![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/N9WxWJobn35Rr9mDkg-hRaQ9OAU.roa
File: N9WxWJobn35Rr9mDkg-hRaQ9OAU.roa (raw, json)
Hash identifier: JKBOcQHAxp7NOHwCh24khWopo1EwIlCoIjNVRENYPfs=
Subject key identifier: 37:D5:B1:58:9A:1B:9F:7E:51:AF:D9:83:92:0F:A1:45:A4:3D:38:05
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01901AF2BE2CDD374B298A06F362FE3574AF
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/N9WxWJobn35Rr9mDkg-hRaQ9OAU.roa
Signing time: Sat 15 Jun 2024 08:10:34 +0000
ROA not before: Sat 15 Jun 2024 08:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.mft
rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 05:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:1a:f2:be:2c:dd:37:4b:29:8a:06:f3:62:fe:35:74:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 15 08:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37d5b1589a1b9f7e51afd983920fa145a43d3805
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:37:04:4a:99:38:72:eb:c0:f2:b1:44:59:9b:
dc:52:3a:73:c0:ce:0b:82:e3:08:4d:83:d7:26:15:
cf:8d:c2:bc:75:c9:fa:13:c8:ac:c8:a7:a3:b1:ff:
db:ee:14:4f:c0:9b:dd:c2:5e:4f:50:2b:ad:ca:2e:
f2:1a:23:3c:8f:fc:b8:29:e7:c0:82:eb:b4:d8:74:
e6:eb:22:12:c1:54:c1:b0:7d:66:4c:cb:7d:40:1a:
e0:a4:8d:1b:bf:aa:fb:c7:45:62:ef:cc:6a:32:d0:
43:dd:26:f7:93:62:f9:d4:75:1d:c3:e3:47:e4:90:
20:a5:89:f6:e8:89:ca:8a:71:5c:4d:3f:7f:ec:f3:
87:ae:77:28:18:f3:47:d8:af:b2:49:4a:e1:51:b4:
21:6e:02:fa:e2:65:2f:1f:d7:ef:a4:0d:fe:63:dc:
1d:2a:7b:13:d0:51:c0:88:d7:a2:9e:c0:a5:d8:67:
c2:2e:bc:f3:90:96:53:42:8d:f3:33:86:18:00:59:
a6:0b:60:cc:c1:2f:45:9b:aa:fd:22:7f:78:97:61:
84:93:d6:74:a5:8f:e5:ec:44:29:88:d0:51:52:b3:
d6:5d:7c:23:9c:f8:5c:94:2b:ae:56:4a:88:a4:d0:
32:12:27:20:23:d0:26:b8:f1:aa:f1:94:27:b0:d8:
2e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:D5:B1:58:9A:1B:9F:7E:51:AF:D9:83:92:0F:A1:45:A4:3D:38:05
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/N9WxWJobn35Rr9mDkg-hRaQ9OAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3e:ed:08:1f:52:20:40:64:43:7a:f2:85:8c:6c:6f:a2:e9:81:
ab:ee:36:48:4e:dc:7d:79:30:b6:3f:ad:6d:1b:8a:98:78:ff:
cd:02:02:ad:c4:23:72:72:7f:89:1a:58:59:ff:7a:0a:5b:de:
f7:e3:61:e6:62:c2:94:eb:ce:2f:fb:d2:50:50:26:fc:cb:4a:
a0:d8:fb:84:94:7e:17:6e:99:c1:d5:d2:a9:64:20:2b:70:c3:
13:0f:67:ab:40:1f:d6:31:c3:3c:6d:d1:26:a0:20:f3:ca:0c:
f4:d0:24:2b:2c:37:f1:70:10:3d:92:b2:c0:fa:ab:ed:3d:04:
da:93:45:4b:b1:ab:8d:39:0b:ab:2c:4e:31:0b:86:fa:26:d5:
af:3d:08:a9:1f:d9:9e:57:e3:2b:40:0a:d1:4e:f5:fb:ae:5f:
13:44:1a:8d:47:2c:41:4f:b9:cd:13:d4:d3:c7:a2:10:3c:e8:
5a:b4:25:e6:35:14:ec:80:57:cc:a7:32:52:c8:2a:a2:36:ed:
15:f9:60:33:7a:74:6c:9c:40:c4:63:fb:ac:ef:d6:ba:ee:98:
9c:2b:d4:c7:82:02:a1:ec:e6:2c:ee:0d:30:30:6a:fb:4b:60:
0b:4e:21:07:1a:f8:10:7b:54:35:05:83:7c:28:f1:6c:eb:ff:
03:d2:b1:9f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAa8r4s3TdLKYoG82L+NXSvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE1MDgxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2Q1YjE1ODlhMWI5ZjdlNTFhZmQ5ODM5MjBmYTE0NWE0M2QzODA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjcESpk4cuvA8rFEWZvcUjpzwM4L
guMITYPXJhXPjcK8dcn6E8isyKejsf/b7hRPwJvdwl5PUCutyi7yGiM8j/y4KefA
guu02HTm6yISwVTBsH1mTMt9QBrgpI0bv6r7x0Vi78xqMtBD3Sb3k2L51HUdw+NH
5JAgpYn26InKinFcTT9/7POHrncoGPNH2K+ySUrhUbQhbgL64mUvH9fvpA3+Y9wd
KnsT0FHAiNeinsCl2GfCLrzzkJZTQo3zM4YYAFmmC2DMwS9Fm6r9In94l2GEk9Z0
pY/l7EQpiNBRUrPWXXwjnPhclCuuVkqIpNAyEicgI9AmuPGq8ZQnsNgurQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDfVsViaG59+Ua/Zg5IPoUWkPTgFMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTjlXeFdKb2JuMzVScjltRGtnLWhSYVE5T0FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD7tCB9SIEBkQ3ryhYxs
b6LpgavuNkhO3H15MLY/rW0biph4/80CAq3EI3Jyf4kaWFn/egpb3vfjYeZiwpTr
zi/70lBQJvzLSqDY+4SUfhdumcHV0qlkICtwwxMPZ6tAH9Yxwzxt0SagIPPKDPTQ
JCssN/FwED2SssD6q+09BNqTRUuxq405C6ssTjELhvom1a89CKkf2Z5X4ytACtFO
9fuuXxNEGo1HLEFPuc0T1NPHohA86Fq0JeY1FOyAV8ynMlLIKqI27RX5YDN6dGyc
QMRj+6zv1rrumJwr1MeCAqHs5izuDTAwavtLYAtOIQca+BB7VDUFg3wo8Wzr/wPS
sZ8=
-----END CERTIFICATE-----
Generated at Sat Jun 15 09:31:20 2024 by rpki-client on console-fra.rpki-client.org