![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214989.roa
File: AS214989.roa (raw, json)
Hash identifier: HM5iU8IVGuylJ3VCedwfoRsr7lr3aWCQkDWgyXD6OHE=
Subject key identifier: 43:B1:6C:DC:43:45:9A:02:4D:BB:3C:42:00:44:96:31:B6:94:B0:53
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 748B847FB244D0DA0163AF40E5339EC621287822
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214989.roa
Signing time: Thu 23 May 2024 16:49:14 +0000
ROA not before: Thu 23 May 2024 16:44:14 +0000
ROA not after: Thu 22 May 2025 16:49:14 +0000
asID: 214989
IP address blocks: 2a0f:85c1:3cf::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.mft
rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:8b:84:7f:b2:44:d0:da:01:63:af:40:e5:33:9e:c6:21:28:78:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: May 23 16:44:14 2024 GMT
Not After : May 22 16:49:14 2025 GMT
Subject: CN=43B16CDC43459A024DBB3C4200449631B694B053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:0c:b1:d3:e1:9f:c5:4a:eb:5e:0d:03:e5:af:
bd:e1:17:0b:4a:f4:a2:6e:67:71:da:1b:af:2c:f0:
8c:0e:43:16:7f:a7:42:c8:7e:de:33:c5:49:b3:35:
a4:49:15:7d:30:52:5b:25:c6:5f:74:98:de:8b:70:
d6:5b:43:49:24:20:b4:ea:52:83:ca:59:6c:8f:0b:
47:e2:2d:48:ee:a2:e8:f2:54:8f:0a:5d:63:56:5b:
3e:49:c1:3c:fb:9f:8e:c5:fc:f1:5c:79:16:ce:d9:
1c:0b:59:81:c5:8c:fa:19:a7:1a:c1:48:d5:5c:82:
5d:0a:1a:f0:24:f6:ca:19:85:d9:7e:45:61:ed:fc:
fa:c0:b5:9f:f9:7d:f8:75:dc:f6:14:17:b8:c2:9a:
e0:c4:a5:be:06:26:d9:ee:ae:f4:ca:26:cc:d4:0d:
e9:cd:ee:5c:14:47:3b:63:64:b1:0d:e8:fb:0b:fd:
72:9d:90:f9:c7:09:0e:d2:23:d8:45:2e:9c:7a:61:
d5:2b:93:9a:98:55:6c:dd:d2:91:65:b9:90:62:3a:
42:63:b2:6d:65:69:83:2b:34:4f:60:19:ad:ea:df:
9d:bc:cb:d1:b9:2b:81:ef:45:5a:e9:b5:a4:23:4e:
a1:6e:3d:06:d5:e5:a1:6d:b4:a4:ee:85:6c:94:4d:
d4:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B1:6C:DC:43:45:9A:02:4D:BB:3C:42:00:44:96:31:B6:94:B0:53
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214989.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3cf::/48
Signature Algorithm: sha256WithRSAEncryption
98:9c:f9:3e:8c:48:03:eb:98:fb:7b:39:ff:ab:b0:05:43:17:
e4:60:67:38:d6:9c:fc:6d:d1:0e:51:d4:f4:8a:f8:68:57:97:
10:1a:5c:21:a7:ce:f2:a0:04:69:e7:fe:f1:0f:c5:00:88:c5:
7b:51:8d:5b:c7:4c:36:6d:38:f4:60:fa:f1:76:27:20:2f:11:
7a:b0:2b:9a:71:ce:70:77:14:aa:b6:c7:74:96:10:b1:89:d4:
c1:1d:12:15:c0:70:e5:0b:06:ec:d5:4a:4c:e3:0b:e9:e5:21:
fa:3d:43:1a:f0:b0:6c:63:b4:1f:49:87:23:ce:f1:21:16:63:
8a:98:87:42:8c:cf:1f:6c:cc:db:6a:5f:8a:ba:ce:e8:fd:c1:
19:9d:47:ac:52:2b:9e:96:1b:0c:61:1c:39:bb:7c:40:77:c3:
bf:98:7e:bc:7e:f1:f0:2a:d3:7e:23:f3:2a:3a:ed:0a:40:7b:
a1:d2:9b:bf:9b:7f:fb:66:8f:53:78:e8:ec:19:d1:0b:57:73:
ff:00:6d:63:e9:6c:81:59:e7:fa:33:0a:dd:95:11:08:16:9f:
71:88:1a:3c:e8:8f:0d:74:de:46:9f:ae:57:da:81:31:4a:18:
ed:6a:cd:cf:e0:51:e4:67:e9:09:22:8e:36:20:19:3a:f6:2c:
64:30:b9:5d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUdIuEf7JE0NoBY69A5TOexiEoeCIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA1MjMxNjQ0MTRaFw0yNTA1MjIxNjQ5MTRaMDMxMTAvBgNV
BAMTKDQzQjE2Q0RDNDM0NTlBMDI0REJCM0M0MjAwNDQ5NjMxQjY5NEIwNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQDLHT4Z/FSuteDQPlr73hFwtK
9KJuZ3HaG68s8IwOQxZ/p0LIft4zxUmzNaRJFX0wUlslxl90mN6LcNZbQ0kkILTq
UoPKWWyPC0fiLUjuoujyVI8KXWNWWz5JwTz7n47F/PFceRbO2RwLWYHFjPoZpxrB
SNVcgl0KGvAk9soZhdl+RWHt/PrAtZ/5ffh13PYUF7jCmuDEpb4GJtnurvTKJszU
DenN7lwURztjZLEN6PsL/XKdkPnHCQ7SI9hFLpx6YdUrk5qYVWzd0pFluZBiOkJj
sm1laYMrNE9gGa3q3528y9G5K4HvRVrptaQjTqFuPQbV5aFttKTuhWyUTdTjAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUQ7Fs3ENFmgJNuzxCAESWMbaUsFMwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE0OTg5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQPPMA0GCSqGSIb3DQEBCwUAA4IBAQCYnPk+jEgD65j7ezn/q7AFQxfkYGc41pz8
bdEOUdT0ivhoV5cQGlwhp87yoARp5/7xD8UAiMV7UY1bx0w2bTj0YPrxdicgLxF6
sCuacc5wdxSqtsd0lhCxidTBHRIVwHDlCwbs1UpM4wvp5SH6PUMa8LBsY7QfSYcj
zvEhFmOKmIdCjM8fbMzbal+Kus7o/cEZnUesUiuelhsMYRw5u3xAd8O/mH68fvHw
KtN+I/MqOu0KQHuh0pu/m3/7Zo9TeOjsGdELV3P/AG1j6WyBWef6MwrdlREIFp9x
iBo86I8NdN5Gn65X2oExShjtas3P4FHkZ+kJIo42IBk69ixkMLld
-----END CERTIFICATE-----
Generated at Wed Jun 26 05:17:46 2024 by rpki-client on console-fra.rpki-client.org