![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/df3c61-78ae-4d1c-a756-6348649774a2/1/ujjA7gAhSggI_fju13FkKMGr8ZQ.roa
File: ujjA7gAhSggI_fju13FkKMGr8ZQ.roa (raw, json)
Hash identifier: 5o16JCI3AjgrYKAqSTaLlOHXMvqC/4mSBxI6EUbGSq0=
Subject key identifier: BA:38:C0:EE:00:21:4A:08:08:FD:F8:EE:D7:71:64:28:C1:AB:F1:94
Certificate issuer: /CN=51ac7e33744c248f87de2dc63aabf19f6c84b032
Certificate serial: 018CCA2A0E86816D3528E1779433E0F745FB
Authority key identifier: 51:AC:7E:33:74:4C:24:8F:87:DE:2D:C6:3A:AB:F1:9F:6C:84:B0:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uax-M3RMJI-H3i3GOqvxn2yEsDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/df3c61-78ae-4d1c-a756-6348649774a2/1/ujjA7gAhSggI_fju13FkKMGr8ZQ.roa
Signing time: Tue 02 Jan 2024 12:33:23 +0000
ROA not before: Tue 02 Jan 2024 12:33:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49078
IP address blocks: 195.88.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/df3c61-78ae-4d1c-a756-6348649774a2/1/Uax-M3RMJI-H3i3GOqvxn2yEsDI.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/df3c61-78ae-4d1c-a756-6348649774a2/1/Uax-M3RMJI-H3i3GOqvxn2yEsDI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uax-M3RMJI-H3i3GOqvxn2yEsDI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 04:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:0e:86:81:6d:35:28:e1:77:94:33:e0:f7:45:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51ac7e33744c248f87de2dc63aabf19f6c84b032
Validity
Not Before: Jan 2 12:33:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba38c0ee00214a0808fdf8eed7716428c1abf194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c4:da:0c:ca:ee:59:03:f9:81:a1:ea:7b:7e:
98:43:78:79:d2:9a:cf:1f:37:c6:66:31:2b:6e:d0:
23:2e:f4:26:88:a8:ac:f2:35:c3:29:06:51:bd:c6:
0f:68:84:91:86:48:3f:ea:21:ef:46:b9:be:a9:4e:
a5:51:3f:6a:4a:99:ed:db:3e:8d:a3:e6:4f:8e:db:
7b:b8:a0:e3:a6:c9:38:47:80:16:b0:95:57:8e:e4:
55:1d:f5:aa:2f:34:74:39:eb:4d:18:79:fd:f2:37:
1a:b0:51:8a:13:a7:e8:6a:4d:ce:db:6c:94:84:b7:
b8:1a:24:82:b0:2b:19:01:55:e6:b1:12:bb:25:1d:
27:8a:3c:53:8b:02:ca:b9:f5:c1:f8:db:28:89:e5:
5f:7f:ad:b9:51:8a:85:dc:72:6d:de:06:e4:19:cf:
db:31:eb:50:8c:dd:60:5b:53:58:44:aa:c6:54:c0:
33:ef:54:6b:93:1e:b8:93:74:bf:d1:b2:6c:d8:4f:
0a:5e:89:44:79:de:53:51:da:27:bd:a0:7b:17:05:
62:98:84:46:d2:56:fd:9c:77:87:7d:af:23:94:6d:
e8:67:fe:f4:73:27:b7:63:fe:3b:75:22:61:c2:75:
17:80:bc:13:e2:1a:a3:14:af:0a:a3:d3:0a:73:e6:
05:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:38:C0:EE:00:21:4A:08:08:FD:F8:EE:D7:71:64:28:C1:AB:F1:94
X509v3 Authority Key Identifier:
