![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c7ef0ea6-7a32-4830-bc70-a378537a2733.roa
File: c7ef0ea6-7a32-4830-bc70-a378537a2733.roa (raw, json)
Hash identifier: 3Tu7jEyLUgC+0kfF1rhvKFQzdMVqZb+alUrd/8EB9X0=
Subject key identifier: 66:7D:6E:BB:7C:35:4E:05:56:CA:8C:7A:E5:C3:F2:E8:87:71:8D:2E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 468F4C2889E1517CA25F6AFCFB975E69D31C1FE9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c7ef0ea6-7a32-4830-bc70-a378537a2733.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.88.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:8f:4c:28:89:e1:51:7c:a2:5f:6a:fc:fb:97:5e:69:d3:1c:1f:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=0b64bb4947ab27e225c7d0138cf10734b4ab066df6b11e3e4ea36f9b78edac81, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:dc:55:ce:34:1a:5a:55:88:63:94:a8:75:f7:
34:7b:35:5d:e3:86:29:32:24:88:8d:ec:c4:69:ca:
a2:16:bf:3e:63:76:d7:e1:77:fd:40:0c:f1:34:3f:
4b:c6:27:df:51:eb:d5:35:ba:3a:eb:72:b6:26:31:
2e:79:12:9b:7d:c1:53:bd:7f:22:fb:f9:24:94:f1:
6e:87:29:8b:40:0e:c1:d5:16:57:ee:7d:63:bc:2d:
b3:72:79:fc:5a:02:0f:b2:03:4f:c2:fd:ab:2d:fe:
a7:a6:e1:7d:7b:c8:e4:80:3c:32:f3:6d:9a:ef:5a:
6b:41:24:e5:9c:3b:d6:ca:e2:dc:06:c7:ab:ee:1b:
04:0e:f0:f0:6d:98:0b:50:98:92:19:41:26:1c:10:
97:66:8e:e9:ae:c2:df:d3:66:b5:1d:91:07:73:5c:
60:1f:fc:dd:7b:18:bf:17:63:31:3d:5c:e5:07:55:
26:84:0d:b5:bf:68:36:73:bc:88:9c:0e:8d:02:6e:
6e:0d:2a:20:76:22:42:34:8e:ee:f6:cf:3d:b3:92:
85:1b:9c:cf:ab:7d:79:5d:36:9d:d4:65:64:2c:1d:
e0:92:f6:6c:0a:17:ae:4a:be:64:ef:4e:b1:dd:4a:
f2:e6:19:d3:7a:9b:1d:17:d0:39:bf:8a:59:99:b8:
f5:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:7D:6E:BB:7C:35:4E:05:56:CA:8C:7A:E5:C3:F2:E8:87:71:8D:2E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c7ef0ea6-7a32-4830-bc70-a378537a2733.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.88.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6e:d7:46:c0:2f:51:08:64:41:77:84:e3:1b:6e:e1:74:67:cb:
f4:84:ac:c3:da:11:c5:58:4b:f4:cf:55:12:a8:99:f8:c4:cd:
4c:9f:09:37:e0:2f:4a:2c:e6:fd:c2:65:8a:a1:d6:37:31:1b:
fc:ed:07:3c:3d:73:5f:f6:0c:f7:d3:7e:4b:69:a3:93:29:46:
93:91:85:bf:43:7c:dc:72:4f:70:24:a0:9f:90:f3:9d:00:9a:
d5:e0:0f:9f:d3:f6:55:c2:eb:42:fb:fb:90:8a:1f:8c:ff:dc:
0b:1c:aa:6f:50:09:e8:4f:6a:62:16:f4:09:8f:2f:cd:d5:93:
87:a9:93:c3:79:cd:a5:92:19:29:a0:5e:6f:a0:88:26:00:52:
42:9d:d5:e5:02:7a:76:f5:17:15:0f:24:82:83:3b:bb:8c:24:
77:0f:f6:c4:6b:0a:d0:7e:f3:14:88:ba:b1:6c:b3:8d:29:92:
c5:69:d5:a0:cb:a1:bf:9d:71:20:5a:0e:9d:43:f0:e4:ff:b4:
b2:14:c9:10:1e:9e:1a:b0:a2:40:4c:d8:d4:aa:5b:06:61:38:
08:f5:73:97:b8:35:f4:0b:a9:a7:ec:65:16:4f:af:7c:8f:dd:
40:c4:db:75:5f:a3:9f:c7:cc:34:3b:15:2d:94:95:fc:6b:63:
17:4b:1b:16
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURo9MKInhUXyiX2r8+5deadMcH+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiNjRiYjQ5NDdhYjI3ZTIyNWM3ZDAxMzhjZjEwNzM0YjRhYjA2NmRmNmIx
MWUzZTRlYTM2ZjliNzhlZGFjODExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJzcVc40GlpViGOUqHX3NHs1XeOGKTIkiI3sxGnKoha/PmN21+F3/UAM8TQ/
S8Yn31Hr1TW6OutytiYxLnkSm33BU71/Ivv5JJTxbocpi0AOwdUWV+59Y7wts3J5
/FoCD7IDT8L9qy3+p6bhfXvI5IA8MvNtmu9aa0Ek5Zw71sri3AbHq+4bBA7w8G2Y
C1CYkhlBJhwQl2aO6a7C39NmtR2RB3NcYB/83XsYvxdjMT1c5QdVJoQNtb9oNnO8
iJwOjQJubg0qIHYiQjSO7vbPPbOShRucz6t9eV02ndRlZCwd4JL2bAoXrkq+ZO9O
sd1K8uYZ03qbHRfQOb+KWZm49VUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRmfW67
fDVOBVbKjHrlw/Loh3GNLjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzdlZjBlYTYtN2EzMi00ODMwLWJjNzAtYTM3ODUzN2EyNzMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNYMA0G
CSqGSIb3DQEBCwUAA4IBAQBu10bAL1EIZEF3hOMbbuF0Z8v0hKzD2hHFWEv0z1US
qJn4xM1Mnwk34C9KLOb9wmWKodY3MRv87Qc8PXNf9gz3035LaaOTKUaTkYW/Q3zc
ck9wJKCfkPOdAJrV4A+f0/ZVwutC+/uQih+M/9wLHKpvUAnoT2piFvQJjy/N1ZOH
qZPDec2lkhkpoF5voIgmAFJCndXlAnp29RcVDySCgzu7jCR3D/bEawrQfvMUiLqx
bLONKZLFadWgy6G/nXEgWg6dQ/Dk/7SyFMkQHp4asKJATNjUqlsGYTgI9XOXuDX0
C6mn7GUWT698j91AxNt1X6Ofx8w0OxUtlJX8a2MXSxsW
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org