
c6:d7:65:ea:1e:0f:de:d1:4e:39:ed:e0:ac:37:50:e6:7d:5e:
5f:1e:b9:cb:72:fa:59:16:2f:f2:ad:53:d7:36:1f:91:b7:7d:
7b:ad:24:20:12:4d:08:7d:9d:b7:b1:a3:c9:6f:79:38:03:34:
d4:98:06:74:e0:9b:10:e3:a6:f3:7f:3c:49:4f:9c:54:91:71:
ca:02:74:6f:54:a8:6e:87:ec:3a:a3:7c:27:75:4b:c3:3c:d8:
ea:1b:69:40:a2:e3:fb:d6:6b:34:aa:29:09:4c:b1:04:57:91:
53:ab:5b:de:d4:1e:83:a2:5b:f3:82:ce:40:87:2d:42:33:14:
56:ed:e9:a8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWA3pi4DXVVmG8PsaKnZ+KlrYKLYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDUwMDhaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1NjMxNWE3ODNjMjQyNjA1Nzc2NTFmZTdhZTQ0MjcyNWViOWFhMWYxMWIy
MGQ3Y2E4YWRmNjZkZmUxMjNkYWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKC6UGEd+4qJqjccDBT2bIa4mU9PWlnC2WHUJJts45n0oUU/WxxN/qHmUzzP
xAY2zKakdagl9cNIv+GTeL1UkmXByKu4AZjC53znAhPPNw2UYQKxcLveTNWrFfUi
jkF3pcSYN0mzmW4zEdgGd3Z3gX6pQIeGx3rjHBGt6zvX54aPOv4Ij9qA1Q58osSZ
xJN6Fj4pPGbclbsLSs7SMkYbJP/Yfu+ltRLUP4XCxrLRMrvXJY/2IRhU6FyxiD0Y
iRkAp4uWisEYDv0Fe3PxeY4YB50XuZuw/3kCeNvLbmmQCN4EVoqxmCs1IDlcCk8T
X18N2aorZMuIn2e1p87bp8e/CTsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQDpywU
mzbzHUpK5kPP14e0O2GoazAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzRmZWRjMDQtMjRlMC00MWRjLWExZjgtM2JhY2FlM2Q2NjE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBU99IDAN
BgkqhkiG9w0BAQsFAAOCAQEASQkqMT5bxVUR1TbHpmx+FcX3Ly2U7JlnYSYV4+zC
yeGfgkLuMWCquz9ZCbLY50ElUPrhSAsXqRUMU3a1zNEh46PtAYXjNEYhcupNmO41
auSSyNWwWnFzZOdkwvl9L9lETfsL0jejunv1Ul8aQjYleqVn3G038CsZ020HdPh/
xtdl6h4P3tFOOe3grDdQ5n1eXx65y3L6WRYv8q1T1zYfkbd9e60kIBJNCH2dt7Gj
yW95OAM01JgGdOCbEOOm8388SU+cVJFxygJ0b1SobofsOqN8J3VLwzzY6htpQKLj
+9ZrNKopCUyxBFeRU6tb3tQeg6Jb84LOQIctQjMUVu3pqA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:49:03 2025 by rpki-client