Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
File: ecd45447-b567-4c62-b588-28bb50cce889.roa (raw, json)
Hash identifier: UgGof+qWxo5d5/LLnRCdK+ynX2ppTIxLmylP7+WNRXE=
Subject key identifier: 66:BB:D9:56:F0:00:65:46:B2:CF:97:8D:1F:3D:1C:01:92:F2:D3:1B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5283CDA4C36B52C025339EC0516649D452FB1E62
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
Signing time: Mon 16 Jun 2025 21:50:43 +0000
ROA not before: Mon 16 Jun 2025 21:50:43 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.17.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:83:cd:a4:c3:6b:52:c0:25:33:9e:c0:51:66:49:d4:52:fb:1e:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:43 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=8ddc2b2189f575dc7b3ddc6ffddfc022cd9f0c7a9b54e41fdaedb1c071c9eafc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:16:2d:0e:aa:53:c4:b5:85:18:37:40:05:9d:
99:ef:ae:c4:e4:8b:e3:cc:f9:4a:5c:ed:72:e3:d3:
45:63:8b:80:0a:1f:84:ac:1e:12:86:71:b2:69:dd:
0f:37:7f:c6:7d:bb:1f:4c:cc:ef:a3:51:72:19:58:
b3:55:b6:8f:d0:29:ca:20:fc:f6:8c:8e:59:7f:22:
9e:e4:72:fb:0a:9c:8c:24:b5:26:c9:02:ab:16:50:
79:c4:50:e2:10:be:5d:be:d6:ad:69:a0:e6:35:13:
f7:c7:0e:62:39:cf:77:2e:8c:6f:b1:ee:49:f8:97:
b1:2e:07:1e:8b:50:86:9d:9f:91:49:c3:35:50:7a:
c8:e3:f0:f0:cf:b0:11:f6:c1:25:ab:c2:96:fe:b0:
4f:e2:f0:d4:69:6b:8b:25:28:16:b2:47:6f:52:b3:
85:c5:f3:49:50:7b:aa:cd:b2:e0:0b:8f:61:a6:56:
a9:18:7a:bd:e7:e9:bf:a7:66:89:a8:78:d3:99:56:
d7:08:7c:7d:db:90:b1:7c:fc:f8:86:c3:83:86:76:
c1:d9:a6:51:f6:ca:06:00:e6:ca:ba:3e:97:c7:8d:
94:65:7f:16:b9:c9:de:f3:53:8a:f3:88:9b:0f:b0:
a2:80:c7:91:1c:4b:d9:43:c9:10:15:7d:ab:53:83:
b1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:BB:D9:56:F0:00:65:46:B2:CF:97:8D:1F:3D:1C:01:92:F2:D3:1B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
36:ea:f1:ec:a4:c0:34:c4:f1:b1:1a:20:cd:45:f4:8d:2f:4e:
ea:54:75:06:f4:dd:85:3f:5e:fc:6d:09:1c:ef:03:e7:76:92:
3b:b7:76:a1:9e:33:d2:6f:a0:50:e1:00:32:79:1c:55:6f:97:
c7:51:31:81:56:a0:1b:84:e8:3f:90:3b:d6:0a:db:83:01:18:
df:46:7c:81:4f:29:71:12:1c:5c:57:bc:62:58:10:d6:17:7f:
5c:d7:1a:3c:72:33:c4:3e:4b:10:ac:ca:1f:44:e4:4f:be:3a:
5a:07:d4:b7:11:c2:f3:22:67:90:82:ec:74:0d:ef:10:69:77:
50:6a:11:b7:98:cb:36:1e:8e:13:10:c6:e6:98:e5:32:06:11:
23:6b:bd:14:c6:9e:f5:72:51:48:ee:4f:07:53:c6:be:13:31:
35:1b:4f:b1:df:fc:33:db:8a:95:ad:eb:bd:44:cf:91:a0:92:
e0:38:16:7f:a8:8e:8c:9c:4e:d5:96:19:50:d6:a6:ae:aa:b9:
96:1e:8a:0d:52:c2:88:3c:c3:5d:a3:07:55:c3:87:2c:ad:fb:
da:3a:a9:d3:6c:75:e1:c8:8a:78:0e:23:8c:52:9a:80:4b:b0:
02:94:b5:83:26:7b:57:8b:3b:7f:8b:6f:b5:b1:c6:72:c4:26:
b2:e0:65:d5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUoPNpMNrUsAlM57AUWZJ1FL7HmIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwNDNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkZGMyYjIxODlmNTc1ZGM3YjNkZGM2ZmZkZGZjMDIyY2Q5ZjBjN2E5YjU0
ZTQxZmRhZWRiMWMwNzFjOWVhZmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMWLQ6qU8S1hRg3QAWdme+uxOSL48z5SlztcuPTRWOLgAofhKweEoZxsmnd
Dzd/xn27H0zM76NRchlYs1W2j9ApyiD89oyOWX8inuRy+wqcjCS1JskCqxZQecRQ
4hC+Xb7WrWmg5jUT98cOYjnPdy6Mb7HuSfiXsS4HHotQhp2fkUnDNVB6yOPw8M+w
EfbBJavClv6wT+Lw1GlriyUoFrJHb1KzhcXzSVB7qs2y4AuPYaZWqRh6vefpv6dm
iah405lW1wh8fduQsXz8+IbDg4Z2wdmmUfbKBgDmyro+l8eNlGV/FrnJ3vNTivOI
mw+wooDHkRxL2UPJEBV9q1ODsdkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRmu9lW
8ABlRrLPl40fPRwBkvLTGzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNkNDU0NDctYjU2Ny00YzYyLWI1ODgtMjhiYjUwY2NlODg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMMRMA0G
CSqGSIb3DQEBCwUAA4IBAQA26vHspMA0xPGxGiDNRfSNL07qVHUG9N2FP178bQkc
7wPndpI7t3ahnjPSb6BQ4QAyeRxVb5fHUTGBVqAbhOg/kDvWCtuDARjfRnyBTylx
EhxcV7xiWBDWF39c1xo8cjPEPksQrMofRORPvjpaB9S3EcLzImeQgux0De8QaXdQ
ahG3mMs2Ho4TEMbmmOUyBhEja70Uxp71clFI7k8HU8a+EzE1G0+x3/wz24qVreu9
RM+RoJLgOBZ/qI6MnE7VlhlQ1qauqrmWHooNUsKIPMNdowdVw4csrfvaOqnTbHXh
yIp4DiOMUpqAS7AClLWDJntXizt/i2+1scZyxCay4GXV
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:46:18 2025 by rpki-client