![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/192711-fe5e-4a9d-8227-834021adede5/1/5q2pLV8FHxTyn2kWG7KNP2PVVR8.roa
File: 5q2pLV8FHxTyn2kWG7KNP2PVVR8.roa (raw, json)
Hash identifier: YMqkDxcDl7r+QPJC5bA0X3KA7sgfsKJJqGDTi2nP0CA=
Subject key identifier: E6:AD:A9:2D:5F:05:1F:14:F2:9F:69:16:1B:B2:8D:3F:63:D5:55:1F
Certificate issuer: /CN=cfa2b0160ba0d3407cdd0ed6e319f2f436af7f0e
Certificate serial: 018CC9BBADA46BFBA644F8EEF4DBA9575DA3
Authority key identifier: CF:A2:B0:16:0B:A0:D3:40:7C:DD:0E:D6:E3:19:F2:F4:36:AF:7F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z6KwFgug00B83Q7W4xny9Davfw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/192711-fe5e-4a9d-8227-834021adede5/1/5q2pLV8FHxTyn2kWG7KNP2PVVR8.roa
Signing time: Tue 02 Jan 2024 10:32:49 +0000
ROA not before: Tue 02 Jan 2024 10:32:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42560
IP address blocks: 188.127.96.0/19 maxlen: 19
77.238.192.0/19 maxlen: 19
37.205.24.0/21 maxlen: 21
185.13.240.0/22 maxlen: 22
217.197.136.0/21 maxlen: 21
80.80.32.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/192711-fe5e-4a9d-8227-834021adede5/1/z6KwFgug00B83Q7W4xny9Davfw4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/192711-fe5e-4a9d-8227-834021adede5/1/z6KwFgug00B83Q7W4xny9Davfw4.mft
rsync://rpki.ripe.net/repository/DEFAULT/z6KwFgug00B83Q7W4xny9Davfw4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:ad:a4:6b:fb:a6:44:f8:ee:f4:db:a9:57:5d:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfa2b0160ba0d3407cdd0ed6e319f2f436af7f0e
Validity
Not Before: Jan 2 10:32:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6ada92d5f051f14f29f69161bb28d3f63d5551f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:94:7a:f7:0e:d7:cd:0e:30:01:9f:05:94:ae:
2a:00:72:73:28:63:0b:97:d0:9d:43:e7:20:be:82:
9d:48:96:03:9c:11:33:f7:b8:69:e5:a3:06:ad:48:
f8:c4:4f:a8:fc:c3:27:ac:b2:6f:7a:e7:9e:ae:81:
c3:45:f1:a0:d9:18:8e:a9:3d:ee:5b:f8:3f:e5:a4:
d8:20:7f:b4:8f:3b:fe:c7:64:fd:b0:16:0b:7a:61:
11:03:4f:fe:10:b7:eb:84:b8:d2:8a:b5:f7:e6:e6:
02:2f:f1:6b:79:c4:fa:bb:ba:b9:a8:3e:26:d9:10:
e8:00:3b:73:b0:e5:36:de:48:d1:1d:d8:db:fa:43:
58:e6:e2:db:12:fc:15:34:7a:82:ba:8d:41:32:23:
fb:3c:2c:24:5d:38:f2:74:f2:dd:7b:94:e3:de:1f:
11:6e:9a:64:7c:9b:ac:53:83:c5:4e:71:cd:dd:ad:
a8:37:74:c7:dc:89:49:06:f3:4c:13:ab:da:58:6d:
57:34:08:48:bc:98:36:b2:83:aa:e3:fa:b7:da:af:
4d:71:02:f4:9b:ba:d8:e5:c2:34:2a:1d:72:9e:d6:
f1:4e:20:c6:5e:8c:16:3a:8f:4e:f2:84:96:66:b7:
e5:f3:38:1f:1a:d6:26:0f:c7:4b:6e:74:02:1b:82:
31:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:AD:A9:2D:5F:05:1F:14:F2:9F:69:16:1B:B2:8D:3F:63:D5:55:1F
X509v3 Authority Key Identifier:
keyid:CF:A2:B0:16:0B:A0:D3:40:7C:DD:0E:D6:E3:19:F2:F4:36:AF:7F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z6KwFgug00B83Q7W4xny9Davfw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/192711-fe5e-4a9d-8227-834021adede5/1/5q2pLV8FHxTyn2kWG7KNP2PVVR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/192711-fe5e-4a9d-8227-834021adede5/1/z6KwFgug00B83Q7W4xny9Davfw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.205.24.0/21
