![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/MupxJXIhUUWKqsCELLd67Cz33fc.roa
File: MupxJXIhUUWKqsCELLd67Cz33fc.roa (raw, json)
Hash identifier: zrhDw1HaEfOjdAxwW5TeJre6DoBTV72QIRH/gLiUeZY=
Subject key identifier: 32:EA:71:25:72:21:51:45:8A:AA:C0:84:2C:B7:7A:EC:2C:F7:DD:F7
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 0194228D9A88922EFF0AD61596D28D4A3FBA
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/MupxJXIhUUWKqsCELLd67Cz33fc.roa
Signing time: Wed 01 Jan 2025 15:48:12 +0000
ROA not before: Wed 01 Jan 2025 15:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57546
IP address blocks: 212.56.4.0/24 maxlen: 24
212.56.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:9a:88:92:2e:ff:0a:d6:15:96:d2:8d:4a:3f:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jan 1 15:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32ea7125722151458aaac0842cb77aec2cf7ddf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:64:ff:a0:c4:30:c2:8b:b5:61:af:3a:5c:f1:
3b:19:0c:95:17:8c:e7:4f:95:b1:fa:0f:d1:b2:a2:
a5:95:71:d1:5f:dc:8e:86:a2:4b:d0:e5:02:d8:1d:
62:cb:4d:c8:08:67:7c:bb:67:5a:71:18:e4:ba:3e:
7e:79:b5:1c:11:49:7d:a1:4b:77:27:07:8d:8c:5d:
66:6b:2b:c3:00:02:0c:dd:09:ae:ac:64:2a:13:17:
15:cf:8a:c7:31:7a:66:66:cd:ee:36:50:a1:d5:a8:
26:92:f5:05:ec:6d:74:1f:30:c0:9a:e6:6e:96:de:
f5:d8:0f:30:8e:ed:da:6a:28:aa:be:e7:29:14:bb:
73:1e:66:7a:74:01:c0:ec:e0:26:f7:c6:c6:16:07:
50:8e:73:99:d2:57:7b:4c:74:83:2c:3a:2c:83:ee:
d6:ba:ad:09:42:69:14:ab:0d:58:60:d1:96:f6:73:
c0:dd:65:e3:70:b4:e1:d4:b2:9a:bf:31:03:66:8b:
9f:50:be:3b:66:62:62:a5:2a:cb:3a:7a:69:69:85:
1a:fb:a6:36:27:48:33:d0:7d:6b:42:68:5e:54:01:
5d:81:d1:e8:84:fb:34:33:37:4e:20:f7:0c:25:47:
d9:69:32:01:b9:7a:95:74:f1:f5:15:9d:df:07:1c:
28:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:EA:71:25:72:21:51:45:8A:AA:C0:84:2C:B7:7A:EC:2C:F7:DD:F7
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/MupxJXIhUUWKqsCELLd67Cz33fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.56.4.0/23
Signature Algorithm: sha256WithRSAEncryption
05:5b:ee:b5:27:f9:45:e1:f6:f8:d3:dc:d9:35:ae:0e:73:24:
f1:25:97:33:22:21:a1:a8:24:6c:5c:b0:db:21:b4:8f:38:4b:
94:d8:19:58:de:67:29:64:f7:a9:8f:21:de:b9:16:c0:f4:22:
a8:76:b6:91:50:cd:96:9c:54:e2:9e:cf:2e:b8:72:38:95:0a:
34:4c:57:0e:6a:e4:3e:c8:c6:4e:3d:8b:6e:7b:6d:ed:cb:4d:
99:95:91:9d:24:1e:be:8a:fb:3d:35:cc:35:25:a3:69:f5:3c:
ef:93:ba:da:f7:74:6d:34:ea:94:6e:d2:46:d9:13:6d:67:81:
90:75:26:42:88:15:e8:90:a4:64:c5:23:be:56:3d:9b:a4:f6:
37:6f:84:4d:0f:d6:cc:c5:1a:c0:a4:0a:fc:88:4f:dc:30:30:
cc:13:14:ba:8c:91:55:9e:ee:31:a4:54:46:ab:9e:9e:d5:29:
6c:ca:20:bf:28:6f:f0:5a:8b:cd:aa:98:65:4d:6c:4a:39:e3:
8a:c0:ef:e9:09:f2:02:0e:aa:bd:2d:e5:9f:f6:04:5f:89:01:
36:7b:10:32:18:b2:ff:63:56:ec:8f:d9:3c:26:82:9b:a4:4a:
36:ec:a0:7d:1b:17:81:ed:26:82:ec:2e:26:03:42:dd:0e:c3:
b1:f1:08:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijZqIki7/CtYVltKNSj+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUwMTAxMTU0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmVhNzEyNTcyMjE1MTQ1OGFhYWMwODQyY2I3N2FlYzJjZjdkZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmT/oMQwwou1Ya86XPE7GQyVF4zn
T5Wx+g/RsqKllXHRX9yOhqJL0OUC2B1iy03ICGd8u2dacRjkuj5+ebUcEUl9oUt3
JweNjF1mayvDAAIM3QmurGQqExcVz4rHMXpmZs3uNlCh1agmkvUF7G10HzDAmuZu
lt712A8wju3aaiiqvucpFLtzHmZ6dAHA7OAm98bGFgdQjnOZ0ld7THSDLDosg+7W
uq0JQmkUqw1YYNGW9nPA3WXjcLTh1LKavzEDZoufUL47ZmJipSrLOnppaYUa+6Y2
J0gz0H1rQmheVAFdgdHohPs0MzdOIPcMJUfZaTIBuXqVdPH1FZ3fBxwoCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDLqcSVyIVFFiqrAhCy3euws9933MB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvTXVweEpYSWhVVVdLcXNDRUxMZDY3Q3ozM2ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1DgEMA0G
CSqGSIb3DQEBCwUAA4IBAQAFW+61J/lF4fb409zZNa4OcyTxJZczIiGhqCRsXLDb
IbSPOEuU2BlY3mcpZPepjyHeuRbA9CKodraRUM2WnFTins8uuHI4lQo0TFcOauQ+
yMZOPYtue23ty02ZlZGdJB6+ivs9Ncw1JaNp9Tzvk7ra93RtNOqUbtJG2RNtZ4GQ
dSZCiBXokKRkxSO+Vj2bpPY3b4RND9bMxRrApAr8iE/cMDDMExS6jJFVnu4xpFRG
q56e1SlsyiC/KG/wWovNqphlTWxKOeOKwO/pCfICDqq9LeWf9gRfiQE2exAyGLL/
Y1bsj9k8JoKbpEo27KB9GxeB7SaC7C4mA0LdDsOx8QgF
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:20:24 2025 by rpki-client