![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3139342e35392e3232332e302f32342d3234203d3e20313939363134.roa
File: 3139342e35392e3232332e302f32342d3234203d3e20313939363134.roa (raw, json)
Hash identifier: jGs2aqE+/7vgDDmIS62FbYwe6Qw0U7YjibG53PkQERg=
Subject key identifier: 05:DB:A1:5F:EB:0C:BE:76:99:67:EE:29:9B:95:C5:E3:E0:17:2C:91
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 24404220AC9AEE204D062845321117743E6FBC5B
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3139342e35392e3232332e302f32342d3234203d3e20313939363134.roa
Signing time: Fri 22 Dec 2023 07:41:24 +0000
ROA not before: Fri 22 Dec 2023 07:36:24 +0000
ROA not after: Fri 20 Dec 2024 07:41:24 +0000
asID: 199614
IP address blocks: 194.59.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:40:42:20:ac:9a:ee:20:4d:06:28:45:32:11:17:74:3e:6f:bc:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Dec 22 07:36:24 2023 GMT
Not After : Dec 20 07:41:24 2024 GMT
Subject: CN=05DBA15FEB0CBE769967EE299B95C5E3E0172C91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6e:8e:da:3a:61:95:06:2c:55:a2:4c:3f:0b:
2b:b6:e4:49:49:de:50:5f:95:6b:1a:2e:bd:03:46:
a9:74:a5:4c:5b:98:bb:c2:1b:a7:e4:de:64:d7:35:
23:6b:ef:2e:2a:d2:ed:d8:93:04:bc:29:39:62:29:
74:86:15:53:5c:ca:e3:1f:85:50:48:30:1f:85:59:
b9:e3:d7:ef:7b:2d:98:8e:0c:de:81:4f:61:76:33:
e0:7f:08:da:8d:b4:81:96:c5:12:d2:12:d0:73:9d:
f1:aa:d5:d6:a9:7f:94:c6:cf:d8:ab:00:1b:08:01:
c8:53:10:77:18:1e:aa:30:f1:89:65:63:e2:08:d4:
3e:97:ca:25:2d:fb:8a:8b:22:3b:6b:6e:48:fa:3e:
45:71:e2:db:6e:fd:69:d2:c6:c3:dd:2d:28:38:22:
b3:a5:b5:55:3b:80:4a:09:b9:51:66:f5:f9:40:bb:
4f:f8:6e:c5:4e:23:ca:96:06:57:12:2a:79:18:46:
7b:eb:a1:b0:8d:ed:8f:1a:e3:dd:87:e6:be:2a:54:
16:f1:da:48:83:b4:37:10:5f:9a:7c:22:3b:38:9e:
51:94:28:1c:87:af:42:41:77:1d:68:75:2c:59:b4:
a0:ff:ce:99:82:c4:0f:8d:76:9d:d5:d3:17:0c:94:
6f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:DB:A1:5F:EB:0C:BE:76:99:67:EE:29:9B:95:C5:E3:E0:17:2C:91
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3139342e35392e3232332e302f32342d3234203d3e20313939363134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.223.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:54:60:0b:22:6d:31:a5:18:7d:5e:34:c5:11:46:25:55:85:
68:2b:92:72:89:75:95:5d:12:ff:2d:d2:bb:3c:6c:66:9f:98:
bb:01:e1:46:67:af:99:f6:24:f4:6a:ef:90:dc:3e:7f:c0:5e:
b3:b0:e7:ef:bc:80:cc:09:9c:66:21:a5:47:a8:8e:21:f6:fe:
33:13:1e:07:dc:9e:f5:c3:fb:f0:57:dd:9a:5b:ea:e5:6d:57:
89:cb:cf:e0:af:55:d9:14:5e:3a:8e:2c:84:d4:86:dc:80:b1:
e5:8d:49:2b:3f:bb:fe:2c:c5:cd:f6:9e:01:a9:ca:2f:b4:88:
1f:24:f9:d3:1e:41:93:6c:3d:cd:54:b4:95:c2:d8:b6:ce:07:
b6:b5:7b:a0:fb:1d:37:4f:1c:ec:89:a2:1c:09:41:44:60:26:
90:1d:cf:2d:23:9f:66:90:28:ee:f3:3a:29:9d:80:23:7d:c7:
93:ac:2f:ce:60:f9:64:63:b1:67:4e:b2:fb:e8:7a:f2:ca:bc:
2f:a4:60:a7:86:f3:6a:12:ea:a3:c7:10:bc:a1:0c:f9:81:e8:
ba:0e:c2:52:34:34:f1:5c:89:c9:89:63:53:41:4e:ea:15:11:
eb:05:8b:08:ca:33:3e:db:ac:8b:17:15:67:4f:37:9b:53:1c:
85:a0:e1:24
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJEBCIKya7iBNBihFMhEXdD5vvFswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yMzEyMjIwNzM2MjRaFw0yNDEyMjAwNzQxMjRaMDMxMTAvBgNV
BAMTKDA1REJBMTVGRUIwQ0JFNzY5OTY3RUUyOTlCOTVDNUUzRTAxNzJDOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxbo7aOmGVBixVokw/Cyu25ElJ
3lBflWsaLr0DRql0pUxbmLvCG6fk3mTXNSNr7y4q0u3YkwS8KTliKXSGFVNcyuMf
hVBIMB+FWbnj1+97LZiODN6BT2F2M+B/CNqNtIGWxRLSEtBznfGq1dapf5TGz9ir
ABsIAchTEHcYHqow8YllY+II1D6XyiUt+4qLIjtrbkj6PkVx4ttu/WnSxsPdLSg4
IrOltVU7gEoJuVFm9flAu0/4bsVOI8qWBlcSKnkYRnvrobCN7Y8a492H5r4qVBbx
2kiDtDcQX5p8Ijs4nlGUKByHr0JBdx1odSxZtKD/zpmCxA+Ndp3V0xcMlG/bAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUBduhX+sMvnaZZ+4pm5XF4+AXLJEwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzOTM0MmUzNTM5MmUzMjMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzkzNjMxMzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCO98wDQYJKoZIhvcNAQELBQADggEBAF1UYAsibTGlGH1eNMURRiVVhWgrknKJ
dZVdEv8t0rs8bGafmLsB4UZnr5n2JPRq75DcPn/AXrOw5++8gMwJnGYhpUeojiH2
/jMTHgfcnvXD+/BX3Zpb6uVtV4nLz+CvVdkUXjqOLITUhtyAseWNSSs/u/4sxc32
ngGpyi+0iB8k+dMeQZNsPc1UtJXC2LbOB7a1e6D7HTdPHOyJohwJQURgJpAdzy0j
n2aQKO7zOimdgCN9x5OsL85g+WRjsWdOsvvoevLKvC+kYKeG82oS6qPHELyhDPmB
6LoOwlI0NPFcicmJY1NBTuoVEesFiwjKMz7brIsXFWdPN5tTHIWg4SQ=
-----END CERTIFICATE-----
Generated at Tue Jun 25 12:07:53 2024 by rpki-client on console-fra.rpki-client.org