![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233392e302f32342d3234203d3e203438303730.roa
File: 39342e3132362e3233392e302f32342d3234203d3e203438303730.roa (raw, json)
Hash identifier: pWYUWmEx6PLQORZVX3DVVTrO19XN7suVwsKHpOjuEr4=
Subject key identifier: 6F:2C:9F:10:44:6E:F2:67:0F:8F:8F:7E:E8:A2:E1:30:32:A0:3E:CB
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 0736D0C8CB38CEE8FDEEE67EE28DDAB7E77F5E45
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233392e302f32342d3234203d3e203438303730.roa
Signing time: Tue 25 Jul 2023 15:01:36 +0000
ROA not before: Tue 25 Jul 2023 14:56:36 +0000
ROA not after: Tue 23 Jul 2024 15:01:36 +0000
asID: 48070
IP address blocks: 94.126.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:36:d0:c8:cb:38:ce:e8:fd:ee:e6:7e:e2:8d:da:b7:e7:7f:5e:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Jul 25 14:56:36 2023 GMT
Not After : Jul 23 15:01:36 2024 GMT
Subject: CN=6F2C9F10446EF2670F8F8F7EE8A2E13032A03ECB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1c:c3:eb:56:42:08:6c:29:57:fe:e9:e5:a0:
53:0c:63:b6:41:5b:16:8d:0c:6a:15:e6:6f:1a:84:
0e:d3:e7:47:7a:7a:7f:0f:1b:03:ca:12:fd:d9:87:
c9:fc:51:0e:62:43:d2:bd:ad:24:e9:9a:53:f1:1c:
5c:cf:4a:86:12:36:95:02:a3:8a:9d:8f:cd:5e:57:
b0:02:e9:48:6b:6d:52:fb:00:e7:04:21:f4:db:97:
ff:f3:f1:c4:2a:1b:eb:2a:aa:bd:b4:bb:ac:6b:5a:
95:fc:8b:e0:28:55:51:9b:92:40:58:b2:0a:bf:c8:
6e:8e:29:cc:d8:62:a3:65:f3:94:41:e7:66:49:54:
f5:e4:97:65:94:61:d9:0b:2c:ce:91:85:13:f3:c7:
61:68:27:24:a7:6a:72:af:9b:d9:a5:88:e8:69:60:
61:d0:2d:4a:4b:c0:73:77:15:e2:16:03:61:fb:08:
45:07:38:e9:77:13:e1:4a:25:3a:3e:78:23:2c:8b:
e1:e6:8c:c8:ea:ce:f9:51:47:e4:9f:c1:3e:05:69:
57:8a:b6:1b:60:a5:40:cb:70:0a:05:49:e0:c5:9d:
18:16:36:74:25:8a:2e:ee:86:06:6e:31:4e:cc:08:
81:31:36:ae:9f:cb:ca:f5:7b:26:60:2a:54:eb:72:
27:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:2C:9F:10:44:6E:F2:67:0F:8F:8F:7E:E8:A2:E1:30:32:A0:3E:CB
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233392e302f32342d3234203d3e203438303730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.126.239.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:8c:eb:dc:d5:08:34:c5:11:e2:b7:38:08:81:4c:c5:74:a5:
70:7f:82:ed:a8:57:5e:5a:9b:b7:a5:49:f8:a6:e2:38:85:de:
0a:39:d8:9c:bb:d2:60:af:05:0a:d9:8f:4d:af:ea:31:c7:29:
17:be:7d:cf:d6:7a:b7:ca:7e:3a:5a:c1:06:e6:21:dd:b3:81:
47:69:11:db:62:8a:f6:b5:64:e2:7e:45:02:fb:46:dc:c2:8f:
71:c8:63:b0:4b:6c:2a:54:cb:a6:b6:ed:85:64:98:7e:f6:20:
e7:4e:1d:e4:2b:d1:95:eb:f4:c4:5c:b3:f7:9a:6c:9f:fb:ff:
b5:67:39:2b:30:6b:5a:30:f4:21:9f:fe:5c:a9:8a:73:13:b5:
36:4f:7b:ee:8a:cd:da:ed:b7:cd:a5:c9:20:d4:c8:01:c3:9b:
81:a7:9c:25:ed:ee:f9:02:73:09:70:ed:ff:9a:28:74:f1:1e:
86:e2:72:ef:5e:c2:ce:80:3b:84:1f:58:d4:bf:41:2f:62:f4:
d5:90:d6:20:da:82:6b:40:fa:a7:a2:9b:93:d7:08:6d:99:3c:
0b:fd:e1:ac:7f:5a:a7:3d:a5:f5:c1:e6:8c:22:fa:4a:f0:d1:
c7:e7:b6:87:ea:f1:b9:c8:74:a3:56:22:65:57:26:ff:d2:8e:
42:5c:91:90
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBzbQyMs4zuj97uZ+4o3at+d/XkUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yMzA3MjUxNDU2MzZaFw0yNDA3MjMxNTAxMzZaMDMxMTAvBgNV
BAMTKDZGMkM5RjEwNDQ2RUYyNjcwRjhGOEY3RUU4QTJFMTMwMzJBMDNFQ0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2HMPrVkIIbClX/unloFMMY7ZB
WxaNDGoV5m8ahA7T50d6en8PGwPKEv3Zh8n8UQ5iQ9K9rSTpmlPxHFzPSoYSNpUC
o4qdj81eV7AC6UhrbVL7AOcEIfTbl//z8cQqG+sqqr20u6xrWpX8i+AoVVGbkkBY
sgq/yG6OKczYYqNl85RB52ZJVPXkl2WUYdkLLM6RhRPzx2FoJySnanKvm9mliOhp
YGHQLUpLwHN3FeIWA2H7CEUHOOl3E+FKJTo+eCMsi+HmjMjqzvlRR+SfwT4FaVeK
thtgpUDLcAoFSeDFnRgWNnQlii7uhgZuMU7MCIExNq6fy8r1eyZgKlTrcicBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUbyyfEERu8mcPj49+6KLhMDKgPsswHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzkzNDJlMzEzMjM2MmUzMjMz
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM4MzAzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Xn7vMA0GCSqGSIb3DQEBCwUAA4IBAQDOjOvc1Qg0xRHitzgIgUzFdKVwf4LtqFde
Wpu3pUn4puI4hd4KOdicu9JgrwUK2Y9Nr+oxxykXvn3P1nq3yn46WsEG5iHds4FH
aRHbYor2tWTifkUC+0bcwo9xyGOwS2wqVMumtu2FZJh+9iDnTh3kK9GV6/TEXLP3
mmyf+/+1ZzkrMGtaMPQhn/5cqYpzE7U2T3vuis3a7bfNpckg1MgBw5uBp5wl7e75
AnMJcO3/mih08R6G4nLvXsLOgDuEH1jUv0EvYvTVkNYg2oJrQPqnopuT1whtmTwL
/eGsf1qnPaX1weaMIvpK8NHH57aH6vG5yHSjViJlVyb/0o5CXJGQ
-----END CERTIFICATE-----
Generated at Fri Jun 21 11:19:00 2024 by rpki-client on console-ams.rpki-client.org