Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
File: 0b022346-638e-4570-8b19-5cf9b4c378c8.roa (raw, json)
Hash identifier: nyjm6H4CgpKRP0hBCzfBhx5NDWfrvzLAJ/nejx2fVtw=
Subject key identifier: FD:9E:5D:3C:EB:96:D9:65:45:10:BF:88:25:A6:5D:FA:18:D5:A5:2C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6542E51BE3BD62BD657682A2C1C034F0F2BD75B8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
Signing time: Sat 12 Jul 2025 00:51:04 +0000
ROA not before: Sat 12 Jul 2025 00:51:04 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.96.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:42:e5:1b:e3:bd:62:bd:65:76:82:a2:c1:c0:34:f0:f2:bd:75:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:51:04 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=b2b359c69f4ae3adbd4fa99cf643fafd12efb9a0dd0e1ff801613d260f3163c0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:4b:16:4b:a1:a4:da:2a:bf:ef:24:d3:4c:b6:
bb:24:5c:4a:ab:03:54:3e:6a:7b:c0:36:da:7d:be:
37:90:b7:8e:3b:b1:10:b2:b8:6c:cf:a7:74:eb:bd:
0f:99:be:fe:32:ba:ed:56:f8:cd:ef:fb:76:a1:c0:
b2:ad:31:7c:1e:91:0f:80:f2:95:12:2e:f0:1d:c3:
9d:c8:6f:c8:41:b3:93:aa:08:a8:cc:a1:49:c1:d8:
a1:8c:0d:5f:c6:85:d8:e6:1c:c4:06:54:5d:bd:ef:
33:d8:77:90:cc:ee:82:da:d3:4e:fb:b6:e4:31:f7:
03:09:73:f8:a5:5a:35:5d:7f:87:da:dd:d5:16:aa:
f0:bc:a1:3b:55:5a:6b:c3:c0:d5:cd:54:da:7c:c1:
7b:97:f3:33:5f:77:ec:9c:c2:2b:d5:ad:bc:10:95:
4f:97:43:4e:b0:42:db:3d:8f:b5:38:07:db:64:ee:
e1:35:6e:49:03:b6:f2:74:b9:00:36:52:8c:5f:7c:
f9:d5:a8:5d:f9:af:48:ff:43:e3:f5:a5:ed:68:ee:
e0:e8:5f:3d:db:c4:ca:fb:17:c6:9c:a2:dc:44:15:
65:ef:c3:d8:2c:75:66:fa:f4:46:8f:3f:a2:56:d2:
84:d8:1d:82:ad:8d:c2:e9:e5:c4:56:1e:ec:02:c3:
d1:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:9E:5D:3C:EB:96:D9:65:45:10:BF:88:25:A6:5D:FA:18:D5:A5:2C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.96.0/21
Signature Algorithm: sha256WithRSAEncryption
47:a9:66:ff:8b:bc:59:f6:59:3a:b4:33:96:45:03:78:99:10:
76:44:9a:d6:79:40:e1:cf:d6:94:de:7d:30:39:a7:bf:c4:66:
c5:30:38:34:ce:a9:32:ab:8f:af:4d:3d:7d:ae:3e:34:0d:64:
73:36:e9:b7:4c:10:b5:3c:52:66:be:c9:40:39:30:24:72:de:
a1:3a:6a:fb:95:fe:41:c3:50:c2:02:0f:13:39:54:f6:93:46:
ef:66:3e:a7:d4:b5:24:71:64:7f:20:81:72:4c:9c:1d:9c:51:
fb:95:0b:a5:8e:0b:79:69:69:0b:82:3e:75:d5:e8:4f:79:15:
22:a6:bf:b4:41:ac:27:30:5d:ce:79:6a:76:cb:4f:7d:1b:12:
59:a7:ed:53:c4:b9:f3:f7:4a:5b:16:3c:34:0a:64:d7:3c:a7:
db:6d:68:11:6f:c4:13:3e:ca:07:c7:bc:5e:6c:24:bd:62:69:
40:53:b0:61:e7:4d:1e:55:79:dd:df:72:42:66:8e:e7:76:1c:
cf:3e:bb:80:67:4e:03:c7:02:02:de:3b:91:a0:21:ae:b9:05:
b8:21:95:9d:c9:1b:cf:58:4e:23:2a:89:f8:4f:9e:50:7c:ab:
8a:fc:71:6b:2b:08:92:85:7e:39:f9:eb:5e:14:1e:0a:39:3f:
2f:b3:14:83
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZULlG+O9Yr1ldoKiwcA08PK9dbgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUxMDRaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyYjM1OWM2OWY0YWUzYWRiZDRmYTk5Y2Y2NDNmYWZkMTJlZmI5YTBkZDBl
MWZmODAxNjEzZDI2MGYzMTYzYzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOpLFkuhpNoqv+8k00y2uyRcSqsDVD5qe8A22n2+N5C3jjuxELK4bM+ndOu9
D5m+/jK67Vb4ze/7dqHAsq0xfB6RD4DylRIu8B3DnchvyEGzk6oIqMyhScHYoYwN
X8aF2OYcxAZUXb3vM9h3kMzugtrTTvu25DH3Awlz+KVaNV1/h9rd1Raq8LyhO1Va
a8PA1c1U2nzBe5fzM1937JzCK9WtvBCVT5dDTrBC2z2PtTgH22Tu4TVuSQO28nS5
ADZSjF98+dWoXfmvSP9D4/Wl7Wju4OhfPdvEyvsXxpyi3EQVZe/D2Cx1Zvr0Ro8/
olbShNgdgq2NwunlxFYe7ALD0eUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT9nl08
65bZZUUQv4glpl36GNWlLDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIwMjIzNDYtNjM4ZS00NTcwLThiMTktNWNmOWI0YzM3OGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099YDAN
BgkqhkiG9w0BAQsFAAOCAQEAR6lm/4u8WfZZOrQzlkUDeJkQdkSa1nlA4c/WlN59
MDmnv8RmxTA4NM6pMquPr009fa4+NA1kczbpt0wQtTxSZr7JQDkwJHLeoTpq+5X+
QcNQwgIPEzlU9pNG72Y+p9S1JHFkfyCBckycHZxR+5ULpY4LeWlpC4I+ddXoT3kV
Iqa/tEGsJzBdznlqdstPfRsSWaftU8S58/dKWxY8NApk1zyn221oEW/EEz7KB8e8
XmwkvWJpQFOwYedNHlV53d9yQmaO53Yczz67gGdOA8cCAt47kaAhrrkFuCGVnckb
z1hOIyqJ+E+eUHyrivxxaysIkoV+OfnrXhQeCjk/L7MUgw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:33 2025 by rpki-client