Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
File: ec82a459-cf20-418a-8b9d-03c08dc90b73.roa (raw, json)
Hash identifier: 9kPli63+NeYML08hY+E1M7dSR3KYzZ6lMvvRpD6MoM0=
Subject key identifier: 9B:57:C6:0F:0D:08:39:A0:16:80:DB:2B:BE:E7:E9:3C:23:DB:E6:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33BFEB338A3484F75867BAE7C42A58ACDC96203F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
Signing time: Sat 12 Jul 2025 00:50:54 +0000
ROA not before: Sat 12 Jul 2025 00:50:54 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:bf:eb:33:8a:34:84:f7:58:67:ba:e7:c4:2a:58:ac:dc:96:20:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:50:54 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=e07d99752f484a46f9de49eaeb470d01bfd63b89ba936ec4ed8fc175f2aff6a0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ee:2a:62:17:2f:92:d9:4e:85:3a:9f:cc:59:
2c:ae:d9:7b:5f:1c:8c:31:ef:82:2e:7a:6a:ef:fb:
c5:dd:f3:2e:df:cc:5f:7a:f0:b0:b5:4f:bb:26:2c:
86:44:d9:f7:68:82:c3:f0:eb:40:ee:c1:b9:fb:2a:
a8:15:c0:1e:51:df:8b:9a:e7:10:c3:e8:3c:05:13:
55:f2:6d:25:02:a3:23:b8:cf:08:3f:15:0c:50:f1:
6a:ab:6c:ba:82:bc:92:ec:0d:aa:cb:04:bb:6b:c1:
38:49:ee:89:e1:f1:3f:7f:e0:32:d6:ed:7c:35:59:
9c:78:fc:da:8c:08:2a:a2:d7:45:14:77:35:0d:a3:
4f:69:0b:06:00:c4:f5:5b:cb:f9:03:8d:d1:4f:85:
fd:23:98:52:62:1b:61:de:62:61:2b:cf:1f:16:ac:
7c:aa:68:0c:f8:69:a8:ab:e5:c8:fc:f4:8d:15:fe:
ad:18:79:98:65:37:4c:81:30:12:93:80:5d:1e:d2:
52:06:b7:28:36:f0:3a:1d:6b:41:1d:5e:e1:2d:f1:
4a:22:49:70:be:6c:12:0b:4e:10:b3:df:38:11:90:
1f:f1:dd:00:59:74:09:28:14:17:57:72:26:a6:f8:
34:5f:3e:7e:03:85:0f:55:d0:3f:a1:13:10:c1:d5:
4d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:57:C6:0F:0D:08:39:A0:16:80:DB:2B:BE:E7:E9:3C:23:DB:E6:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.3.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:8e:19:3a:37:20:d9:9b:45:f5:32:c7:68:3a:a2:70:38:81:
9d:46:33:4e:01:5d:31:02:88:82:b1:b9:20:40:44:7f:b8:40:
6f:af:38:54:4b:3b:bc:98:9c:a3:2b:a2:c3:e4:e0:6c:eb:9e:
29:7d:02:66:1c:8a:aa:df:94:3a:de:1f:d7:d3:6c:8d:85:97:
73:fa:d8:0c:f2:09:31:9e:79:78:f9:76:77:b0:4d:0f:26:67:
49:33:a7:0b:b5:33:7d:08:b0:dc:74:4d:f9:e0:03:36:16:19:
bd:2c:b3:01:bf:7e:d6:5a:ed:c7:25:4d:35:73:7a:d5:56:0a:
be:04:2b:5b:29:91:4b:89:b1:5b:b0:c6:94:a3:c4:c9:6d:6a:
30:b7:28:4f:b6:20:aa:ee:23:5c:1b:b0:2a:a4:9a:b2:cc:11:
ca:45:e9:70:59:fe:94:3e:09:f8:1a:00:0d:fe:3c:fa:6c:5d:
77:93:72:40:49:66:e3:52:40:1e:f5:f9:c9:96:6a:af:55:fc:
ce:2f:3b:50:e5:a0:c0:dd:66:bd:6f:04:4f:e1:c9:ba:0a:40:
3b:a1:ec:32:93:f0:0b:09:01:e3:70:76:74:8f:26:7b:24:39:
e6:c2:81:aa:4a:38:01:ba:17:f9:4c:7c:d4:9a:74:2d:96:90:
33:4a:78:57
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUM7/rM4o0hPdYZ7rnxCpYrNyWID8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUwNTRaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwN2Q5OTc1MmY0ODRhNDZmOWRlNDllYWViNDcwZDAxYmZkNjNiODliYTkz
NmVjNGVkOGZjMTc1ZjJhZmY2YTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLuKmIXL5LZToU6n8xZLK7Ze18cjDHvgi56au/7xd3zLt/MX3rwsLVPuyYs
hkTZ92iCw/DrQO7BufsqqBXAHlHfi5rnEMPoPAUTVfJtJQKjI7jPCD8VDFDxaqts
uoK8kuwNqssEu2vBOEnuieHxP3/gMtbtfDVZnHj82owIKqLXRRR3NQ2jT2kLBgDE
9VvL+QON0U+F/SOYUmIbYd5iYSvPHxasfKpoDPhpqKvlyPz0jRX+rRh5mGU3TIEw
EpOAXR7SUga3KDbwOh1rQR1e4S3xSiJJcL5sEgtOELPfOBGQH/HdAFl0CSgUF1dy
Jqb4NF8+fgOFD1XQP6ETEMHVTZcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSbV8YP
DQg5oBaA2yu+5+k8I9vmGDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWM4MmE0NTktY2YyMC00MThhLThiOWQtMDNjMDhkYzkwYjczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE99AzAN
BgkqhkiG9w0BAQsFAAOCAQEAjo4ZOjcg2ZtF9TLHaDqicDiBnUYzTgFdMQKIgrG5
IEBEf7hAb684VEs7vJicoyuiw+TgbOueKX0CZhyKqt+UOt4f19NsjYWXc/rYDPIJ
MZ55ePl2d7BNDyZnSTOnC7UzfQiw3HRN+eADNhYZvSyzAb9+1lrtxyVNNXN61VYK
vgQrWymRS4mxW7DGlKPEyW1qMLcoT7Ygqu4jXBuwKqSasswRykXpcFn+lD4J+BoA
Df48+mxdd5NyQElm41JAHvX5yZZqr1X8zi87UOWgwN1mvW8ET+HJugpAO6HsMpPw
CwkB43B2dI8meyQ55sKBqko4AboX+Ux81Jp0LZaQM0p4Vw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:43:42 2025 by rpki-client