Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
File: d485a465-65e9-4a19-a397-f29d1a36d166.roa (raw, json)
Hash identifier: GobIim8SEis1bv/6TP5i3VieNntqeDvjqLyKThsJOC8=
Subject key identifier: 4A:18:05:B2:D8:9B:AD:CD:25:34:DA:67:FB:D9:10:F5:14:AD:0D:03
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0C0D1F3E83F7F63A778AB7BE565FB14EF240D5E6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
Signing time: Tue 20 May 2025 20:41:19 +0000
ROA not before: Tue 20 May 2025 20:41:19 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.17.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:0d:1f:3e:83:f7:f6:3a:77:8a:b7:be:56:5f:b1:4e:f2:40:d5:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:41:19 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=cd80ff868c3d3877a2c3c747354f20b86835728e1748275ea6e7609e7b9d3739, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d8:eb:0b:d4:f3:f8:cd:cf:15:d1:b2:cc:f2:
72:44:67:7a:cd:44:f6:33:d0:97:0e:1b:10:e1:98:
81:db:27:4b:f5:3c:32:8e:a9:40:45:5a:ee:2c:23:
ff:6c:9f:ff:c4:07:ea:9a:87:20:c1:3d:5e:93:97:
94:37:7a:a8:5e:63:92:cb:2d:6c:ac:62:3a:b9:1a:
2f:ec:b9:4c:16:f9:f9:54:b2:35:08:ed:de:98:87:
69:00:0d:ad:3e:1d:0b:2a:bd:7e:2b:9d:52:b3:a8:
9e:11:43:3c:26:18:14:97:09:4e:7d:aa:29:2a:3d:
0b:fe:9b:0e:e4:2d:fc:81:d5:1d:d6:8c:4b:e5:4a:
d9:7c:c7:38:fd:d7:a8:4e:61:a0:0f:15:8b:e5:e0:
82:b4:b3:73:10:66:d7:d5:04:19:fa:f7:b8:99:7a:
a5:20:bf:54:17:6d:9e:8b:5f:47:7b:96:42:14:b6:
6d:84:3b:9b:ac:bc:07:40:9f:cd:a7:bc:43:a2:c6:
c0:fd:f0:6b:4c:8d:6a:9b:e5:2f:3a:ce:8b:85:a6:
55:de:44:6f:27:1d:44:51:8d:12:73:d1:6b:fa:af:
87:a1:d9:fc:1d:8f:ba:99:c4:75:a4:7e:2a:fb:57:
04:0a:50:25:9a:df:1d:df:f7:e2:ec:f2:54:0e:8e:
f4:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:18:05:B2:D8:9B:AD:CD:25:34:DA:67:FB:D9:10:F5:14:AD:0D:03
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/24
Signature Algorithm: sha256WithRSAEncryption
56:47:a8:25:3c:72:24:37:3b:3f:ee:db:32:ce:52:1c:95:db:
e0:c0:8a:d3:1d:23:8f:6f:eb:51:65:e4:56:b0:f3:f7:2d:f5:
79:93:50:c1:fd:23:95:d2:03:05:7e:62:ab:3f:c9:2e:54:35:
13:4f:8d:f3:d3:83:a0:6b:30:f2:2b:df:40:09:b7:11:1d:52:
7d:05:5b:e4:de:ae:32:13:06:0e:3c:d3:ee:48:a8:3e:dc:7f:
4d:7a:1c:8c:d4:84:de:18:55:81:96:19:f2:3d:02:3f:75:a5:
90:fb:61:ca:41:27:2e:a2:da:af:e0:c0:89:f5:69:3d:cd:a8:
8d:74:24:57:9a:92:2e:94:53:fa:38:df:eb:1a:8e:f4:ef:93:
64:06:a1:cb:ba:3e:3d:73:95:78:3e:1c:43:31:bd:58:4f:f2:
06:8a:9a:18:e8:31:e1:e7:be:af:2a:be:2d:e4:80:74:e1:6e:
7d:0c:af:99:c1:7c:71:f9:47:43:70:71:b1:bd:cb:18:a3:54:
fa:2b:18:99:dc:e1:38:e3:cf:29:ec:ae:d4:35:c0:e2:f5:8e:
f2:1d:0c:9f:98:02:d3:56:48:90:76:70:ca:59:1a:3e:c9:e7:
b9:72:6d:6b:43:ba:42:a3:ab:cb:0b:58:64:60:4c:6c:66:e0:
14:dd:bd:bc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDA0fPoP39jp3ire+Vl+xTvJA1eYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQxMTlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkODBmZjg2OGMzZDM4NzdhMmMzYzc0NzM1NGYyMGI4NjgzNTcyOGUxNzQ4
Mjc1ZWE2ZTc2MDllN2I5ZDM3MzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKDY6wvU8/jNzxXRsszyckRnes1E9jPQlw4bEOGYgdsnS/U8Mo6pQEVa7iwj
/2yf/8QH6pqHIME9XpOXlDd6qF5jksstbKxiOrkaL+y5TBb5+VSyNQjt3piHaQAN
rT4dCyq9fiudUrOonhFDPCYYFJcJTn2qKSo9C/6bDuQt/IHVHdaMS+VK2XzHOP3X
qE5hoA8Vi+XggrSzcxBm19UEGfr3uJl6pSC/VBdtnotfR3uWQhS2bYQ7m6y8B0Cf
zae8Q6LGwP3wa0yNapvlLzrOi4WmVd5EbycdRFGNEnPRa/qvh6HZ/B2PupnEdaR+
KvtXBApQJZrfHd/34uzyVA6O9PkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRKGAWy
2JutzSU02mf72RD1FK0NAzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDQ4NWE0NjUtNjVlOS00YTE5LWEzOTctZjI5ZDFhMzZkMTY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMRADAN
BgkqhkiG9w0BAQsFAAOCAQEAVkeoJTxyJDc7P+7bMs5SHJXb4MCK0x0jj2/rUWXk
VrDz9y31eZNQwf0jldIDBX5iqz/JLlQ1E0+N89ODoGsw8ivfQAm3ER1SfQVb5N6u
MhMGDjzT7kioPtx/TXocjNSE3hhVgZYZ8j0CP3WlkPthykEnLqLar+DAifVpPc2o
jXQkV5qSLpRT+jjf6xqO9O+TZAahy7o+PXOVeD4cQzG9WE/yBoqaGOgx4ee+ryq+
LeSAdOFufQyvmcF8cflHQ3Bxsb3LGKNU+isYmdzhOOPPKeyu1DXA4vWO8h0Mn5gC
01ZIkHZwylkaPsnnuXJta0O6QqOrywtYZGBMbGbgFN29vA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:37 2025 by rpki-client