![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/22e4c463-260d-492f-8eb5-e1e3eda9614c.roa
File: 22e4c463-260d-492f-8eb5-e1e3eda9614c.roa (raw, json)
Hash identifier: YgPY+baI0hr5jovw0XgvygcC1ODYO3qSBtZ9uUCRMHI=
Subject key identifier: A9:FB:99:C3:10:1A:AA:83:E8:78:1F:70:A5:F2:2E:0E:4B:FF:09:75
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 05C8554D630D328E19AA3526EAD9B54BEDEBD017
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/22e4c463-260d-492f-8eb5-e1e3eda9614c.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 194.133.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:c8:55:4d:63:0d:32:8e:19:aa:35:26:ea:d9:b5:4b:ed:eb:d0:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=bec37ea58fe94f67a9aae56714d8fcf1fb2de4d6e97d2519dbc88681a596967d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8c:72:56:9e:be:bb:a7:2e:ff:7b:a6:29:b5:
0d:bc:8d:1a:af:9a:51:03:36:1d:d9:0b:6c:eb:51:
70:bc:ee:b1:8c:4b:5a:01:b8:2b:93:b1:1c:85:76:
0d:61:18:7b:d2:ef:0c:74:c5:41:fc:ff:83:b0:ee:
55:f1:d6:01:f0:3e:43:c2:90:bd:3b:50:c9:ce:74:
d6:d6:21:0a:8d:f4:fd:52:5b:25:2e:19:f8:3f:34:
d3:f0:c3:7e:2f:04:c0:d5:17:cb:a7:7c:1d:7a:0f:
ce:5d:16:70:74:11:bd:f1:ac:8f:6a:94:cf:e3:f2:
e2:93:bf:23:11:51:af:b4:5c:40:7b:4d:cb:5f:15:
14:f4:7a:f1:a0:a8:bd:a3:b6:bc:2a:f6:6b:6b:90:
3d:5c:38:d9:9d:56:71:8e:0a:b4:e4:d2:51:12:34:
de:b9:1c:fe:b2:ab:20:ee:fa:a1:09:c0:48:da:7a:
94:0d:2f:0a:4b:2c:07:5d:01:64:0f:04:cc:6e:4f:
32:c6:6f:f9:99:ad:8c:20:85:01:f0:13:fc:84:97:
cc:ed:3f:53:5b:bb:51:9f:33:89:b5:f6:a9:90:99:
b8:62:0c:67:47:21:fe:5b:aa:e5:05:61:79:fa:0a:
26:3b:ee:f2:e2:f2:e6:7b:81:80:0a:49:c6:dc:84:
ff:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:FB:99:C3:10:1A:AA:83:E8:78:1F:70:A5:F2:2E:0E:4B:FF:09:75
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/22e4c463-260d-492f-8eb5-e1e3eda9614c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.133.0.0/16
Signature Algorithm: sha256WithRSAEncryption
50:1e:3f:de:82:f6:a4:dd:69:11:a4:bc:af:96:48:56:be:ad:
e2:e0:75:e7:6c:19:7d:99:af:50:fa:9e:e5:26:88:9c:25:6a:
50:2a:1f:44:58:25:91:ce:ac:8e:fe:25:34:d9:06:ee:6b:8b:
37:90:33:8e:6e:49:83:64:16:b1:2e:82:da:be:12:8a:57:00:
15:e3:f8:bf:b2:84:56:4d:78:c6:67:41:e8:50:ce:87:42:27:
90:11:cb:f1:46:cb:f1:89:b7:38:ad:11:b3:e9:6c:f5:17:6e:
8a:19:59:02:42:8b:db:99:6a:0d:4d:9a:56:a1:30:8a:df:57:
a7:56:e7:61:85:e0:46:17:12:b2:c1:01:f6:bb:8d:3e:c9:27:
23:f1:71:77:c4:a9:e7:28:d8:23:02:a5:18:01:42:31:96:13:
1e:e1:3d:79:bd:b9:6e:e7:19:fa:98:85:e0:3a:19:3d:60:36:
6f:62:8e:67:ad:d2:b9:ab:13:b5:84:9c:62:44:ad:d7:3a:ee:
83:a4:87:8d:0c:f3:cc:36:20:49:12:91:7e:07:23:1a:24:47:
ad:68:e2:a7:5a:a8:9a:46:2b:09:67:ca:5d:5c:a8:70:0f:78:
d6:2a:6b:0c:9e:27:cc:7f:b2:5b:ad:43:74:50:74:60:00:09:
01:1a:76:ab
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBchVTWMNMo4ZqjUm6tm1S+3r0BcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlYzM3ZWE1OGZlOTRmNjdhOWFhZTU2NzE0ZDhmY2YxZmIyZGU0ZDZlOTdk
MjUxOWRiYzg4NjgxYTU5Njk2N2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSMclaevrunLv97pim1DbyNGq+aUQM2HdkLbOtRcLzusYxLWgG4K5OxHIV2
DWEYe9LvDHTFQfz/g7DuVfHWAfA+Q8KQvTtQyc501tYhCo30/VJbJS4Z+D800/DD
fi8EwNUXy6d8HXoPzl0WcHQRvfGsj2qUz+Py4pO/IxFRr7RcQHtNy18VFPR68aCo
vaO2vCr2a2uQPVw42Z1WcY4KtOTSURI03rkc/rKrIO76oQnASNp6lA0vCkssB10B
ZA8EzG5PMsZv+ZmtjCCFAfAT/ISXzO0/U1u7UZ8zibX2qZCZuGIMZ0ch/luq5QVh
efoKJjvu8uLy5nuBgApJxtyE//sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSp+5nD
EBqqg+h4H3Cl8i4OS/8JdTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjJlNGM0NjMtMjYwZC00OTJmLThlYjUtZTFlM2VkYTk2MTRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMKFMA0G
CSqGSIb3DQEBCwUAA4IBAQBQHj/egvak3WkRpLyvlkhWvq3i4HXnbBl9ma9Q+p7l
JoicJWpQKh9EWCWRzqyO/iU02Qbua4s3kDOObkmDZBaxLoLavhKKVwAV4/i/soRW
TXjGZ0HoUM6HQieQEcvxRsvxibc4rRGz6Wz1F26KGVkCQovbmWoNTZpWoTCK31en
VudhheBGFxKywQH2u40+yScj8XF3xKnnKNgjAqUYAUIxlhMe4T15vblu5xn6mIXg
Ohk9YDZvYo5nrdK5qxO1hJxiRK3XOu6DpIeNDPPMNiBJEpF+ByMaJEetaOKnWqia
RisJZ8pdXKhwD3jWKmsMnifMf7JbrUN0UHRgAAkBGnar
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org