![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
File: bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa (raw, json)
Hash identifier: ufxIfSVgWQ7nc/XQSUbQH2kMPMdYHESnBTTKR51Zm2Y=
Subject key identifier: A0:D8:DF:BC:30:A0:2B:99:57:75:CC:1E:E8:D8:E3:6D:23:3D:10:66
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4258B70BAC50A9F9B4EB548C3165740650A1DAAF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:58:b7:0b:ac:50:a9:f9:b4:eb:54:8c:31:65:74:06:50:a1:da:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=eabb32d1c22111d9ea58d3b560bd9ac899f151541bdda05484ef90daeb8b8376, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6b:a2:07:a4:d4:fd:8a:26:45:89:72:b4:75:
d4:ba:26:5c:fb:2b:a9:34:d3:6d:9d:fe:cd:a4:b6:
f5:88:b9:b7:24:a6:d1:02:84:67:de:4f:82:5c:58:
c2:34:ab:fa:d9:35:be:a0:7a:c8:f1:37:64:d4:13:
32:68:94:ce:bb:b6:0c:f4:20:36:dc:bb:2c:f4:80:
26:34:5f:9a:5c:a4:0b:e1:3e:f8:e7:45:d9:d0:19:
7d:b4:92:50:26:f5:f8:3b:f1:db:1d:54:d0:18:f5:
06:b6:62:f7:07:df:12:51:4d:27:77:72:fd:03:0b:
bf:7a:9b:a5:e6:ce:9f:0e:48:34:8d:0c:2b:bc:b5:
2d:10:ee:41:a6:17:8e:14:74:af:11:77:c0:8f:f6:
79:7a:9f:89:3f:77:9b:07:c8:29:a9:45:07:87:28:
85:eb:f1:61:b2:47:e7:4e:08:e1:97:ae:b2:92:9c:
c4:81:e8:5f:3b:13:7e:de:f1:0d:d0:7e:63:6c:12:
23:84:93:8e:2a:4a:99:c3:7d:51:41:dd:cf:c1:7d:
b2:5d:0f:11:ef:29:20:ad:07:0f:28:70:8c:23:96:
89:b6:5f:cf:14:b2:9c:47:c1:5d:95:ed:a4:a3:88:
eb:61:be:59:c0:aa:77:0b:99:07:9e:ca:4a:da:7c:
0f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:D8:DF:BC:30:A0:2B:99:57:75:CC:1E:E8:D8:E3:6D:23:3D:10:66
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
04:d7:5d:8f:cf:8d:b7:cf:83:c3:1b:e1:9e:7b:b4:73:90:0c:
dc:c9:8c:ac:7b:3c:6e:93:09:fd:0f:e4:fc:80:e9:c7:43:6e:
5c:66:75:57:64:30:4c:a3:43:3f:bd:4b:2e:eb:e8:f0:22:4d:
b5:92:87:d8:e1:7a:85:df:61:d3:58:32:0b:34:2e:b3:b2:29:
6a:ff:ad:bc:0f:85:de:30:e5:64:3d:0c:16:bd:42:21:d6:31:
9e:ec:02:f3:63:9a:16:b8:51:20:1e:f6:25:6f:f4:84:ef:f3:
46:f8:e6:a0:b8:12:ed:7b:88:60:38:c1:b1:24:a0:53:41:61:
26:53:1d:a6:4d:ca:98:60:a4:2c:9d:7d:0d:f1:51:25:cc:1d:
c2:4d:6f:19:57:6d:46:f3:d0:84:d5:b7:2f:b9:be:77:8f:4d:
87:cc:28:69:10:5d:25:f5:b9:0d:b7:00:a4:8e:a9:3c:49:e7:
c4:db:48:cf:3f:ad:2e:e8:f1:24:5f:2e:7e:f9:15:9a:cc:e8:
da:a1:ce:ae:31:5f:41:3e:15:5b:24:eb:72:c3:1f:e7:8a:59:
e2:3c:8b:d1:3a:03:d5:d9:bc:24:4e:70:5c:b3:23:08:f6:99:
4e:55:71:3c:52:96:7d:1b:c3:fb:e3:c9:4f:37:c5:94:4b:d1:
b2:37:0a:87
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQli3C6xQqfm061SMMWV0BlCh2q8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhYmIzMmQxYzIyMTExZDllYTU4ZDNiNTYwYmQ5YWM4OTlmMTUxNTQxYmRk
YTA1NDg0ZWY5MGRhZWI4YjgzNzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMprogek1P2KJkWJcrR11LomXPsrqTTTbZ3+zaS29Yi5tySm0QKEZ95PglxY
wjSr+tk1vqB6yPE3ZNQTMmiUzru2DPQgNty7LPSAJjRfmlykC+E++OdF2dAZfbSS
UCb1+Dvx2x1U0Bj1BrZi9wffElFNJ3dy/QMLv3qbpebOnw5INI0MK7y1LRDuQaYX
jhR0rxF3wI/2eXqfiT93mwfIKalFB4cohevxYbJH504I4ZeuspKcxIHoXzsTft7x
DdB+Y2wSI4STjipKmcN9UUHdz8F9sl0PEe8pIK0HDyhwjCOWibZfzxSynEfBXZXt
pKOI62G+WcCqdwuZB57KStp8D+kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSg2N+8
MKArmVd1zB7o2ONtIz0QZjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmVkYzIxNzItNTBkZi00ZWE3LThjMzgtZWJhMmNkZjJkNWRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQAE112Pz423z4PDG+Gee7RzkAzcyYysezxukwn9D+T8
gOnHQ25cZnVXZDBMo0M/vUsu6+jwIk21kofY4XqF32HTWDILNC6zsilq/628D4Xe
MOVkPQwWvUIh1jGe7ALzY5oWuFEgHvYlb/SE7/NG+OaguBLte4hgOMGxJKBTQWEm
Ux2mTcqYYKQsnX0N8VElzB3CTW8ZV21G89CE1bcvub53j02HzChpEF0l9bkNtwCk
jqk8SefE20jPP60u6PEkXy5++RWazOjaoc6uMV9BPhVbJOtywx/nilniPIvROgPV
2bwkTnBcsyMI9plOVXE8UpZ9G8P748lPN8WUS9GyNwqH
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org