![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
File: 42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa (raw, json)
Hash identifier: MS0OzG5BS5f2uxVtFBfWY4zojg0kAyVBHfAtPnj77ro=
Subject key identifier: 8E:D4:2C:36:94:18:D1:EC:47:77:6C:36:A8:EF:D8:DE:08:B3:74:32
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 186B684AD98F1825759F679DFC00D2286AF7F5C8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.164.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:6b:68:4a:d9:8f:18:25:75:9f:67:9d:fc:00:d2:28:6a:f7:f5:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=8101c4f7c150e3828dec74e3e016b45ed392a9876744d678ee20d30353009539, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:df:8b:bb:f6:07:7c:17:0a:f9:fd:fc:a5:60:
7a:86:fc:e6:78:39:ff:d3:cf:81:ab:d8:86:ac:d9:
3c:5f:d0:55:79:1e:f3:39:46:1b:72:7d:f8:0c:e5:
d4:92:74:7c:f2:50:c8:bd:06:e3:d0:d9:f2:d8:33:
ed:42:a4:65:90:ed:0c:29:b9:73:cb:fa:04:d6:a0:
a0:f8:eb:f1:f9:a3:48:96:8a:be:c1:ae:76:23:d7:
08:14:b9:1f:ed:50:e5:71:31:fb:1b:a8:20:6a:2e:
db:48:9c:90:63:6c:28:65:1a:69:7b:4b:65:2a:83:
97:60:97:15:77:39:29:30:4a:b5:ca:b0:3c:a5:60:
be:33:df:61:5f:ca:69:4f:a0:c6:a6:b2:96:5e:91:
a0:e6:f1:f6:32:6f:94:c6:32:11:2b:cf:41:1d:4c:
1c:d6:6b:92:54:89:76:ea:83:11:3b:05:12:8f:c2:
c9:c8:6f:91:10:98:32:69:ae:6a:8a:0b:f0:d6:c1:
ab:89:4c:b1:4b:a9:49:45:26:05:13:44:60:bb:ee:
46:66:f4:9d:58:81:7d:6f:05:a4:ba:5b:95:e9:bf:
dd:c2:0a:a7:d7:ce:0c:42:2a:7a:06:4b:20:90:f0:
f7:ce:44:fe:2b:1c:da:87:42:13:f0:8e:be:22:9e:
65:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:D4:2C:36:94:18:D1:EC:47:77:6C:36:A8:EF:D8:DE:08:B3:74:32
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.164.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c7:7f:52:69:15:0a:5d:8d:4c:da:34:5a:39:ae:5b:fa:1a:a5:
43:63:ff:17:98:38:83:58:de:28:91:56:b1:bd:97:f0:78:9a:
c9:ef:2b:d8:c4:2c:cf:92:ad:69:c6:57:70:55:53:80:99:fa:
95:ab:9a:6b:e4:00:55:91:70:3c:fa:1a:16:4e:c7:92:f6:9d:
73:40:55:a9:c4:a8:97:1a:3e:b3:f9:89:4c:26:72:77:9b:32:
24:f5:02:2d:bf:0f:91:b8:4a:a7:cc:d8:cd:0c:21:42:fa:ad:
31:38:60:d1:6b:4b:a2:f7:cb:64:fb:d6:90:8f:0f:23:09:f7:
69:46:a4:c3:9b:fa:06:83:ef:53:d7:0c:e9:76:b9:11:1d:15:
6f:ed:47:18:75:89:a3:b1:b5:c7:10:2e:c3:14:f4:5d:d8:1e:
b1:e0:93:c8:b0:80:41:6f:34:f6:42:50:82:7e:70:7b:d1:86:
13:78:69:39:fc:c1:b7:ff:51:53:20:21:88:65:24:5e:10:04:
cb:f8:e5:22:d4:3f:bb:cc:1c:9b:dd:9b:90:06:f2:53:08:ba:
f6:0c:95:26:f3:80:ff:b0:01:dc:c3:29:f0:74:02:bf:de:25:
98:0d:b4:9c:02:e4:b2:6b:a3:8b:f2:d6:87:4b:a4:88:6b:8a:
b4:e1:1c:c2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGGtoStmPGCV1n2ed/ADSKGr39cgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxMDFjNGY3YzE1MGUzODI4ZGVjNzRlM2UwMTZiNDVlZDM5MmE5ODc2NzQ0
ZDY3OGVlMjBkMzAzNTMwMDk1MzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANXfi7v2B3wXCvn9/KVgeob85ng5/9PPgavYhqzZPF/QVXke8zlGG3J9+Azl
1JJ0fPJQyL0G49DZ8tgz7UKkZZDtDCm5c8v6BNagoPjr8fmjSJaKvsGudiPXCBS5
H+1Q5XEx+xuoIGou20ickGNsKGUaaXtLZSqDl2CXFXc5KTBKtcqwPKVgvjPfYV/K
aU+gxqayll6RoObx9jJvlMYyESvPQR1MHNZrklSJduqDETsFEo/CychvkRCYMmmu
aooL8NbBq4lMsUupSUUmBRNEYLvuRmb0nViBfW8FpLpblem/3cIKp9fODEIqegZL
IJDw985E/isc2odCE/COviKeZfUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSO1Cw2
lBjR7Ed3bDao79jeCLN0MjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDJlZmExYTgtZjgwNC00N2M1LThhM2QtNmYzZWEwNWUxYTViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOkMA0G
CSqGSIb3DQEBCwUAA4IBAQDHf1JpFQpdjUzaNFo5rlv6GqVDY/8XmDiDWN4okVax
vZfweJrJ7yvYxCzPkq1pxldwVVOAmfqVq5pr5ABVkXA8+hoWTseS9p1zQFWpxKiX
Gj6z+YlMJnJ3mzIk9QItvw+RuEqnzNjNDCFC+q0xOGDRa0ui98tk+9aQjw8jCfdp
RqTDm/oGg+9T1wzpdrkRHRVv7UcYdYmjsbXHEC7DFPRd2B6x4JPIsIBBbzT2QlCC
fnB70YYTeGk5/MG3/1FTICGIZSReEATL+OUi1D+7zByb3ZuQBvJTCLr2DJUm84D/
sAHcwynwdAK/3iWYDbScAuSya6OL8taHS6SIa4q04RzC
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org