![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/326130363a356563303a3a2f34382d3438203d3e20323034363933.roa
File: 326130363a356563303a3a2f34382d3438203d3e20323034363933.roa (raw, json)
Hash identifier: Npn3y1PwrPmpHoOQk8eX2chV01+blvjtrPFPPDk7bV8=
Subject key identifier: 42:E1:E4:8B:59:F9:F0:1F:DF:53:4E:F2:73:62:63:80:AE:E0:A8:2C
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 765B42E4E2A2D85872CA2E5953DF53C15553DBB6
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/326130363a356563303a3a2f34382d3438203d3e20323034363933.roa
Signing time: Tue 05 Dec 2023 17:05:08 +0000
ROA not before: Tue 05 Dec 2023 17:00:08 +0000
ROA not after: Tue 03 Dec 2024 17:05:08 +0000
asID: 204693
IP address blocks: 2a06:5ec0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 11:16:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:5b:42:e4:e2:a2:d8:58:72:ca:2e:59:53:df:53:c1:55:53:db:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Dec 5 17:00:08 2023 GMT
Not After : Dec 3 17:05:08 2024 GMT
Subject: CN=42E1E48B59F9F01FDF534EF273626380AEE0A82C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e7:ba:e8:ec:68:fe:96:e2:91:c8:82:b8:5b:
2d:d8:2c:f8:e3:26:e0:78:69:a1:0c:9b:4c:95:f3:
b7:40:71:fe:f5:22:32:e8:eb:01:ac:b1:45:47:9b:
41:45:c1:23:65:f9:33:2d:fa:c5:0f:cd:68:3a:29:
60:07:b6:17:65:50:b5:9a:93:21:27:81:77:35:c3:
29:0c:6a:98:66:04:ac:a2:ef:0c:94:fc:ce:f0:32:
80:29:c9:f5:20:8b:bf:48:1d:30:29:1f:c5:31:60:
62:90:8f:df:02:8c:36:d7:96:43:cc:66:50:41:e4:
7d:80:68:4d:a0:e9:91:58:4f:29:5a:ad:74:e5:a3:
10:db:0d:ca:6c:c4:e1:6d:96:2e:8c:35:5c:eb:51:
0e:a9:53:66:ea:41:33:72:5a:fa:e8:21:68:9c:96:
b0:39:65:f7:0d:32:0c:86:39:56:28:fa:48:36:5c:
95:9e:b5:43:40:ae:aa:fb:44:b0:98:cd:88:35:e5:
06:e6:46:ba:80:27:1a:e5:91:cd:1a:3c:11:fb:87:
a2:04:c1:e1:f7:f9:a3:89:49:69:44:d9:92:1f:08:
83:bd:04:da:d3:49:61:18:3a:34:3d:13:ac:e9:06:
de:0c:e8:61:2d:1e:cf:ed:91:31:03:29:50:6b:ab:
00:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:E1:E4:8B:59:F9:F0:1F:DF:53:4E:F2:73:62:63:80:AE:E0:A8:2C
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/326130363a356563303a3a2f34382d3438203d3e20323034363933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:5ec0::/48
Signature Algorithm: sha256WithRSAEncryption
b6:21:75:2d:f0:2e:94:ea:0b:d4:3c:61:69:7b:82:58:59:69:
88:6e:74:73:7b:ad:af:77:56:e4:76:7d:ec:1e:36:0f:f8:38:
6e:24:61:20:f8:35:0e:fc:06:6d:8e:c4:93:42:35:86:f9:f0:
be:5d:88:fc:0c:87:dc:7d:16:07:e1:64:0b:3b:49:01:7f:e0:
9c:b3:be:7a:14:96:3b:5a:81:8d:92:4e:9f:10:09:48:1d:3a:
78:4e:7a:ce:1b:f7:5e:92:5e:cd:00:b3:14:8c:66:06:3d:8d:
56:39:79:3a:53:6b:35:a2:61:10:1e:32:4c:5e:42:37:19:df:
ac:4b:48:f8:67:27:6a:e9:76:15:2f:e6:bc:f0:a4:d7:b1:5b:
1d:3c:c9:52:20:15:bb:2e:02:80:56:83:ec:4b:e3:79:99:f9:
58:57:d1:17:18:2a:6d:e6:e4:d5:a1:b0:89:7d:0e:75:ff:7f:
2c:ab:b6:f4:98:4b:ee:90:6d:89:85:fe:07:29:d9:25:52:ea:
27:a1:65:90:85:83:af:34:4f:d8:24:d2:a3:96:6f:e9:0b:2f:
76:53:f1:78:4a:81:15:72:06:f3:5a:84:b7:77:5f:9d:5f:c9:
07:b7:72:78:da:f9:23:d5:66:67:32:63:e2:33:78:6b:10:3d:
b0:3d:e4:f4
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUdltC5OKi2Fhyyi5ZU99TwVVT27YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzEyMDUxNzAwMDhaFw0yNDEyMDMxNzA1MDhaMDMxMTAvBgNV
BAMTKDQyRTFFNDhCNTlGOUYwMUZERjUzNEVGMjczNjI2MzgwQUVFMEE4MkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA57ro7Gj+luKRyIK4Wy3YLPjj
JuB4aaEMm0yV87dAcf71IjLo6wGssUVHm0FFwSNl+TMt+sUPzWg6KWAHthdlULWa
kyEngXc1wykMaphmBKyi7wyU/M7wMoApyfUgi79IHTApH8UxYGKQj98CjDbXlkPM
ZlBB5H2AaE2g6ZFYTylarXTloxDbDcpsxOFtli6MNVzrUQ6pU2bqQTNyWvroIWic
lrA5ZfcNMgyGOVYo+kg2XJWetUNArqr7RLCYzYg15QbmRrqAJxrlkc0aPBH7h6IE
weH3+aOJSWlE2ZIfCIO9BNrTSWEYOjQ9E6zpBt4M6GEtHs/tkTEDKVBrqwDbAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUQuHki1n58B/fU07yc2JjgK7gqCwwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzI2MTMwMzYzYTM1NjU2MzMw
M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDM0MzYzOTMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcA
KgZewAAAMA0GCSqGSIb3DQEBCwUAA4IBAQC2IXUt8C6U6gvUPGFpe4JYWWmIbnRz
e62vd1bkdn3sHjYP+DhuJGEg+DUO/AZtjsSTQjWG+fC+XYj8DIfcfRYH4WQLO0kB
f+Ccs756FJY7WoGNkk6fEAlIHTp4TnrOG/dekl7NALMUjGYGPY1WOXk6U2s1omEQ
HjJMXkI3Gd+sS0j4Zydq6XYVL+a88KTXsVsdPMlSIBW7LgKAVoPsS+N5mflYV9EX
GCpt5uTVobCJfQ51/38sq7b0mEvukG2Jhf4HKdklUuonoWWQhYOvNE/YJNKjlm/p
Cy92U/F4SoEVcgbzWoS3d1+dX8kHt3J42vkj1WZnMmPiM3hrED2wPeT0
-----END CERTIFICATE-----
Generated at Sat Jun 15 19:32:54 2024 by rpki-client on console-ams.rpki-client.org