![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
File: 09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa (raw, json)
Hash identifier: IdZajyGfYIwxtsyHOdgFYdb/WJipE9r/0l5XNsIXJ3E=
Subject key identifier: 96:2F:78:3D:F2:81:CE:52:1C:C7:D8:1F:4D:C2:C5:6E:C6:BC:6B:DD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 59584D6A1AEC279E88D94AE0B794DA6775246F4E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
Signing time: Wed 05 Feb 2025 00:00:00 +0000
ROA not before: Wed 05 Feb 2025 00:00:00 +0000
ROA not after: Wed 12 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.122.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:58:4d:6a:1a:ec:27:9e:88:d9:4a:e0:b7:94:da:67:75:24:6f:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 5 00:00:00 2025 GMT
Not After : Mar 12 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:19:1d:4e:4e:10:eb:97:74:d3:99:7b:1b:f4:
04:86:7d:be:75:cf:95:15:7d:9d:5e:23:2b:d1:e5:
77:ba:7a:f1:bf:0e:e9:17:e7:a1:56:4b:0e:31:be:
29:ce:a8:ce:d8:72:b9:9f:16:24:b8:c2:1d:57:ef:
d2:3c:ce:56:f1:17:87:58:13:50:73:e6:5c:c1:29:
f6:1b:f0:71:8d:b4:ea:b9:61:b4:53:cf:aa:cb:97:
5c:57:5d:78:66:54:b2:6f:de:e4:4a:52:bd:c4:82:
79:d8:d8:ad:8d:29:2f:92:8c:67:08:c5:ee:67:93:
46:d2:34:be:e9:d6:4d:34:c6:ed:ac:dd:50:4a:1f:
b3:4d:8d:ca:40:84:d8:c6:f1:45:84:33:e6:40:61:
42:30:f7:26:40:75:a5:b7:c4:88:6c:02:5a:fe:cf:
ce:21:e8:56:21:72:52:00:e5:60:73:6e:f3:bb:11:
0a:af:0d:43:a0:00:33:14:99:7f:a1:c0:9f:2a:9f:
11:5f:f2:05:44:d9:80:05:00:e4:a8:46:25:4b:a0:
d5:15:c0:8b:c5:eb:42:2b:c0:15:bf:5c:c2:cf:e5:
ca:fe:78:01:b6:b5:3d:ab:ad:30:de:3b:89:c5:ef:
a6:bd:b0:70:00:d7:73:ec:f6:d5:a0:ae:82:b8:c3:
cb:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:2F:78:3D:F2:81:CE:52:1C:C7:D8:1F:4D:C2:C5:6E:C6:BC:6B:DD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.122.0.0/15
Signature Algorithm: sha256WithRSAEncryption
12:1a:c4:67:e6:9b:85:10:8f:14:98:12:c1:6e:c9:25:7c:7a:
64:5f:27:ed:75:34:4d:79:fa:93:4d:25:77:9b:d1:76:37:5c:
01:c3:52:19:c5:30:46:9b:f3:29:d0:03:b8:3f:70:5e:58:3c:
d7:5f:65:45:3d:ed:57:5b:88:e6:25:53:a4:f6:11:3d:7f:66:
87:29:81:93:5e:35:d1:78:97:07:82:f4:48:84:c4:3d:30:f8:
c3:c8:2b:b1:75:5c:9c:69:ef:0e:77:7f:16:b4:a4:36:cd:d7:
d0:b5:a9:5e:03:6e:6e:26:62:82:ca:43:bb:77:7b:1c:2c:a3:
a5:85:ac:61:bf:80:02:b9:c5:ca:c0:8e:54:8d:69:da:21:f0:
ef:05:ad:55:ef:9f:d7:94:3b:59:81:68:f5:78:e2:04:ed:de:
6e:ed:78:ef:77:72:84:ed:3f:e1:01:76:ae:02:a2:5d:9f:ff:
81:20:d6:eb:27:00:52:e3:7a:bb:09:88:7b:91:9c:5c:44:6c:
53:f7:94:85:67:a1:59:e9:c0:48:a9:95:da:cb:ce:09:4d:c7:
d1:5e:d5:44:8b:c2:26:65:14:f3:30:c8:1c:aa:4d:be:e0:c2:
3d:05:f8:f2:b4:5c:93:b3:be:bc:a7:1f:52:6c:c4:c7:d7:de:
b0:91:32:e5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWVhNahrsJ56I2Urgt5TaZ3Ukb04wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAyMDUwMDAwMDBaFw0yNTAzMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3MzUyYjE5NmZjZmFhMjhlZDQyZGQ0ODNjMzY5ZDc1ODYyZmJiMjRjMDhk
ZTA5YjRhMTRjNzg3MTA0NWM0ZTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANoZHU5OEOuXdNOZexv0BIZ9vnXPlRV9nV4jK9Hld7p68b8O6RfnoVZLDjG+
Kc6ozthyuZ8WJLjCHVfv0jzOVvEXh1gTUHPmXMEp9hvwcY206rlhtFPPqsuXXFdd
eGZUsm/e5EpSvcSCedjYrY0pL5KMZwjF7meTRtI0vunWTTTG7azdUEofs02NykCE
2MbxRYQz5kBhQjD3JkB1pbfEiGwCWv7PziHoViFyUgDlYHNu87sRCq8NQ6AAMxSZ
f6HAnyqfEV/yBUTZgAUA5KhGJUug1RXAi8XrQivAFb9cws/lyv54Aba1PautMN47
icXvpr2wcADXc+z21aCugrjDy6kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSWL3g9
8oHOUhzH2B9NwsVuxrxr3TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDllYzk3Y2EtMDQ0ZS00Nzg1LWJkZDQtZmNmOWU4ZDUxNGNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN6MA0G
CSqGSIb3DQEBCwUAA4IBAQASGsRn5puFEI8UmBLBbsklfHpkXyftdTRNefqTTSV3
m9F2N1wBw1IZxTBGm/Mp0AO4P3BeWDzXX2VFPe1XW4jmJVOk9hE9f2aHKYGTXjXR
eJcHgvRIhMQ9MPjDyCuxdVycae8Od38WtKQ2zdfQtaleA25uJmKCykO7d3scLKOl
haxhv4ACucXKwI5UjWnaIfDvBa1V75/XlDtZgWj1eOIE7d5u7Xjvd3KE7T/hAXau
AqJdn/+BINbrJwBS43q7CYh7kZxcRGxT95SFZ6FZ6cBIqZXay84JTcfRXtVEi8Im
ZRTzMMgcqk2+4MI9BfjytFyTs768px9SbMTH196wkTLl
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:15:10 2025 by rpki-client