keyid:51:AC:7E:33:74:4C:24:8F:87:DE:2D:C6:3A:AB:F1:9F:6C:84:B0:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uax-M3RMJI-H3i3GOqvxn2yEsDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/df3c61-78ae-4d1c-a756-6348649774a2/1/ujjA7gAhSggI_fju13FkKMGr8ZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/df3c61-78ae-4d1c-a756-6348649774a2/1/Uax-M3RMJI-H3i3GOqvxn2yEsDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.183.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:a1:f3:a3:60:a1:5a:34:ea:69:23:a4:ee:2e:0a:94:33:f2:
65:1c:4f:0a:d8:c9:6f:db:d5:f8:58:8a:90:7d:c9:83:2c:d4:
25:a6:91:91:8b:80:dd:13:cf:a5:b2:1a:9d:56:b6:3a:a1:30:
f9:da:60:03:e7:2a:36:a4:c8:d4:f9:37:0e:79:b3:66:6c:fa:
64:68:7c:21:e2:ee:d8:ff:70:3b:aa:8f:04:f6:72:af:77:2d:
db:ab:1c:03:f0:51:7e:21:3e:eb:f2:3c:93:c1:41:af:d2:d9:
6c:4c:dd:77:db:a0:09:d2:f1:14:65:dd:a4:d5:e7:9e:06:3b:
86:b7:7c:53:2c:89:77:68:16:e7:ed:2a:c1:41:f4:ea:68:4e:
be:49:e6:4c:6e:b2:6d:0f:24:2d:4a:b7:46:2b:8b:03:93:2f:
7c:0a:47:5b:e3:d5:0e:2f:61:7d:75:23:a4:62:dd:a7:40:f9:
09:80:67:e0:8c:1a:2b:89:6f:3e:e0:7d:ba:a1:80:17:78:4c:
03:b6:57:a8:0a:14:1d:9e:57:7f:9d:6f:67:54:3f:8f:5c:10:
12:5d:db:cf:6f:95:18:48:90:df:47:09:14:95:1d:1a:d6:8d:
1b:f0:7c:0e:d0:73:3a:a3:8e:31:ac:0f:1e:a4:e1:5f:82:7d:
25:fb:26:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKg6GgW01KOF3lDPg90X7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYWM3ZTMzNzQ0YzI0OGY4N2RlMmRjNjNhYWJmMTlmNmM4
NGIwMzIwHhcNMjQwMTAyMTIzMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTM4YzBlZTAwMjE0YTA4MDhmZGY4ZWVkNzcxNjQyOGMxYWJmMTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMTaDMruWQP5gaHqe36YQ3h50prP
HzfGZjErbtAjLvQmiKis8jXDKQZRvcYPaISRhkg/6iHvRrm+qU6lUT9qSpnt2z6N
o+ZPjtt7uKDjpsk4R4AWsJVXjuRVHfWqLzR0OetNGHn98jcasFGKE6foak3O22yU
hLe4GiSCsCsZAVXmsRK7JR0nijxTiwLKufXB+NsoieVff625UYqF3HJt3gbkGc/b
MetQjN1gW1NYRKrGVMAz71Rrkx64k3S/0bJs2E8KXolEed5TUdonvaB7FwVimIRG
0lb9nHeHfa8jlG3oZ/70cye3Y/47dSJhwnUXgLwT4hqjFK8Ko9MKc+YFPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLo4wO4AIUoICP347tdxZCjBq/GUMB8GA1UdIwQY
MBaAFFGsfjN0TCSPh94txjqr8Z9shLAyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWF4LU0zUk1KSS1IM2kzR09xdnhuMnlFc0RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9kZjNjNjEtNzhhZS00ZDFjLWE3NTYt
NjM0ODY0OTc3NGEyLzEvdWpqQTdnQWhTZ2dJX2ZqdTEzRmtLTUdyOFpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9kZjNjNjEtNzhhZS00ZDFjLWE3NTYtNjM0ODY0OTc3NGEy
LzEvVWF4LU0zUk1KSS1IM2kzR09xdnhuMnlFc0RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1i3MA0G
CSqGSIb3DQEBCwUAA4IBAQCoofOjYKFaNOppI6TuLgqUM/JlHE8K2Mlv29X4WIqQ
fcmDLNQlppGRi4DdE8+lshqdVrY6oTD52mAD5yo2pMjU+TcOebNmbPpkaHwh4u7Y
/3A7qo8E9nKvdy3bqxwD8FF+IT7r8jyTwUGv0tlsTN1326AJ0vEUZd2k1eeeBjuG
t3xTLIl3aBbn7SrBQfTqaE6+SeZMbrJtDyQtSrdGK4sDky98Ckdb49UOL2F9dSOk
Yt2nQPkJgGfgjBoriW8+4H26oYAXeEwDtleoChQdnld/nW9nVD+PXBASXdvPb5UY
SJDfRwkUlR0a1o0b8HwO0HM6o44xrA8epOFfgn0l+yYj
-----END CERTIFICATE-----
Generated at Mon Jun 24 12:00:23 2024 by rpki-client on console-fra.rpki-client.org