Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
File: ec82a459-cf20-418a-8b9d-03c08dc90b73.roa (raw, json)
Hash identifier: Hq9JmGU6Ktx3HTRjXr8nnZ7lrkhqfDmQJPOTIFJw660=
Subject key identifier: 08:2C:62:67:8A:E8:A0:57:CD:29:4B:7B:C0:4F:39:8E:87:DF:9E:85
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 735ABB2BE0CBF39332FC5FDC44BB89F7E578092A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
Signing time: Wed 06 Aug 2025 00:50:13 +0000
ROA not before: Wed 06 Aug 2025 00:50:13 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:5a:bb:2b:e0:cb:f3:93:32:fc:5f:dc:44:bb:89:f7:e5:78:09:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:13 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=0be958f553218992559e713237d32ab3af6ad03a0cb32beae77426f0a6f3db32, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f5:b5:d6:f4:8c:8f:25:c1:39:2c:f9:45:f9:
21:68:4e:9e:1f:1e:ff:02:e6:a8:a0:30:d1:33:f7:
30:78:c7:fb:c4:12:f2:d1:bc:5b:06:36:30:4c:ea:
7b:fc:28:0b:59:60:f8:ee:a0:75:ab:31:04:20:0d:
4d:55:14:69:ea:fa:c5:40:49:43:71:a0:9f:9f:59:
fa:68:7a:e7:98:e1:b1:36:06:73:07:76:b9:35:71:
f5:e0:b2:9d:2a:be:6f:71:9a:4f:98:af:bb:19:b4:
f4:c9:cc:c3:0e:b8:90:15:df:df:e6:86:a8:2e:21:
9c:d7:eb:4a:31:34:a5:4a:d2:a2:4a:93:58:a9:3e:
84:87:8f:f9:44:a0:47:95:b1:98:03:dd:71:c2:b3:
12:37:ff:c6:b2:b4:7a:18:4b:a5:56:a5:23:d5:c5:
e7:af:0e:99:df:63:0f:ee:5e:65:1e:7e:e9:3a:69:
7d:a3:cb:54:c5:cb:d9:63:4d:37:ba:a5:f0:36:0a:
7c:c0:11:1e:e4:db:61:8b:70:68:8b:eb:7d:3c:68:
43:b2:e6:df:1e:6e:05:39:31:85:e1:6e:d4:e7:50:
c4:9a:e9:34:cb:18:46:3b:b9:54:04:05:6a:d6:fd:
bf:17:7a:78:f1:50:83:53:2b:72:b8:e6:09:59:5c:
95:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:2C:62:67:8A:E8:A0:57:CD:29:4B:7B:C0:4F:39:8E:87:DF:9E:85
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.3.0/24
Signature Algorithm: sha256WithRSAEncryption
99:fc:41:fd:89:f5:be:95:9d:74:e0:a3:1a:ef:5c:11:b1:b1:
6f:60:8b:b0:92:e4:c7:14:64:e8:b8:8e:20:6d:72:f7:a5:46:
24:5e:51:26:65:0d:16:e4:81:d7:37:06:18:20:e7:04:84:4f:
a8:4e:59:08:72:55:41:51:53:95:b3:d8:66:8b:24:bc:84:a2:
e7:51:fa:b3:d8:d5:00:24:c2:87:0f:e3:be:9c:4b:cb:cd:62:
68:c3:5b:9f:90:e3:5b:2e:43:a4:b3:46:ef:2a:5c:c0:a1:50:
c8:c4:d8:52:fb:4d:10:f2:06:be:4d:48:da:ef:6e:88:51:f3:
3d:70:0d:ad:e0:ff:65:35:58:0c:ad:a4:e4:db:b1:f4:ca:af:
ea:25:6c:42:2f:35:fa:4b:0d:1f:d9:66:46:44:bb:eb:4b:b6:
89:1b:ce:5f:a0:7b:aa:ee:e8:48:b0:de:97:af:ea:f1:0b:51:
af:73:1a:c4:ab:f6:fe:89:5b:37:57:9f:06:34:0a:b4:9b:a3:
f4:c0:d0:9d:f4:a4:7e:12:53:b4:74:ed:98:64:ff:c6:d0:0d:
11:ee:23:4e:7a:a3:e2:22:22:f2:08:9d:ff:aa:c1:8d:17:fc:
79:17:af:4d:9f:99:18:02:0b:30:73:5f:b0:b4:98:b1:2a:59:
c4:c7:af:ee
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUc1q7K+DL85My/F/cRLuJ9+V4CSowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwMTNaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiZTk1OGY1NTMyMTg5OTI1NTllNzEzMjM3ZDMyYWIzYWY2YWQwM2EwY2Iz
MmJlYWU3NzQyNmYwYTZmM2RiMzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALD1tdb0jI8lwTks+UX5IWhOnh8e/wLmqKAw0TP3MHjH+8QS8tG8WwY2MEzq
e/woC1lg+O6gdasxBCANTVUUaer6xUBJQ3Ggn59Z+mh655jhsTYGcwd2uTVx9eCy
nSq+b3GaT5ivuxm09MnMww64kBXf3+aGqC4hnNfrSjE0pUrSokqTWKk+hIeP+USg
R5WxmAPdccKzEjf/xrK0ehhLpValI9XF568Omd9jD+5eZR5+6TppfaPLVMXL2WNN
N7ql8DYKfMARHuTbYYtwaIvrfTxoQ7Lm3x5uBTkxheFu1OdQxJrpNMsYRju5VAQF
atb9vxd6ePFQg1MrcrjmCVlclUECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQILGJn
iuigV80pS3vATzmOh9+ehTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWM4MmE0NTktY2YyMC00MThhLThiOWQtMDNjMDhkYzkwYjczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE99AzAN
BgkqhkiG9w0BAQsFAAOCAQEAmfxB/Yn1vpWddOCjGu9cEbGxb2CLsJLkxxRk6LiO
IG1y96VGJF5RJmUNFuSB1zcGGCDnBIRPqE5ZCHJVQVFTlbPYZoskvISi51H6s9jV
ACTChw/jvpxLy81iaMNbn5DjWy5DpLNG7ypcwKFQyMTYUvtNEPIGvk1I2u9uiFHz
PXANreD/ZTVYDK2k5Nux9Mqv6iVsQi81+ksNH9lmRkS760u2iRvOX6B7qu7oSLDe
l6/q8QtRr3MaxKv2/olbN1efBjQKtJuj9MDQnfSkfhJTtHTtmGT/xtANEe4jTnqj
4iIi8gid/6rBjRf8eRevTZ+ZGAILMHNfsLSYsSpZxMev7g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:15 2025 by rpki-client