Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa
File: 5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa (raw, json)
Hash identifier: YCzNZbEe9miMIDXnGI/q9MPNj+6rDBU90VK7/2DDVG0=
Subject key identifier: A8:8D:66:BE:5C:B9:51:BB:84:64:11:3D:C7:BB:54:EB:01:D6:F3:FF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 339E6CA1FBDCC07D290FFECC7747D03EB53173C7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa
Signing time: Sat 12 Jul 2025 00:50:58 +0000
ROA not before: Sat 12 Jul 2025 00:50:58 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.24.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:9e:6c:a1:fb:dc:c0:7d:29:0f:fe:cc:77:47:d0:3e:b5:31:73:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:50:58 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=7bb99509c43c68d3f2a00ea61a61b0b9d595b23a1ae858a579a58e62db07cc5d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:57:b3:d5:22:6d:d4:9e:21:75:36:b1:f7:6c:
9f:77:48:3a:3f:32:e8:a6:01:95:d8:65:da:d9:dd:
39:73:3b:af:c4:ad:d0:20:86:dc:71:91:96:86:80:
bc:e0:6f:75:5a:17:49:6e:8f:3f:6f:1a:6a:41:f6:
fa:ce:2f:a4:b6:c2:2f:8d:2c:ae:2d:bb:09:0c:a7:
90:f1:8f:66:43:6a:b9:91:f3:02:7d:5c:b3:f1:e0:
97:ec:67:bd:f4:96:8b:b5:c3:d1:15:39:fd:96:91:
64:99:c3:c8:02:cc:95:94:1f:cd:6e:28:34:01:5e:
fe:cd:4c:34:b8:4b:5f:c5:33:46:c5:ff:1a:05:3e:
b2:f6:b8:3f:90:b5:d0:77:8f:2a:e3:16:3b:79:49:
12:6a:19:45:0d:4f:2e:1e:b6:0f:4f:63:3b:e8:91:
71:8e:f5:20:e8:57:1c:d5:9d:09:55:e0:28:ce:e8:
21:a0:55:e1:0c:c9:05:30:99:5c:42:2c:3b:37:51:
3e:d6:0a:ec:6a:63:8e:b5:19:7d:2f:c6:19:3e:1b:
9a:0b:37:fc:c2:24:13:af:04:0a:9e:c7:35:27:dd:
c1:5a:bc:4d:2a:89:25:ee:8e:44:7d:77:6f:39:c0:
ba:58:84:ce:a0:83:54:dc:96:3c:60:07:e2:ab:23:
d1:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:8D:66:BE:5C:B9:51:BB:84:64:11:3D:C7:BB:54:EB:01:D6:F3:FF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.24.0/22
Signature Algorithm: sha256WithRSAEncryption
be:a3:76:42:a7:72:26:68:84:96:35:33:20:d2:c4:38:37:01:
a4:c1:ba:34:b7:06:c3:05:72:1c:0d:85:31:f0:1c:20:cd:48:
a7:bf:84:07:ba:c1:a1:83:7f:89:06:f0:4b:a4:01:ac:41:0c:
4e:56:c3:39:b4:7d:55:e3:f1:7a:cf:6b:a4:7e:ec:83:ff:a7:
c7:f6:e6:dd:98:6d:1b:d4:2d:a2:f1:5a:5f:f5:97:39:2c:2a:
bc:cc:c5:c2:14:af:6b:a4:a1:26:cb:04:5f:6d:e6:1d:27:c4:
85:55:8b:4f:e2:0c:08:ac:a8:be:11:74:fb:d7:73:0b:ba:00:
8b:34:03:76:f3:53:8d:0f:be:81:d4:22:93:b9:b9:34:bb:45:
05:f6:5b:e1:45:7a:58:03:8e:53:c3:fc:81:a7:06:74:cd:c3:
9f:11:2b:8d:c2:e5:a3:dc:6f:e5:72:0b:5e:36:ad:a5:db:98:
ad:d6:ba:e4:6f:5d:1f:ad:0f:8d:33:c8:a4:60:cb:f2:43:c6:
07:17:f3:e5:30:a8:60:a9:af:19:b2:83:fd:0a:f4:e8:82:00:
46:5a:57:95:0d:8c:72:c6:04:47:bf:68:1c:a3:34:61:fc:15:
a0:9d:78:7c:48:f4:db:2f:dc:8c:2a:52:c2:a0:55:ac:aa:6b:
2c:a2:85:74
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUM55sofvcwH0pD/7Md0fQPrUxc8cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUwNThaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiYjk5NTA5YzQzYzY4ZDNmMmEwMGVhNjFhNjFiMGI5ZDU5NWIyM2ExYWU4
NThhNTc5YTU4ZTYyZGIwN2NjNWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1Xs9UibdSeIXU2sfdsn3dIOj8y6KYBldhl2tndOXM7r8St0CCG3HGRloaA
vOBvdVoXSW6PP28aakH2+s4vpLbCL40sri27CQynkPGPZkNquZHzAn1cs/Hgl+xn
vfSWi7XD0RU5/ZaRZJnDyALMlZQfzW4oNAFe/s1MNLhLX8UzRsX/GgU+sva4P5C1
0HePKuMWO3lJEmoZRQ1PLh62D09jO+iRcY71IOhXHNWdCVXgKM7oIaBV4QzJBTCZ
XEIsOzdRPtYK7GpjjrUZfS/GGT4bmgs3/MIkE68ECp7HNSfdwVq8TSqJJe6ORH13
bznAuliEzqCDVNyWPGAH4qsj0RcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSojWa+
XLlRu4RkET3Hu1TrAdbz/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWRjYTAyZTYtMDNhNC00MjUxLWI2ZDMtNWM5NmQyMmFmN2NiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99GDAN
BgkqhkiG9w0BAQsFAAOCAQEAvqN2QqdyJmiEljUzINLEODcBpMG6NLcGwwVyHA2F
MfAcIM1Ip7+EB7rBoYN/iQbwS6QBrEEMTlbDObR9VePxes9rpH7sg/+nx/bm3Zht
G9QtovFaX/WXOSwqvMzFwhSva6ShJssEX23mHSfEhVWLT+IMCKyovhF0+9dzC7oA
izQDdvNTjQ++gdQik7m5NLtFBfZb4UV6WAOOU8P8gacGdM3DnxErjcLlo9xv5XIL
XjatpduYrda65G9dH60PjTPIpGDL8kPGBxfz5TCoYKmvGbKD/Qr06IIARlpXlQ2M
csYER79oHKM0YfwVoJ14fEj02y/cjCpSwqBVrKprLKKFdA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:51:44 2025 by rpki-client