![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/90e43ec0-92f9-420a-8158-7b97f7f32b51.roa
File: 90e43ec0-92f9-420a-8158-7b97f7f32b51.roa (raw, json)
Hash identifier: XbV9glQUXZV+c/b0rT4FTof8ppLmjZgVvcrekbeL9yw=
Subject key identifier: 09:88:6A:AB:EB:49:63:56:5B:E0:E2:A0:B6:96:E5:33:81:D6:6E:F9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1C30ED9ABBEB9CBB2E43989D7C00AD732F5A2D88
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/90e43ec0-92f9-420a-8158-7b97f7f32b51.roa
Signing time: Mon 17 Jun 2024 00:00:00 +0000
ROA not before: Mon 17 Jun 2024 00:00:00 +0000
ROA not after: Mon 22 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 143.65.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 20:24:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:30:ed:9a:bb:eb:9c:bb:2e:43:98:9d:7c:00:ad:73:2f:5a:2d:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:00:00 2024 GMT
Not After : Jul 22 23:59:59 2024 GMT
Subject: serialNumber=9e7bef638f7fea6ff5d4bff3672f1a249505e6b702b4565a03b2548f57725be2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e5:c0:96:59:83:fc:d0:5c:b7:e2:9e:4c:01:
01:0f:28:5c:48:d9:62:7b:36:03:a7:15:0e:7d:68:
5f:3b:ba:38:ba:04:e6:8e:f9:13:bc:db:63:3c:82:
4a:fb:a2:25:3f:9f:7a:a7:f5:51:e5:70:29:1f:b2:
12:4b:a5:bc:d0:ce:9c:fe:28:1d:29:71:4f:d8:69:
47:a9:d7:ad:05:8f:b3:0d:e0:35:be:f1:1e:74:38:
e9:c5:cc:61:33:88:7e:ce:3b:89:c0:f7:d9:77:20:
32:b2:71:10:b2:0e:e5:9f:0c:37:22:61:cf:7f:cb:
83:ce:a8:a3:72:34:3b:3c:6c:ce:98:a7:9a:78:95:
95:bd:9b:f1:04:5a:96:8e:6f:06:9f:da:c0:92:60:
a0:d1:fd:b3:7e:88:ec:ab:40:23:19:30:3d:c1:50:
97:d1:7a:24:b2:d5:3c:09:25:38:70:5a:d4:ff:ea:
dd:28:3a:10:b3:0d:70:23:d9:2c:c4:56:aa:c3:d4:
31:a5:b1:80:46:98:9e:b7:a4:ed:ff:75:18:e7:2f:
d1:42:cb:7e:bc:ee:5f:c2:7a:ec:29:1f:8f:40:d3:
76:8c:ae:74:47:0f:bb:d7:0e:b4:33:4e:08:66:b9:
ba:cf:3f:7e:e6:a8:b2:b6:1f:20:33:74:14:33:06:
3f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:88:6A:AB:EB:49:63:56:5B:E0:E2:A0:B6:96:E5:33:81:D6:6E:F9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/90e43ec0-92f9-420a-8158-7b97f7f32b51.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.128.0/18
Signature Algorithm: sha256WithRSAEncryption
7f:71:d2:16:a0:88:01:ca:0e:4f:3e:2e:35:eb:1c:19:c3:a5:
83:7f:7c:c7:41:c0:5a:21:70:1c:ef:75:af:76:3d:72:0f:29:
69:a9:9c:9d:c3:b1:a9:37:41:af:ac:e7:15:7d:21:cf:91:f7:
20:92:34:79:1c:bf:60:3c:62:d2:6e:1a:20:4d:67:fa:fb:bc:
82:27:63:15:0e:a8:a4:1c:1e:bf:01:8b:1e:b3:0e:5c:48:ec:
e7:1d:d2:4b:9c:84:aa:15:a0:0e:10:46:d1:92:bd:88:b1:ef:
da:e3:09:3e:ff:5f:57:96:01:d6:3e:3c:7d:9c:29:28:aa:93:
fa:e7:ef:81:d7:b8:d8:e6:b7:cc:af:7a:84:97:99:31:a4:42:
09:3b:90:25:25:59:99:f1:bf:87:0c:a2:18:6d:74:b7:0b:20:
d5:ea:7d:50:40:d0:ba:74:50:1b:bd:db:a1:ee:2b:f3:3e:85:
90:c6:a7:b0:a7:6b:35:09:5e:e0:03:66:b2:f6:62:e4:e1:67:
cd:fe:43:cd:7b:01:31:75:16:99:37:ce:ae:53:c4:27:16:4d:
4e:71:fc:84:12:80:c7:22:4b:38:e4:a7:35:09:da:10:17:42:
49:ac:8a:5a:a5:8b:a6:99:ca:15:a6:3b:c0:01:97:7c:72:80:
9c:7c:e3:60
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHDDtmrvrnLsuQ5idfACtcy9aLYgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTcwMDAwMDBaFw0yNDA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDllN2JlZjYzOGY3ZmVhNmZmNWQ0YmZmMzY3MmYxYTI0OTUwNWU2YjcwMmI0
NTY1YTAzYjI1NDhmNTc3MjViZTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7lwJZZg/zQXLfinkwBAQ8oXEjZYns2A6cVDn1oXzu6OLoE5o75E7zbYzyC
SvuiJT+feqf1UeVwKR+yEkulvNDOnP4oHSlxT9hpR6nXrQWPsw3gNb7xHnQ46cXM
YTOIfs47icD32XcgMrJxELIO5Z8MNyJhz3/Lg86oo3I0OzxszpinmniVlb2b8QRa
lo5vBp/awJJgoNH9s36I7KtAIxkwPcFQl9F6JLLVPAklOHBa1P/q3Sg6ELMNcCPZ
LMRWqsPUMaWxgEaYnrek7f91GOcv0ULLfrzuX8J67Ckfj0DTdoyudEcPu9cOtDNO
CGa5us8/fuaosrYfIDN0FDMGP2UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQJiGqr
60ljVlvg4qC2luUzgdZu+TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTBlNDNlYzAtOTJmOS00MjBhLTgxNTgtN2I5N2Y3ZjMyYjUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBo9BgDAN
BgkqhkiG9w0BAQsFAAOCAQEAf3HSFqCIAcoOTz4uNescGcOlg398x0HAWiFwHO91
r3Y9cg8paamcncOxqTdBr6znFX0hz5H3IJI0eRy/YDxi0m4aIE1n+vu8gidjFQ6o
pBwevwGLHrMOXEjs5x3SS5yEqhWgDhBG0ZK9iLHv2uMJPv9fV5YB1j48fZwpKKqT
+ufvgde42Oa3zK96hJeZMaRCCTuQJSVZmfG/hwyiGG10twsg1ep9UEDQunRQG73b
oe4r8z6FkMansKdrNQle4ANmsvZi5OFnzf5DzXsBMXUWmTfOrlPEJxZNTnH8hBKA
xyJLOOSnNQnaEBdCSayKWqWLppnKFaY7wAGXfHKAnHzjYA==
-----END CERTIFICATE-----
Generated at Wed Jun 26 02:09:56 2024 by rpki-client on console-ams.rpki-client.org