![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233342e302f32342d3234203d3e203438303730.roa
File: 39342e3132362e3233342e302f32342d3234203d3e203438303730.roa (raw, json)
Hash identifier: auoRgq24c1W8o7y2jlFHjlevIw8l909HAwcxPZiugeM=
Subject key identifier: FB:1D:CE:54:62:6E:28:04:DC:2D:B5:AA:3C:55:D8:75:EF:08:26:4A
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 73DB99E916AB7892678C3802EA893CAFBA2CE0C3
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233342e302f32342d3234203d3e203438303730.roa
Signing time: Tue 25 Jul 2023 15:01:24 +0000
ROA not before: Tue 25 Jul 2023 14:56:24 +0000
ROA not after: Tue 23 Jul 2024 15:01:24 +0000
asID: 48070
IP address blocks: 94.126.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:db:99:e9:16:ab:78:92:67:8c:38:02:ea:89:3c:af:ba:2c:e0:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Jul 25 14:56:24 2023 GMT
Not After : Jul 23 15:01:24 2024 GMT
Subject: CN=FB1DCE54626E2804DC2DB5AA3C55D875EF08264A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:6b:46:95:1b:8e:a1:12:58:4e:a5:fb:51:13:
eb:29:47:f4:64:41:1f:10:39:5b:81:4f:89:6c:fa:
89:a8:b9:af:96:6a:8d:55:1b:53:c4:9b:1f:11:3e:
fc:8f:6b:33:da:02:43:59:60:00:af:90:42:15:9a:
6e:1c:11:53:3b:ce:59:9d:f8:d3:75:63:d6:d5:4c:
ed:25:7d:2c:00:26:c6:53:1c:32:5f:e3:ac:03:9f:
5d:44:f8:06:f0:fc:c5:81:29:d5:52:10:93:36:ba:
4d:2b:b5:98:93:0a:e1:a9:22:06:76:5f:82:62:ff:
15:bf:e2:f5:03:29:e4:4b:e8:91:d1:d7:32:61:9f:
92:a6:ab:f3:02:7f:49:c5:b8:41:02:56:46:60:9b:
b3:fa:8b:38:94:7c:30:e7:c8:9b:ac:cd:fa:d8:ac:
f5:1d:0b:a7:bd:fa:f1:80:b1:dc:64:57:21:52:f8:
ba:68:a3:8e:0c:62:1e:f6:03:0a:6f:87:8b:27:c4:
55:f6:0d:66:e5:7d:e0:17:ad:6b:04:a1:77:e6:28:
71:4c:e4:a5:cf:54:36:91:b0:51:34:93:6b:52:2a:
06:15:9b:21:98:27:42:47:53:36:94:7a:12:4d:45:
c8:8a:64:4f:72:fd:d1:37:27:28:f0:fa:4d:46:dc:
56:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:1D:CE:54:62:6E:28:04:DC:2D:B5:AA:3C:55:D8:75:EF:08:26:4A
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233342e302f32342d3234203d3e203438303730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.126.234.0/24
Signature Algorithm: sha256WithRSAEncryption
15:aa:19:f6:bb:c1:6f:dc:0d:f9:40:5f:fa:b1:87:37:45:bf:
c5:ce:8a:ba:46:79:3b:2d:c9:bd:ff:22:fc:c8:c1:ff:f9:66:
8d:ff:0c:41:cc:fd:05:d8:c1:f4:b8:17:f7:fa:b5:d4:8b:7c:
d2:34:b0:cb:32:77:59:ea:b7:b0:1a:85:a9:c3:84:ed:36:43:
c5:4d:a4:e9:76:b0:c4:6d:ad:03:52:42:76:44:51:89:be:2b:
e3:0e:b8:c1:31:d3:54:9b:ae:35:e8:50:1c:bb:e8:f5:2a:ac:
ff:73:ff:ec:4d:3e:d5:a1:20:78:51:1a:74:27:67:10:c3:de:
14:91:5c:cf:d3:07:6c:06:19:5b:6c:72:d8:bb:96:fd:ed:34:
20:7f:86:95:9f:e9:7e:63:5d:44:47:6c:03:60:d3:b2:fb:44:
67:ef:ba:39:c6:c6:24:78:9f:b1:e5:37:f4:4a:ea:5b:ff:28:
4e:5e:fc:8f:d5:6c:40:f1:dd:31:26:7c:1c:c1:f6:27:03:e0:
19:14:9b:86:7c:97:eb:4a:6d:ca:b2:38:d3:80:f4:a6:98:97:
69:64:2f:2b:27:f8:c2:ce:2a:8c:f9:aa:a7:ef:67:dc:f0:ac:
11:32:7e:88:62:1f:ad:d3:e0:d5:d8:d6:03:91:4d:e6:38:dd:
c4:dd:82:09
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUc9uZ6RareJJnjDgC6ok8r7os4MMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yMzA3MjUxNDU2MjRaFw0yNDA3MjMxNTAxMjRaMDMxMTAvBgNV
BAMTKEZCMURDRTU0NjI2RTI4MDREQzJEQjVBQTNDNTVEODc1RUYwODI2NEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZa0aVG46hElhOpftRE+spR/Rk
QR8QOVuBT4ls+omoua+Wao1VG1PEmx8RPvyPazPaAkNZYACvkEIVmm4cEVM7zlmd
+NN1Y9bVTO0lfSwAJsZTHDJf46wDn11E+Abw/MWBKdVSEJM2uk0rtZiTCuGpIgZ2
X4Ji/xW/4vUDKeRL6JHR1zJhn5Kmq/MCf0nFuEECVkZgm7P6iziUfDDnyJuszfrY
rPUdC6e9+vGAsdxkVyFS+Lpoo44MYh72Awpvh4snxFX2DWblfeAXrWsEoXfmKHFM
5KXPVDaRsFE0k2tSKgYVmyGYJ0JHUzaUehJNRciKZE9y/dE3Jyjw+k1G3FbdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU+x3OVGJuKATcLbWqPFXYde8IJkowHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzkzNDJlMzEzMjM2MmUzMjMz
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM4MzAzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Xn7qMA0GCSqGSIb3DQEBCwUAA4IBAQAVqhn2u8Fv3A35QF/6sYc3Rb/Fzoq6Rnk7
Lcm9/yL8yMH/+WaN/wxBzP0F2MH0uBf3+rXUi3zSNLDLMndZ6rewGoWpw4TtNkPF
TaTpdrDEba0DUkJ2RFGJvivjDrjBMdNUm6416FAcu+j1Kqz/c//sTT7VoSB4URp0
J2cQw94UkVzP0wdsBhlbbHLYu5b97TQgf4aVn+l+Y11ER2wDYNOy+0Rn77o5xsYk
eJ+x5Tf0Supb/yhOXvyP1WxA8d0xJnwcwfYnA+AZFJuGfJfrSm3KsjjTgPSmmJdp
ZC8rJ/jCziqM+aqn72fc8KwRMn6IYh+t0+DV2NYDkU3mON3E3YIJ
-----END CERTIFICATE-----
Generated at Fri Jun 21 11:19:00 2024 by rpki-client on console-ams.rpki-client.org