Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cc30fcc-ec23-4e26-be16-37db80dbf3a0.roa
File: 4cc30fcc-ec23-4e26-be16-37db80dbf3a0.roa (raw, json)
Hash identifier: BqKs03bOY9JDfZwJ8MJdRcRGi3X8oyojDEU3xyatv78=
Subject key identifier: 54:96:4F:59:BF:38:BA:E8:49:DB:44:11:08:F0:97:40:E6:BE:A5:E7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3E2048299F84C78BCA39B9268E85767580E9DEBE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cc30fcc-ec23-4e26-be16-37db80dbf3a0.roa
Signing time: Sat 12 Jul 2025 00:50:59 +0000
ROA not before: Sat 12 Jul 2025 00:50:59 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.4.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:20:48:29:9f:84:c7:8b:ca:39:b9:26:8e:85:76:75:80:e9:de:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:50:59 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=6cdce52ecb0a0cb9d04be0354e049389e658ba652d5065ace1033df96cf05432, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:18:55:bb:6c:9e:1e:ce:2c:4f:75:c7:65:37:
b5:6f:2d:5d:0a:af:c4:d2:6e:72:26:26:60:9e:2a:
3e:bc:a2:fc:23:b6:51:30:66:ff:20:9b:69:58:04:
55:5b:ce:df:87:25:1e:e6:f8:22:f6:6a:1e:4f:67:
14:85:e0:a1:7e:59:71:99:fc:91:b9:f8:0b:7e:7a:
1c:89:e0:d2:ee:0e:2c:63:43:c8:db:5e:b7:34:24:
0a:c2:86:6a:29:63:c1:00:41:39:45:63:07:55:77:
25:bf:a5:d2:6b:55:d6:bf:8b:5c:1d:b2:fb:ae:7c:
49:d9:89:5e:2a:ee:5f:ed:ab:92:34:ea:7d:e2:10:
88:3b:39:f6:0b:85:e4:9e:47:8c:a7:a2:7d:d2:4d:
44:9f:51:82:7a:63:f2:cb:ea:44:6c:cb:29:82:d9:
0e:1c:f5:89:44:d2:55:c9:2c:fb:bb:b2:ae:b4:fb:
6b:46:b6:32:99:4a:e0:28:98:44:f6:74:e2:7b:f5:
2f:5c:82:f4:ce:10:06:9f:2e:0c:73:5a:29:2c:40:
52:93:18:4a:f8:d6:8b:cc:d4:cb:db:b8:b5:1d:c4:
7a:d3:b7:34:fc:18:71:53:84:40:55:ba:8a:b5:e8:
a4:ce:2f:56:b4:e6:56:05:c8:9b:f3:59:12:fd:52:
9e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:96:4F:59:BF:38:BA:E8:49:DB:44:11:08:F0:97:40:E6:BE:A5:E7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cc30fcc-ec23-4e26-be16-37db80dbf3a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.4.0/22
Signature Algorithm: sha256WithRSAEncryption
83:ed:4a:9b:85:67:48:a5:46:eb:14:27:2e:f2:a8:31:c0:c5:
75:a5:7a:a5:fa:c1:ae:64:b6:d8:5e:38:6e:b6:73:8c:36:70:
a9:84:3d:84:d9:fb:57:9e:6c:12:dd:a9:21:67:3b:71:1e:c0:
ed:de:0f:32:5e:61:f9:9a:87:3b:3a:3b:a9:4e:f6:f7:32:03:
59:41:bb:54:a1:d2:85:92:72:59:1b:0a:38:43:73:1c:56:34:
ca:10:d6:6b:d0:47:ad:5d:79:06:0c:f3:f8:1d:4a:00:4a:b4:
06:e0:8e:01:f0:5a:d2:b7:9b:80:3a:8a:02:06:23:7d:ba:4c:
a5:89:03:14:c0:1c:2e:f3:cf:24:7b:e5:0b:79:54:42:45:54:
fc:20:88:f6:b5:5f:a5:45:22:ab:7a:f4:c6:a9:87:d5:ff:a5:
f8:99:90:70:47:38:8a:a7:e5:48:19:7b:18:e0:20:23:33:b1:
07:85:dc:cc:89:8d:22:64:ab:41:de:43:dc:a6:92:96:2c:50:
46:d9:a2:11:9a:0f:5f:d8:df:78:4e:e2:81:bc:2f:b5:b2:3b:
68:39:2a:e0:32:bb:53:0a:70:20:52:7f:87:21:a2:f4:55:8c:
2c:62:69:85:91:45:e0:d2:0f:c6:27:47:fd:5a:0b:b9:4a:6f:
b5:70:eb:6d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPiBIKZ+Ex4vKObkmjoV2dYDp3r4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUwNTlaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjZGNlNTJlY2IwYTBjYjlkMDRiZTAzNTRlMDQ5Mzg5ZTY1OGJhNjUyZDUw
NjVhY2UxMDMzZGY5NmNmMDU0MzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM8YVbtsnh7OLE91x2U3tW8tXQqvxNJuciYmYJ4qPryi/CO2UTBm/yCbaVgE
VVvO34clHub4IvZqHk9nFIXgoX5ZcZn8kbn4C356HIng0u4OLGNDyNtetzQkCsKG
ailjwQBBOUVjB1V3Jb+l0mtV1r+LXB2y+658SdmJXiruX+2rkjTqfeIQiDs59guF
5J5HjKeifdJNRJ9Rgnpj8svqRGzLKYLZDhz1iUTSVcks+7uyrrT7a0a2MplK4CiY
RPZ04nv1L1yC9M4QBp8uDHNaKSxAUpMYSvjWi8zUy9u4tR3EetO3NPwYcVOEQFW6
irXopM4vVrTmVgXIm/NZEv1Snv8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRUlk9Z
vzi66EnbRBEI8JdA5r6l5zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGNjMzBmY2MtZWMyMy00ZTI2LWJlMTYtMzdkYjgwZGJmM2EwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99BDAN
BgkqhkiG9w0BAQsFAAOCAQEAg+1Km4VnSKVG6xQnLvKoMcDFdaV6pfrBrmS22F44
brZzjDZwqYQ9hNn7V55sEt2pIWc7cR7A7d4PMl5h+ZqHOzo7qU729zIDWUG7VKHS
hZJyWRsKOENzHFY0yhDWa9BHrV15Bgzz+B1KAEq0BuCOAfBa0rebgDqKAgYjfbpM
pYkDFMAcLvPPJHvlC3lUQkVU/CCI9rVfpUUiq3r0xqmH1f+l+JmQcEc4iqflSBl7
GOAgIzOxB4XczImNImSrQd5D3KaSlixQRtmiEZoPX9jfeE7igbwvtbI7aDkq4DK7
UwpwIFJ/hyGi9FWMLGJphZFF4NIPxidH/VoLuUpvtXDrbQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:51:44 2025 by rpki-client