![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/b7GBmsPSnGGrOwq3v-ycgHV5cu0.roa
File: b7GBmsPSnGGrOwq3v-ycgHV5cu0.roa (raw, json)
Hash identifier: DWtBpuo6jMxSm4cjFHV2DLBr1PxHqu1ffv9/zTuRuVg=
Subject key identifier: 6F:B1:81:9A:C3:D2:9C:61:AB:3B:0A:B7:BF:EC:9C:80:75:79:72:ED
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01901ABCBAB430A8F603F84FD94B077AF8D9
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/b7GBmsPSnGGrOwq3v-ycgHV5cu0.roa
Signing time: Sat 15 Jun 2024 07:11:34 +0000
ROA not before: Sat 15 Jun 2024 07:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.mft
rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:1a:bc:ba:b4:30:a8:f6:03:f8:4f:d9:4b:07:7a:f8:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 15 07:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fb1819ac3d29c61ab3b0ab7bfec9c80757972ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5a:02:7a:3b:7a:69:40:d4:4a:ff:ab:21:f7:
e3:fb:29:f9:15:38:b0:69:e1:15:51:70:0c:36:f0:
e5:7b:25:37:0c:ab:27:3e:2b:72:44:ca:ca:e2:24:
78:51:a3:08:dc:2d:71:f4:b1:16:b2:56:51:5b:69:
6a:cc:9b:89:9e:31:f0:f7:53:4d:0a:7a:2e:80:ee:
1d:56:90:36:68:83:a4:cb:43:2f:63:d2:41:a2:11:
1a:7e:c3:32:2d:f3:0b:4a:f5:0a:25:37:6a:09:cd:
fb:9d:31:86:1c:3e:c7:67:2f:8e:ae:6d:71:eb:fa:
a0:60:e7:02:c5:fe:39:8d:0a:55:15:28:f9:94:c1:
1c:90:ff:09:63:42:26:ba:60:6a:48:a0:b2:1b:e5:
a6:0d:f9:3e:8a:e8:d8:30:71:de:a3:61:89:64:a6:
0b:20:c2:79:73:d7:c4:dd:8e:26:89:fb:d9:b7:92:
71:7a:5a:d0:07:de:e2:a0:83:04:27:0d:0d:d8:33:
e8:9f:80:28:03:63:d8:2c:9a:ae:b8:5b:ad:e6:ce:
bf:13:9e:19:b1:e9:db:db:73:52:df:8a:6c:11:59:
64:80:c9:f7:64:ed:9c:d0:78:be:86:76:fe:23:2f:
2f:01:bb:84:0a:3f:0d:6b:15:b6:58:31:f5:c1:b3:
70:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:B1:81:9A:C3:D2:9C:61:AB:3B:0A:B7:BF:EC:9C:80:75:79:72:ED
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/b7GBmsPSnGGrOwq3v-ycgHV5cu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
47:8c:be:6b:db:8f:06:11:3b:b3:12:11:c4:c6:74:77:88:3e:
d2:89:df:24:af:50:76:41:95:76:bf:7e:19:84:82:33:7e:b0:
ca:b4:10:a7:81:7d:19:f2:e7:99:3a:db:b4:d2:27:d3:49:37:
c9:8d:d1:d4:6f:be:58:26:a2:e4:cd:1f:e1:7c:f5:4a:51:e2:
a2:ea:54:de:9b:d3:a3:1d:d2:a7:af:f2:db:07:31:3d:58:b7:
e5:c7:5b:27:51:f0:15:f1:1e:ed:1d:57:69:4e:8f:89:4e:35:
e3:4a:7e:a5:1a:55:ff:ce:f1:14:23:56:09:07:13:d3:be:bf:
3d:5b:53:66:09:1e:85:f7:d6:0e:b7:2f:d3:de:56:cc:ae:17:
e7:c2:e6:63:66:4a:3a:19:1b:62:ce:03:c3:04:0e:cf:64:34:
08:4b:44:e4:ae:8e:4c:e3:83:c5:4a:bd:e7:ca:45:19:89:a6:
48:ce:01:c5:e3:99:a9:7a:80:1d:20:88:ce:8b:5b:c4:8f:a6:
3f:61:20:46:fb:09:fd:45:67:f7:83:c6:e2:3f:b4:6e:d2:95:
e4:82:37:76:f9:c2:c8:65:37:84:b4:67:88:a5:16:5b:98:de:
de:d5:a6:51:f3:94:ee:57:d1:3b:79:80:fe:3b:4f:97:3b:36:
cb:77:92:38
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAavLq0MKj2A/hP2UsHevjZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE1MDcxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmIxODE5YWMzZDI5YzYxYWIzYjBhYjdiZmVjOWM4MDc1Nzk3MmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFoCejt6aUDUSv+rIffj+yn5FTiw
aeEVUXAMNvDleyU3DKsnPityRMrK4iR4UaMI3C1x9LEWslZRW2lqzJuJnjHw91NN
CnougO4dVpA2aIOky0MvY9JBohEafsMyLfMLSvUKJTdqCc37nTGGHD7HZy+Orm1x
6/qgYOcCxf45jQpVFSj5lMEckP8JY0ImumBqSKCyG+WmDfk+iujYMHHeo2GJZKYL
IMJ5c9fE3Y4mifvZt5JxelrQB97ioIMEJw0N2DPon4AoA2PYLJquuFut5s6/E54Z
senb23NS34psEVlkgMn3ZO2c0Hi+hnb+Iy8vAbuECj8NaxW2WDH1wbNwPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG+xgZrD0pxhqzsKt7/snIB1eXLtMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYjdHQm1zUFNuR0dyT3dxM3YteWNnSFY1Y3UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEeMvmvbjwYRO7MSEcTG
dHeIPtKJ3ySvUHZBlXa/fhmEgjN+sMq0EKeBfRny55k627TSJ9NJN8mN0dRvvlgm
ouTNH+F89UpR4qLqVN6b06Md0qev8tsHMT1Yt+XHWydR8BXxHu0dV2lOj4lONeNK
fqUaVf/O8RQjVgkHE9O+vz1bU2YJHoX31g63L9PeVsyuF+fC5mNmSjoZG2LOA8ME
Ds9kNAhLROSujkzjg8VKvefKRRmJpkjOAcXjmal6gB0giM6LW8SPpj9hIEb7Cf1F
Z/eDxuI/tG7SleSCN3b5wshlN4S0Z4ilFluY3t7VplHzlO5X0Tt5gP47T5c7Nst3
kjg=
-----END CERTIFICATE-----
Generated at Sat Jun 15 08:17:52 2024 by rpki-client on console-fra.rpki-client.org