77.238.192.0/19
80.80.32.0/20
185.13.240.0/22
188.127.96.0/19
217.197.136.0/21
Signature Algorithm: sha256WithRSAEncryption
3f:f0:4b:74:a8:50:96:bb:c1:a3:ca:4c:23:8e:8f:0c:f6:98:
17:95:e3:79:3a:eb:4d:fb:e1:ea:aa:1b:38:9a:7f:37:af:b3:
ee:8e:94:99:a1:2f:5c:99:57:b8:75:0d:70:11:b6:98:06:72:
67:04:19:30:da:98:a6:0c:8f:3c:3a:6e:85:74:c6:ba:b5:47:
ce:c5:81:6f:d5:75:c7:e8:49:da:5d:12:73:16:eb:f7:91:6d:
50:d6:80:8c:74:ed:3a:f4:44:42:88:79:1e:19:44:8c:e2:70:
9a:42:8f:93:a6:bb:e3:68:52:1c:70:4d:0f:19:d6:cc:6b:ac:
c6:9f:65:6c:af:bb:e2:37:af:e0:a2:0f:1a:7d:6f:3e:d7:64:
be:1c:36:76:23:bb:37:6a:b7:99:7b:78:00:13:38:16:99:90:
69:17:5c:47:72:88:42:c5:15:7a:e9:62:e3:8a:9a:6a:4e:a0:
19:ae:70:d9:c2:62:3c:ea:12:39:64:46:d7:61:80:a0:0f:cb:
c6:97:3b:d4:63:42:eb:ea:91:cb:ce:80:3b:e3:5f:23:64:01:
fb:aa:c5:21:d3:f5:7c:34:28:00:e9:14:bb:e7:26:53:90:8d:
5b:cf:ec:ec:6d:5b:fd:ec:84:7e:d6:82:dc:2c:5a:4d:df:ef:
05:c4:cc:cc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzJu62ka/umRPju9NupV12jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYTJiMDE2MGJhMGQzNDA3Y2RkMGVkNmUzMTlmMmY0MzZh
ZjdmMGUwHhcNMjQwMTAyMTAzMjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmFkYTkyZDVmMDUxZjE0ZjI5ZjY5MTYxYmIyOGQzZjYzZDU1NTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpR69w7XzQ4wAZ8FlK4qAHJzKGML
l9CdQ+cgvoKdSJYDnBEz97hp5aMGrUj4xE+o/MMnrLJveueeroHDRfGg2RiOqT3u
W/g/5aTYIH+0jzv+x2T9sBYLemERA0/+ELfrhLjSirX35uYCL/FrecT6u7q5qD4m
2RDoADtzsOU23kjRHdjb+kNY5uLbEvwVNHqCuo1BMiP7PCwkXTjydPLde5Tj3h8R
bppkfJusU4PFTnHN3a2oN3TH3IlJBvNME6vaWG1XNAhIvJg2soOq4/q32q9NcQL0
m7rY5cI0Kh1yntbxTiDGXowWOo9O8oSWZrfl8zgfGtYmD8dLbnQCG4IxSQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOatqS1fBR8U8p9pFhuyjT9j1VUfMB8GA1UdIwQY
MBaAFM+isBYLoNNAfN0O1uMZ8vQ2r38OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejZLd0ZndWcwMEI4M1E3VzR4bnk5RGF2Znc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8xOTI3MTEtZmU1ZS00YTlkLTgyMjct
ODM0MDIxYWRlZGU1LzEvNXEycExWOEZIeFR5bjJrV0c3S05QMlBWVlI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8xOTI3MTEtZmU1ZS00YTlkLTgyMjctODM0MDIxYWRlZGU1
LzEvejZLd0ZndWcwMEI4M1E3VzR4bnk5RGF2Znc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDJc0YAwQF
Te7AAwQEUFAgAwQCuQ3wAwQFvH9gAwQD2cWIMA0GCSqGSIb3DQEBCwUAA4IBAQA/
8Et0qFCWu8Gjykwjjo8M9pgXleN5OutN++Hqqhs4mn83r7PujpSZoS9cmVe4dQ1w
EbaYBnJnBBkw2pimDI88Om6FdMa6tUfOxYFv1XXH6EnaXRJzFuv3kW1Q1oCMdO06
9ERCiHkeGUSM4nCaQo+TprvjaFIccE0PGdbMa6zGn2Vsr7viN6/gog8afW8+12S+
HDZ2I7s3areZe3gAEzgWmZBpF1xHcohCxRV66WLjippqTqAZrnDZwmI86hI5ZEbX
YYCgD8vGlzvUY0Lr6pHLzoA7418jZAH7qsUh0/V8NCgA6RS75yZTkI1bz+zsbVv9
7IR+1oLcLFpN3+8FxMzM
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:38:03 2024 by rpki-client on console-ams.rpki-client.org