![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233382e302f32342d3234203d3e203438303730.roa
File: 39342e3132362e3233382e302f32342d3234203d3e203438303730.roa (raw, json)
Hash identifier: OmnLcyJ1Co2j9O9f3mPqPZ1zZrGr0TvCyFr4B0+4gco=
Subject key identifier: 8B:59:20:31:6E:1C:40:B8:59:E7:BB:E5:F6:F0:FA:11:20:20:94:1C
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 4C1D199FAAD0AF0636FAA244D420252EEE0D9A93
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233382e302f32342d3234203d3e203438303730.roa
Signing time: Tue 25 Jul 2023 15:01:34 +0000
ROA not before: Tue 25 Jul 2023 14:56:34 +0000
ROA not after: Tue 23 Jul 2024 15:01:34 +0000
asID: 48070
IP address blocks: 94.126.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:1d:19:9f:aa:d0:af:06:36:fa:a2:44:d4:20:25:2e:ee:0d:9a:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Jul 25 14:56:34 2023 GMT
Not After : Jul 23 15:01:34 2024 GMT
Subject: CN=8B5920316E1C40B859E7BBE5F6F0FA112020941C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e2:e7:1e:d4:71:a1:6f:35:69:23:ea:cc:db:
d8:17:a8:d8:a7:0c:b4:07:8a:8b:f6:a0:2a:7e:f6:
0d:85:56:9a:9d:8f:0f:31:f1:ab:8d:cc:a4:8e:a1:
07:b5:ad:45:a5:d9:a9:64:ad:18:b0:e3:fc:12:c6:
48:c9:79:38:8b:fb:f0:8f:21:bd:12:0e:a2:29:7c:
e0:33:32:8e:8c:94:11:f0:16:a5:b7:18:ee:6a:5d:
1c:41:ab:63:98:fa:a4:f9:1a:c5:3b:ff:32:7f:db:
dd:23:5a:e1:59:e5:03:cf:58:fe:d4:80:f0:06:67:
fc:f5:9e:d4:39:dd:da:eb:2a:49:d3:90:a8:15:9b:
3d:8f:7f:d1:5f:6f:0a:20:17:b0:1f:c5:17:65:76:
13:5a:12:7c:1d:63:ca:3a:aa:74:aa:0d:47:0f:c4:
6b:53:af:77:b1:19:10:b3:49:03:dd:14:30:46:b3:
16:26:36:df:5b:85:a3:8d:d9:81:8b:b3:cf:da:c7:
b0:d4:64:1d:fe:c5:99:5d:d3:e1:c6:f2:16:d7:e6:
98:ae:08:0f:40:63:5c:4e:46:52:31:07:36:55:e5:
9f:9a:f2:f6:28:2b:c6:42:e8:08:18:f9:d4:fd:cc:
37:df:40:13:64:97:8f:53:b5:36:4c:5f:f5:74:0d:
ff:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:59:20:31:6E:1C:40:B8:59:E7:BB:E5:F6:F0:FA:11:20:20:94:1C
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233382e302f32342d3234203d3e203438303730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.126.238.0/24
Signature Algorithm: sha256WithRSAEncryption
04:10:b2:e0:7d:b8:e8:d1:c9:dd:fe:db:c0:0e:9b:67:6b:0d:
f5:de:0d:3d:9c:3e:a8:58:96:12:0c:21:87:79:f2:73:2f:47:
de:b0:c2:d5:04:0d:42:6c:c5:54:32:83:03:13:58:c3:f1:9d:
6a:e6:ef:84:b1:ba:d1:b7:b3:b4:4a:f9:be:5f:5d:7b:ec:7c:
fc:02:77:d3:da:fa:66:5e:0d:d4:fc:60:08:9a:ab:88:56:e1:
bd:14:85:22:dd:92:ec:94:ff:fc:ec:9c:3c:93:2f:c2:57:42:
43:86:3e:96:ec:3e:73:35:4e:25:a9:46:b6:5b:7e:a7:6d:01:
7e:3e:41:ac:3a:ba:1e:17:cc:76:e1:95:89:f1:9e:49:c9:18:
94:97:1c:51:d8:47:8a:41:1b:7f:6f:64:7b:36:36:67:92:4b:
4a:56:79:68:f2:12:64:8c:95:d7:2b:72:b0:a3:90:5d:7c:b9:
c6:ca:82:8c:c0:2c:bf:4d:ec:1f:e4:22:c7:5f:c5:4f:c6:ab:
ff:25:7a:96:a9:01:17:ba:0f:34:ae:62:de:91:bb:d1:9e:b1:
c5:db:26:a1:94:71:42:31:1e:a9:7b:c7:e2:e4:2f:2a:01:be:
d0:5a:26:e3:a8:a7:6f:a4:b6:63:3f:8b:13:77:ae:08:77:72:
b4:11:ce:77
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTB0Zn6rQrwY2+qJE1CAlLu4NmpMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yMzA3MjUxNDU2MzRaFw0yNDA3MjMxNTAxMzRaMDMxMTAvBgNV
BAMTKDhCNTkyMDMxNkUxQzQwQjg1OUU3QkJFNUY2RjBGQTExMjAyMDk0MUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk4uce1HGhbzVpI+rM29gXqNin
DLQHiov2oCp+9g2FVpqdjw8x8auNzKSOoQe1rUWl2alkrRiw4/wSxkjJeTiL+/CP
Ib0SDqIpfOAzMo6MlBHwFqW3GO5qXRxBq2OY+qT5GsU7/zJ/290jWuFZ5QPPWP7U
gPAGZ/z1ntQ53drrKknTkKgVmz2Pf9FfbwogF7AfxRdldhNaEnwdY8o6qnSqDUcP
xGtTr3exGRCzSQPdFDBGsxYmNt9bhaON2YGLs8/ax7DUZB3+xZld0+HG8hbX5piu
CA9AY1xORlIxBzZV5Z+a8vYoK8ZC6AgY+dT9zDffQBNkl49TtTZMX/V0Df95AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUi1kgMW4cQLhZ57vl9vD6ESAglBwwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzkzNDJlMzEzMjM2MmUzMjMz
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM4MzAzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Xn7uMA0GCSqGSIb3DQEBCwUAA4IBAQAEELLgfbjo0cnd/tvADptnaw313g09nD6o
WJYSDCGHefJzL0fesMLVBA1CbMVUMoMDE1jD8Z1q5u+EsbrRt7O0Svm+X1177Hz8
AnfT2vpmXg3U/GAImquIVuG9FIUi3ZLslP/87Jw8ky/CV0JDhj6W7D5zNU4lqUa2
W36nbQF+PkGsOroeF8x24ZWJ8Z5JyRiUlxxR2EeKQRt/b2R7NjZnkktKVnlo8hJk
jJXXK3Kwo5BdfLnGyoKMwCy/Tewf5CLHX8VPxqv/JXqWqQEXug80rmLekbvRnrHF
2yahlHFCMR6pe8fi5C8qAb7QWibjqKdvpLZjP4sTd64Id3K0Ec53
-----END CERTIFICATE-----
Generated at Fri Jun 21 08:54:24 2024 by rpki-client on console-fra.rpki-client.org