![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/018d1278-2c0d-467a-ae97-a69101b9f274.roa
File: 018d1278-2c0d-467a-ae97-a69101b9f274.roa (raw, json)
Hash identifier: zrImCmhmgLcUeVfvSMp2FgTYSjKJXBNKnzX/JaHn0sw=
Subject key identifier: 71:52:22:B1:B0:2C:C6:DA:97:15:4D:A2:F8:B8:31:39:FF:DC:09:4A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 35DE4ACDA661C2AD24C62FA8316198D415A0886A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/018d1278-2c0d-467a-ae97-a69101b9f274.roa
Signing time: Mon 17 Jun 2024 00:00:00 +0000
ROA not before: Mon 17 Jun 2024 00:00:00 +0000
ROA not after: Mon 22 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.60.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 20:24:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:de:4a:cd:a6:61:c2:ad:24:c6:2f:a8:31:61:98:d4:15:a0:88:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:00:00 2024 GMT
Not After : Jul 22 23:59:59 2024 GMT
Subject: serialNumber=7a2a5efe4010ca4b6728f6e41c9702456f8c33835e94abf3e4598a6c48fed354, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:78:6c:ed:cb:1e:1f:80:69:d3:da:1f:e5:9e:
38:ae:8f:24:e3:dd:7e:1a:0a:17:96:6a:74:01:c3:
50:d3:51:6b:a9:6a:c6:7a:4a:8d:0c:96:b9:d1:12:
9d:66:2b:bc:85:09:9a:65:49:23:ee:19:6a:ba:d2:
90:4b:22:a1:a0:7d:9f:36:47:75:bf:10:d2:f5:b6:
b1:44:ca:ac:76:cc:10:b8:9d:0b:02:7c:04:52:e8:
c5:8c:e1:7f:f5:38:dd:0c:15:c4:43:fe:ec:d6:3e:
23:db:78:f8:fe:fc:9e:46:13:6b:8a:d7:01:2f:3f:
8b:f0:b2:9f:7f:91:42:2d:fe:a0:4e:f0:37:69:a8:
8c:13:4c:d8:06:00:d5:ec:d7:5c:73:08:60:b4:d9:
cd:0c:fb:7b:82:51:e2:89:d0:24:e3:fa:b8:7c:44:
4c:33:2d:7f:a3:3e:34:7a:d3:a1:e8:41:9c:df:06:
3a:2a:02:58:0e:3e:71:0f:12:9d:c3:9e:a0:7a:23:
34:11:66:48:fc:96:bd:9f:27:6b:95:67:62:d2:53:
fe:8e:f7:96:82:6f:25:fa:6e:bd:98:3c:1c:2d:d8:
02:34:d3:70:f6:35:c1:0a:81:be:9b:dd:f6:2d:a1:
a5:d5:af:f6:25:72:77:20:8e:86:d1:a4:7e:21:30:
66:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:52:22:B1:B0:2C:C6:DA:97:15:4D:A2:F8:B8:31:39:FF:DC:09:4A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/018d1278-2c0d-467a-ae97-a69101b9f274.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.60.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b0:1e:d8:d9:36:e9:5f:44:38:a2:04:92:c2:73:aa:57:be:4d:
ac:ee:45:12:82:08:5e:51:6c:f3:c0:1e:d3:bf:3a:7c:2d:75:
c8:c2:d2:d0:79:2f:ef:ed:46:2e:a3:b5:51:4f:75:b3:18:36:
31:ea:e2:8c:73:7c:c3:a1:73:31:a7:75:7c:fc:a5:86:bc:d5:
ea:61:07:90:e7:12:1e:c1:d4:9f:9f:f8:78:e8:3f:60:32:0d:
c0:49:f9:2b:9e:95:38:12:17:50:54:14:1a:0e:8c:b4:5e:d4:
2e:d6:4b:b3:bb:d4:ac:e8:f1:ff:ec:37:c4:0a:58:97:98:b4:
b3:37:0a:ef:3e:3d:97:19:dd:d6:a8:6e:79:14:e3:5f:a0:a4:
6c:9b:3f:8f:06:b1:b9:4e:ab:8c:92:19:83:70:70:d8:a2:da:
f5:3a:2e:93:5e:22:9e:75:10:6c:30:a8:c6:17:b0:97:12:f4:
e8:54:1b:29:29:96:56:44:d4:3b:18:54:cf:ad:71:0a:09:fb:
45:c9:44:58:56:e2:b0:57:2f:dc:a7:11:4c:52:1d:0b:83:b1:
89:b7:3a:59:c1:0f:b7:a5:55:b7:e7:20:45:82:9c:25:48:a4:
dc:aa:96:7b:49:b0:77:d3:c8:91:74:e8:db:85:59:12:ee:91:
b6:22:29:55
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNd5KzaZhwq0kxi+oMWGY1BWgiGowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTcwMDAwMDBaFw0yNDA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhMmE1ZWZlNDAxMGNhNGI2NzI4ZjZlNDFjOTcwMjQ1NmY4YzMzODM1ZTk0
YWJmM2U0NTk4YTZjNDhmZWQzNTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZ4bO3LHh+AadPaH+WeOK6PJOPdfhoKF5ZqdAHDUNNRa6lqxnpKjQyWudES
nWYrvIUJmmVJI+4ZarrSkEsioaB9nzZHdb8Q0vW2sUTKrHbMELidCwJ8BFLoxYzh
f/U43QwVxEP+7NY+I9t4+P78nkYTa4rXAS8/i/Cyn3+RQi3+oE7wN2mojBNM2AYA
1ezXXHMIYLTZzQz7e4JR4onQJOP6uHxETDMtf6M+NHrToehBnN8GOioCWA4+cQ8S
ncOeoHojNBFmSPyWvZ8na5VnYtJT/o73loJvJfpuvZg8HC3YAjTTcPY1wQqBvpvd
9i2hpdWv9iVydyCOhtGkfiEwZrECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRxUiKx
sCzG2pcVTaL4uDE5/9wJSjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDE4ZDEyNzgtMmMwZC00NjdhLWFlOTctYTY5MTAxYjlmMjc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADM8MA0G
CSqGSIb3DQEBCwUAA4IBAQCwHtjZNulfRDiiBJLCc6pXvk2s7kUSggheUWzzwB7T
vzp8LXXIwtLQeS/v7UYuo7VRT3WzGDYx6uKMc3zDoXMxp3V8/KWGvNXqYQeQ5xIe
wdSfn/h46D9gMg3ASfkrnpU4EhdQVBQaDoy0XtQu1kuzu9Ss6PH/7DfECliXmLSz
NwrvPj2XGd3WqG55FONfoKRsmz+PBrG5TquMkhmDcHDYotr1Oi6TXiKedRBsMKjG
F7CXEvToVBspKZZWRNQ7GFTPrXEKCftFyURYVuKwVy/cpxFMUh0Lg7GJtzpZwQ+3
pVW35yBFgpwlSKTcqpZ7SbB308iRdOjbhVkS7pG2IilV
-----END CERTIFICATE-----
Generated at Wed Jun 26 02:09:55 2024 by rpki-client on console-ams.rpki-client.org