![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
File: 4eb66819-e335-446d-8ca8-7436f3cd196d.roa (raw, json)
Hash identifier: 2LgowQSFl6Rihuj4QYKI9wb9KX5OgZtLi5iCtbHa9TM=
Subject key identifier: 39:06:3D:D6:D5:9B:4D:4A:F8:B9:EB:DF:C7:C8:D5:DE:BE:20:28:6F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: E736C5856BCC447CC59444BF4B1C254B80537B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
e7:36:c5:85:6b:cc:44:7c:c5:94:44:bf:4b:1c:25:4b:80:53:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=1adeff95efefc9e32b6703c5306090b08b55c4ed5bb123a309ca8376c83c22e6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4c:9f:41:a6:9c:84:7a:d3:1f:bc:e7:14:e7:
76:a0:7c:06:ed:1c:6a:68:e7:8b:00:20:ef:4f:9b:
c4:8a:cc:4b:ab:11:be:91:05:88:b1:0c:31:38:3a:
00:52:aa:39:b5:9e:1b:a8:2b:1e:09:70:ad:5f:bd:
4e:f4:5a:ac:db:64:88:25:97:02:37:dc:a1:77:e5:
1d:c2:a9:3e:a2:c3:75:35:c0:4b:b2:b8:a3:90:fb:
60:d5:bf:78:c3:16:b1:45:8a:c0:76:53:34:f8:1a:
3c:24:67:99:bf:58:dd:23:34:c2:ab:6f:34:f9:e2:
38:f2:af:63:a7:72:e7:e5:e9:1f:96:9e:ad:db:1c:
7a:95:b4:b9:71:f4:06:81:c0:b4:65:9d:86:99:dc:
5b:c6:e0:72:58:86:48:08:6b:3f:7f:e2:7c:8e:0e:
a5:e1:18:9a:24:a9:9e:f6:76:aa:38:d4:4e:8b:cb:
c5:7a:44:b6:0a:f3:e3:54:d5:53:01:3b:7b:88:ed:
95:67:f7:71:27:f8:44:c7:94:5e:e9:7a:53:eb:e7:
06:2a:5a:23:6f:59:21:dd:9e:c4:e4:f2:de:29:15:
37:dd:98:ba:45:94:b1:93:d8:34:05:20:00:1e:a9:
78:e1:eb:b7:20:b9:6c:b0:53:61:67:e0:8a:5e:3d:
38:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:06:3D:D6:D5:9B:4D:4A:F8:B9:EB:DF:C7:C8:D5:DE:BE:20:28:6F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.128.0/18
Signature Algorithm: sha256WithRSAEncryption
58:42:65:3d:20:cd:64:75:cd:c6:0a:87:eb:aa:39:94:64:2f:
75:65:96:76:f6:d9:21:62:c1:97:df:2e:32:27:db:03:dc:93:
89:c6:44:9f:46:fe:d3:6e:26:b4:18:57:0d:51:d3:3e:bf:c9:
5d:a7:74:2d:e0:02:1e:22:c6:4f:e1:d3:98:76:c6:c5:de:b6:
9b:f4:92:fe:3e:8b:21:b3:51:11:e4:5c:45:49:f1:3b:aa:30:
7d:98:db:2c:83:bd:37:cf:ca:15:5d:90:00:97:90:cb:78:db:
7e:45:4a:fd:95:90:65:79:0d:27:06:5d:67:8f:86:10:ec:a3:
3d:c2:64:b2:fe:37:ba:10:a4:c5:0d:cf:01:29:ea:8e:ea:5e:
76:93:09:1c:b1:3a:a3:ea:d9:01:2e:22:b9:e1:57:8f:0b:f5:
b4:d0:96:8f:6a:07:79:06:80:ab:09:54:5e:93:45:84:de:38:
e2:2e:d3:6b:3c:cf:73:6e:0d:93:b5:a6:2b:fa:2d:9c:67:2b:
32:fa:e6:91:a1:be:18:24:f1:38:40:a3:8f:b5:63:bd:8a:3b:
71:a0:64:3a:76:10:32:c1:63:27:19:5c:65:65:1e:8b:1e:29:
4b:70:ea:59:50:fe:3b:24:59:7d:60:c8:09:51:68:5f:1b:74:
0e:c6:82:af
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAOc2xYVrzER8xZREv0scJUuAU3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhZGVmZjk1ZWZlZmM5ZTMyYjY3MDNjNTMwNjA5MGIwOGI1NWM0ZWQ1YmIx
MjNhMzA5Y2E4Mzc2YzgzYzIyZTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVMn0GmnIR60x+85xTndqB8Bu0camjniwAg70+bxIrMS6sRvpEFiLEMMTg6
AFKqObWeG6grHglwrV+9TvRarNtkiCWXAjfcoXflHcKpPqLDdTXAS7K4o5D7YNW/
eMMWsUWKwHZTNPgaPCRnmb9Y3SM0wqtvNPniOPKvY6dy5+XpH5aerdscepW0uXH0
BoHAtGWdhpncW8bgcliGSAhrP3/ifI4OpeEYmiSpnvZ2qjjUTovLxXpEtgrz41TV
UwE7e4jtlWf3cSf4RMeUXul6U+vnBipaI29ZId2exOTy3ikVN92YukWUsZPYNAUg
AB6peOHrtyC5bLBTYWfgil49OOcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ5Bj3W
1ZtNSvi569/HyNXeviAobzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGViNjY4MTktZTMzNS00NDZkLThjYTgtNzQzNmYzY2QxOTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBo9BgDAN
BgkqhkiG9w0BAQsFAAOCAQEAWEJlPSDNZHXNxgqH66o5lGQvdWWWdvbZIWLBl98u
MifbA9yTicZEn0b+024mtBhXDVHTPr/JXad0LeACHiLGT+HTmHbGxd62m/SS/j6L
IbNREeRcRUnxO6owfZjbLIO9N8/KFV2QAJeQy3jbfkVK/ZWQZXkNJwZdZ4+GEOyj
PcJksv43uhCkxQ3PASnqjupedpMJHLE6o+rZAS4iueFXjwv1tNCWj2oHeQaAqwlU
XpNFhN444i7TazzPc24Nk7WmK/otnGcrMvrmkaG+GCTxOECjj7VjvYo7caBkOnYQ
MsFjJxlcZWUeix4pS3DqWVD+OyRZfWDICVFoXxt0DsaCrw==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org