![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
File: 05d2e6e0-648a-472a-b287-1b954eae646d.roa (raw, json)
Hash identifier: EGbg9rdv+B3aXa5SJxgFLQfyVjjIvmOZBlCwdP5yiMU=
Subject key identifier: 3A:55:64:7E:7C:81:2C:67:88:0D:1A:73:3A:39:B8:26:70:B2:2F:CC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D22C6C5089FF6B28CABF1F38883302A0B3B51E4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:22:c6:c5:08:9f:f6:b2:8c:ab:f1:f3:88:83:30:2a:0b:3b:51:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=5ce4900dc53f5655f6fc2418842b2481d692eea14d3b033f95f8a14d5b568b48, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:8e:be:07:fb:5e:c0:51:57:49:ef:2e:92:1a:
70:d9:f3:52:ff:39:d3:c5:28:0c:ab:06:97:85:5a:
6a:2c:86:4b:f0:8c:39:e6:df:b7:4a:b4:00:74:21:
9d:ed:70:39:45:92:c6:70:a9:3b:0a:06:d5:82:c0:
0b:a7:43:23:6c:18:76:60:10:6d:4b:2d:e6:8a:f5:
21:ab:b3:da:58:c3:20:58:df:bf:be:7a:f6:59:b1:
4a:69:fb:1c:2b:ee:11:1f:cf:2a:e7:77:83:c5:da:
37:ac:d4:71:cb:a4:1f:a1:32:58:d1:4b:61:c3:72:
66:ae:ca:e8:da:86:1c:b0:2e:83:d8:7a:ee:81:3b:
24:57:42:27:7e:55:38:ae:1d:ee:73:bb:84:ee:81:
3c:b9:67:7a:65:0a:77:68:47:e5:8c:c0:b8:c4:d5:
88:c5:5e:0e:b9:89:c0:db:77:bb:fa:8b:ea:f1:85:
0c:33:28:cc:66:e3:a0:ab:bf:b5:f0:8b:55:f2:a9:
88:98:1e:65:e1:5c:54:cd:f2:4c:37:e9:d3:84:96:
1b:7e:f6:5e:a2:8d:1d:4c:5d:e8:2e:04:26:20:00:
71:9b:6d:ba:75:d6:d9:1f:19:86:8a:0e:3c:c4:f8:
8e:00:b2:e0:4d:78:3a:5b:a8:a5:4a:34:c7:64:95:
d3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:55:64:7E:7C:81:2C:67:88:0D:1A:73:3A:39:B8:26:70:B2:2F:CC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
c5:be:e4:de:61:ad:9d:8f:1d:48:1a:ee:03:a4:07:31:d5:92:
63:56:83:18:a3:65:48:39:c1:c9:c6:52:6a:d7:9e:d7:88:83:
b9:14:75:fe:0f:76:20:a4:ee:48:1b:a1:a8:0f:0e:e8:b2:08:
07:4b:af:59:13:e2:7f:0c:aa:b8:cd:4b:d9:ea:b4:d2:79:8f:
db:23:2f:27:3f:04:51:5d:15:05:5c:9e:c8:c2:d2:6d:73:98:
f3:bd:b3:87:1a:7e:fb:03:02:f5:4c:03:af:b6:c9:29:88:d6:
15:0e:11:60:db:0f:3d:d7:9d:26:03:a5:bc:0a:8c:66:c5:fe:
ac:5d:29:be:bb:17:d4:00:b5:98:a1:d9:34:cd:4c:02:bd:94:
98:f0:90:d6:79:fe:13:ab:c1:ae:82:af:fb:ca:46:79:57:d9:
04:a9:83:dc:5f:e6:27:d2:42:b9:4a:60:3b:f5:79:4a:fa:28:
24:90:4e:27:4e:2e:7e:8c:ae:dd:96:2c:d3:c8:8c:82:a5:b0:
37:99:a2:8d:17:e5:fe:df:90:11:48:60:91:a5:18:7d:d0:44:
8f:64:7f:c3:82:11:2e:b1:b0:bd:da:fa:72:08:4f:8c:06:32:
7c:b2:b1:0d:da:35:53:b2:33:fd:23:38:6b:f3:d0:9a:27:74:
5a:58:18:43
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfSLGxQif9rKMq/HziIMwKgs7UeQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjZTQ5MDBkYzUzZjU2NTVmNmZjMjQxODg0MmIyNDgxZDY5MmVlYTE0ZDNi
MDMzZjk1ZjhhMTRkNWI1NjhiNDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM+Ovgf7XsBRV0nvLpIacNnzUv8508UoDKsGl4VaaiyGS/CMOebft0q0AHQh
ne1wOUWSxnCpOwoG1YLAC6dDI2wYdmAQbUst5or1Iauz2ljDIFjfv7569lmxSmn7
HCvuER/PKud3g8XaN6zUccukH6EyWNFLYcNyZq7K6NqGHLAug9h67oE7JFdCJ35V
OK4d7nO7hO6BPLlnemUKd2hH5YzAuMTViMVeDrmJwNt3u/qL6vGFDDMozGbjoKu/
tfCLVfKpiJgeZeFcVM3yTDfp04SWG372XqKNHUxd6C4EJiAAcZttunXW2R8ZhooO
PMT4jgCy4E14OluopUo0x2SV08ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ6VWR+
fIEsZ4gNGnM6ObgmcLIvzDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDVkMmU2ZTAtNjQ4YS00NzJhLWIyODctMWI5NTRlYWU2NDZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAxb7k3mGtnY8dSBruA6QHMdWSY1aDGKNlSDnBycZS
atee14iDuRR1/g92IKTuSBuhqA8O6LIIB0uvWRPifwyquM1L2eq00nmP2yMvJz8E
UV0VBVyeyMLSbXOY872zhxp++wMC9UwDr7bJKYjWFQ4RYNsPPdedJgOlvAqMZsX+
rF0pvrsX1AC1mKHZNM1MAr2UmPCQ1nn+E6vBroKv+8pGeVfZBKmD3F/mJ9JCuUpg
O/V5SvooJJBOJ04ufoyu3ZYs08iMgqWwN5mijRfl/t+QEUhgkaUYfdBEj2R/w4IR
LrGwvdr6cghPjAYyfLKxDdo1U7Iz/SM4a/PQmid0WlgYQw==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org