![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS141968.roa
File: AS141968.roa (raw, json)
Hash identifier: rUn32cxgR16dxD9ivbgI6aLeqHOthwBgV12wXLvx91A=
Subject key identifier: F0:94:E7:BA:91:31:9B:98:65:4C:56:1A:8B:B4:C2:5D:7F:EE:60:8E
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 4144E677B59AD633B4E7456DB95375A61AB432D9
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS141968.roa
Signing time: Wed 20 Dec 2023 08:05:08 +0000
ROA not before: Wed 20 Dec 2023 08:00:08 +0000
ROA not after: Wed 18 Dec 2024 08:05:08 +0000
asID: 141968
IP address blocks: 45.149.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Jun 2024 11:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:44:e6:77:b5:9a:d6:33:b4:e7:45:6d:b9:53:75:a6:1a:b4:32:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Dec 20 08:00:08 2023 GMT
Not After : Dec 18 08:05:08 2024 GMT
Subject: CN=F094E7BA91319B98654C561A8BB4C25D7FEE608E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:2c:30:21:85:27:fb:35:13:fa:b4:7e:43:12:
8a:28:ce:47:44:42:73:0b:9a:ae:ff:3f:e6:dd:ec:
45:e3:e6:40:e8:78:d2:b1:98:a8:0d:27:d7:43:5a:
a4:95:09:15:95:a1:3c:d9:44:1b:ce:ff:e1:0f:f0:
2c:e7:ad:c0:ee:66:cc:dd:e1:a7:c0:49:5f:8a:80:
e6:54:64:da:97:35:1c:3a:cb:08:3a:9f:aa:d3:5c:
8b:3e:97:eb:96:1f:f8:a8:99:91:5c:c7:80:c2:4a:
71:b3:96:11:1b:0f:b1:59:a2:c3:2b:ee:7d:ef:5a:
dd:ef:70:7c:2d:93:f5:b4:4b:87:3f:dc:dd:c4:b5:
51:66:db:c6:70:0c:fd:4f:ac:00:34:c7:98:cb:4c:
f7:4b:dc:05:3e:9b:b8:2d:98:6b:f2:98:40:28:be:
ae:18:b3:b6:60:be:84:9b:9d:77:22:33:47:75:e1:
fa:d3:21:37:c0:1a:f8:13:40:9a:e8:8b:8a:77:9a:
86:4f:96:bc:4b:09:41:01:8c:4b:1b:c1:56:71:c9:
33:7c:8b:1c:d7:9b:18:cc:b8:91:b8:be:73:27:1c:
27:be:db:e0:f8:87:86:0e:28:c3:e1:9c:bf:bf:23:
be:8d:65:10:2f:e5:90:b1:61:6b:75:27:f9:e4:12:
77:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:94:E7:BA:91:31:9B:98:65:4C:56:1A:8B:B4:C2:5D:7F:EE:60:8E
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS141968.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.187.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:dd:68:b2:2c:6b:e7:9b:d7:3e:a6:9f:a4:5e:e8:43:b0:20:
49:8a:49:31:cf:25:cf:0d:a4:34:45:01:43:b7:90:aa:4c:d8:
76:08:4d:de:6a:f3:89:ff:36:41:d1:4b:89:4d:4f:82:69:77:
5b:f5:ad:7f:4e:b2:9c:18:1f:d4:38:c9:37:94:70:97:a2:6a:
a9:78:20:55:e5:4b:76:15:ea:1b:11:da:04:b3:d9:3e:0f:d3:
3e:e5:af:64:dc:d1:b0:20:62:11:cc:de:bd:1f:26:e7:04:08:
7c:db:eb:ba:f5:ac:9e:9e:c3:76:8f:25:04:d0:d4:05:56:e1:
6a:34:00:35:c1:b9:d0:47:c8:b8:93:6c:8a:32:31:1d:68:12:
2f:68:29:49:9f:2a:fe:c8:7b:2e:78:ac:17:eb:b9:7b:6b:3d:
d4:51:6c:9d:e6:da:a1:c5:d8:de:37:8b:40:a5:91:ac:38:f9:
0c:b2:c0:b6:60:7c:53:1b:81:75:dd:4b:cc:e1:e2:47:74:93:
08:16:ab:07:1e:0f:10:e7:7e:2f:68:07:bc:c4:88:1a:c3:34:
f0:cc:d0:ae:46:c2:0f:77:7e:f1:ff:98:e0:84:a1:64:33:ef:
fd:52:32:21:41:92:9d:d3:2f:5b:4e:45:45:07:0d:5c:28:1e:
ef:fe:c7:52
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUQUTmd7Wa1jO050VtuVN1phq0MtkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yMzEyMjAwODAwMDhaFw0yNDEyMTgwODA1MDhaMDMxMTAvBgNV
BAMTKEYwOTRFN0JBOTEzMTlCOTg2NTRDNTYxQThCQjRDMjVEN0ZFRTYwOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKLDAhhSf7NRP6tH5DEooozkdE
QnMLmq7/P+bd7EXj5kDoeNKxmKgNJ9dDWqSVCRWVoTzZRBvO/+EP8CznrcDuZszd
4afASV+KgOZUZNqXNRw6ywg6n6rTXIs+l+uWH/iomZFcx4DCSnGzlhEbD7FZosMr
7n3vWt3vcHwtk/W0S4c/3N3EtVFm28ZwDP1PrAA0x5jLTPdL3AU+m7gtmGvymEAo
vq4Ys7ZgvoSbnXciM0d14frTITfAGvgTQJroi4p3moZPlrxLCUEBjEsbwVZxyTN8
ixzXmxjMuJG4vnMnHCe+2+D4h4YOKMPhnL+/I76NZRAv5ZCxYWt1J/nkEneLAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU8JTnupExm5hlTFYai7TCXX/uYI4wHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMTQxOTY4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZW7
MA0GCSqGSIb3DQEBCwUAA4IBAQAq3WiyLGvnm9c+pp+kXuhDsCBJikkxzyXPDaQ0
RQFDt5CqTNh2CE3eavOJ/zZB0UuJTU+CaXdb9a1/TrKcGB/UOMk3lHCXomqpeCBV
5Ut2FeobEdoEs9k+D9M+5a9k3NGwIGIRzN69HybnBAh82+u69ayensN2jyUE0NQF
VuFqNAA1wbnQR8i4k2yKMjEdaBIvaClJnyr+yHsueKwX67l7az3UUWyd5tqhxdje
N4tApZGsOPkMssC2YHxTG4F13UvM4eJHdJMIFqsHHg8Q534vaAe8xIgawzTwzNCu
RsIPd37x/5jghKFkM+/9UjIhQZKd0y9bTkVFBw1cKB7v/sdS
-----END CERTIFICATE-----
Generated at Fri Jun 14 13:48:46 2024 by rpki-client on console-fra.rpki-client.org