Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
File: d485a465-65e9-4a19-a397-f29d1a36d166.roa (raw, json)
Hash identifier: mL4vvDDjMCwoVwRhQh19rm0nQA+1CtZGQTwPGstxy9g=
Subject key identifier: 31:F6:8E:03:29:E1:54:D8:B4:D0:2D:66:BC:30:F8:56:FC:80:E6:40
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4F155A1889C21814CD0034AA06F8A80CBE82C449
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
Signing time: Fri 25 Apr 2025 20:31:23 +0000
ROA not before: Fri 25 Apr 2025 20:31:23 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.17.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:15:5a:18:89:c2:18:14:cd:00:34:aa:06:f8:a8:0c:be:82:c4:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:31:23 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b9e57f2310527cb0e37e43d67ffe4751e1613d311089c2188ce6dfa96b8ec720, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0d:89:38:3b:47:b7:e4:0b:d9:25:95:9b:1f:
08:ea:10:4e:a9:a7:92:2c:d0:cd:5b:ae:cf:f7:09:
0e:df:d5:fe:93:23:cf:d1:52:30:95:fa:d8:26:dc:
21:b4:34:2b:fa:4a:19:23:73:e1:2f:7d:6c:ad:4c:
cc:53:a0:29:85:2a:4b:17:2b:28:a3:cc:10:d1:40:
75:df:18:e8:57:d6:14:d0:6e:d2:47:ce:98:0d:84:
53:ac:d3:35:e3:cd:65:ac:11:39:43:46:a6:33:75:
05:49:d8:72:d9:32:c3:19:b6:8e:c9:08:02:ea:49:
df:77:41:04:91:4e:89:7b:88:0e:35:d7:9c:db:55:
4f:51:e8:4e:50:c8:0c:47:4a:3b:92:45:c1:ba:b0:
7b:89:28:58:79:18:20:65:a4:1e:dc:93:fb:c1:3b:
0e:38:e0:35:d0:34:9d:d3:29:a6:f8:71:83:74:ff:
90:c6:da:00:89:a9:5d:5f:24:a8:8b:5c:df:ab:b6:
3e:ee:f7:05:9a:e7:dd:3e:09:05:f8:4e:c0:05:02:
af:43:b2:2b:ed:16:a1:66:80:bf:ff:fa:c5:f3:11:
7c:b3:37:66:63:0b:ed:7c:15:9c:6e:e9:0c:1d:05:
6c:39:2f:f8:63:32:0b:b3:a7:a6:a7:34:3d:c4:7f:
9b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F6:8E:03:29:E1:54:D8:B4:D0:2D:66:BC:30:F8:56:FC:80:E6:40
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/24
Signature Algorithm: sha256WithRSAEncryption
be:20:97:7d:1d:de:20:0e:dd:43:9c:13:f2:85:55:ee:49:f1:
03:0e:3f:2a:89:e0:a8:e2:48:1a:92:f3:ed:3d:31:2a:54:c5:
2b:b2:a2:29:b1:06:cc:d4:9f:53:37:6e:dc:f3:7e:1f:1f:e5:
52:ef:6a:a6:80:e0:f4:55:14:90:29:09:28:ee:7a:6a:97:ed:
64:a7:03:5b:4a:94:b2:5d:b8:a2:30:ad:d7:f4:f7:1d:4b:1b:
2b:08:ae:1c:86:38:5b:ce:0b:90:07:83:90:24:41:b2:1f:0e:
8b:5c:bf:b0:dd:a8:2d:91:1f:21:16:4c:c4:b5:14:4f:f2:88:
a5:be:fe:6e:15:55:da:07:50:cd:9a:7a:68:34:d7:0c:8c:5c:
50:de:fd:67:e9:5a:3a:67:84:20:ad:f7:a0:01:0a:f9:a9:b7:
e3:0b:16:c4:fc:e0:d4:4c:c9:da:99:da:3d:63:50:b0:05:a9:
ac:8d:08:69:83:60:1e:3c:b4:e2:cb:28:86:ed:a5:5a:9a:c5:
f4:08:8b:e5:10:b8:6b:f2:94:60:76:a6:a1:90:d5:af:3a:89:
60:d3:21:8e:d9:2b:a9:58:8b:e1:d9:7c:65:fa:76:2b:58:1a:
6a:07:75:ed:53:94:94:6d:52:97:8e:c9:ee:14:54:74:65:70:
b7:e7:ec:9c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTxVaGInCGBTNADSqBvioDL6CxEkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMxMjNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5ZTU3ZjIzMTA1MjdjYjBlMzdlNDNkNjdmZmU0NzUxZTE2MTNkMzExMDg5
YzIxODhjZTZkZmE5NmI4ZWM3MjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYNiTg7R7fkC9kllZsfCOoQTqmnkizQzVuuz/cJDt/V/pMjz9FSMJX62Cbc
IbQ0K/pKGSNz4S99bK1MzFOgKYUqSxcrKKPMENFAdd8Y6FfWFNBu0kfOmA2EU6zT
NePNZawROUNGpjN1BUnYctkywxm2jskIAupJ33dBBJFOiXuIDjXXnNtVT1HoTlDI
DEdKO5JFwbqwe4koWHkYIGWkHtyT+8E7DjjgNdA0ndMppvhxg3T/kMbaAImpXV8k
qItc36u2Pu73BZrn3T4JBfhOwAUCr0OyK+0WoWaAv//6xfMRfLM3ZmML7XwVnG7p
DB0FbDkv+GMyC7Onpqc0PcR/m9MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQx9o4D
KeFU2LTQLWa8MPhW/IDmQDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDQ4NWE0NjUtNjVlOS00YTE5LWEzOTctZjI5ZDFhMzZkMTY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMRADAN
BgkqhkiG9w0BAQsFAAOCAQEAviCXfR3eIA7dQ5wT8oVV7knxAw4/KongqOJIGpLz
7T0xKlTFK7KiKbEGzNSfUzdu3PN+Hx/lUu9qpoDg9FUUkCkJKO56apftZKcDW0qU
sl24ojCt1/T3HUsbKwiuHIY4W84LkAeDkCRBsh8Oi1y/sN2oLZEfIRZMxLUUT/KI
pb7+bhVV2gdQzZp6aDTXDIxcUN79Z+laOmeEIK33oAEK+am34wsWxPzg1EzJ2pna
PWNQsAWprI0IaYNgHjy04ssohu2lWprF9AiL5RC4a/KUYHamoZDVrzqJYNMhjtkr
qViL4dl8Zfp2K1gaagd17VOUlG1Sl47J7hRUdGVwt+fsnA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:00 2025 by rpki-client