![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/cc083c-fe76-443f-a214-54d20d88915d/1/0c5UM22NrPug-PHarETLG-UCccg.roa
File: 0c5UM22NrPug-PHarETLG-UCccg.roa (raw, json)
Hash identifier: XLBscBgSKAn4G0BeDwUgfwpl7vCzp2VbaXlIgzu9HUQ=
Subject key identifier: D1:CE:54:33:6D:8D:AC:FB:A0:F8:F1:DA:AC:44:CB:1B:E5:02:71:C8
Certificate issuer: /CN=c6b36fea22c366d08a4b546ac83f4485b2b1e159
Certificate serial: 018E3A09322996FA7BE90A12C3011819FAC1
Authority key identifier: C6:B3:6F:EA:22:C3:66:D0:8A:4B:54:6A:C8:3F:44:85:B2:B1:E1:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xrNv6iLDZtCKS1RqyD9EhbKx4Vk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/cc083c-fe76-443f-a214-54d20d88915d/1/0c5UM22NrPug-PHarETLG-UCccg.roa
Signing time: Wed 13 Mar 2024 22:57:44 +0000
ROA not before: Wed 13 Mar 2024 22:57:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215332
IP address blocks: 2001:67c:93c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/cc083c-fe76-443f-a214-54d20d88915d/1/xrNv6iLDZtCKS1RqyD9EhbKx4Vk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/cc083c-fe76-443f-a214-54d20d88915d/1/xrNv6iLDZtCKS1RqyD9EhbKx4Vk.mft
rsync://rpki.ripe.net/repository/DEFAULT/xrNv6iLDZtCKS1RqyD9EhbKx4Vk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 10:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3a:09:32:29:96:fa:7b:e9:0a:12:c3:01:18:19:fa:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6b36fea22c366d08a4b546ac83f4485b2b1e159
Validity
Not Before: Mar 13 22:57:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1ce54336d8dacfba0f8f1daac44cb1be50271c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:93:ed:ea:64:60:e1:a5:37:32:18:81:9c:ba:
c2:ea:7f:d2:36:5a:13:a8:56:d1:0a:5a:37:5a:68:
97:39:52:34:bc:bb:c5:12:64:13:a0:30:e3:27:7b:
af:81:5f:eb:49:bf:ee:9f:5d:2e:1e:75:87:d6:dd:
4d:98:45:d6:06:b6:33:bf:4e:83:d2:8b:fc:81:14:
c5:4a:61:1b:7d:34:26:5f:c1:db:12:de:fe:99:5a:
92:e3:a1:ce:86:be:4f:64:97:58:c6:a2:15:95:1b:
97:8e:a7:d8:69:0c:57:06:4c:92:3a:0e:64:5e:f9:
4c:a4:c0:a8:f8:a3:77:17:0e:f1:cd:0d:83:83:66:
fe:25:99:2c:43:98:c4:b6:6d:62:a1:40:65:a3:3e:
64:e1:54:6f:7f:24:65:46:30:92:c5:be:d2:4c:4d:
08:7e:d9:35:a9:77:8c:cb:7f:a2:ed:99:8a:25:6f:
50:43:3c:60:d1:cf:ab:4e:75:52:01:27:01:00:4a:
8e:b6:72:76:c8:d4:2a:2e:44:25:04:1a:c3:65:88:
64:b9:95:ae:c5:d4:31:ba:07:36:14:25:35:c5:51:
15:50:b3:11:e5:a6:f5:f2:cc:42:e8:2a:9a:d6:e7:
7b:83:0c:8c:1e:9d:c2:ed:32:70:b4:a6:6c:2b:fa:
c9:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:CE:54:33:6D:8D:AC:FB:A0:F8:F1:DA:AC:44:CB:1B:E5:02:71:C8
X509v3 Authority Key Identifier:
keyid:C6:B3:6F:EA:22:C3:66:D0:8A:4B:54:6A:C8:3F:44:85:B2:B1:E1:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xrNv6iLDZtCKS1RqyD9EhbKx4Vk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cc083c-fe76-443f-a214-54d20d88915d/1/0c5UM22NrPug-PHarETLG-UCccg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cc083c-fe76-443f-a214-54d20d88915d/1/xrNv6iLDZtCKS1RqyD9EhbKx4Vk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:93c::/48
Signature Algorithm: sha256WithRSAEncryption
79:82:b5:e3:56:14:50:ae:6a:83:75:b3:8a:66:59:b5:76:ab:
71:7c:9f:56:3e:57:08:1e:7d:32:9c:1e:c0:fd:52:6c:3e:2b:
80:90:a2:80:2e:3b:b1:4b:16:67:1c:6d:3b:d0:96:79:67:58:
56:1a:7b:c7:6e:e7:88:42:f0:da:4c:5d:35:c9:81:7e:0f:e7:
60:b1:a4:ac:dd:02:7e:48:e7:a7:40:0d:a1:c7:35:92:22:44:
e3:8d:58:61:b6:5b:b5:61:84:d7:1f:e5:13:76:e5:94:4d:43:
08:76:b7:a5:c9:ca:32:cc:44:2c:9e:33:b4:90:08:98:27:ad:
ed:48:fa:85:75:e4:ac:2c:07:a8:8c:cf:78:6d:90:a6:b4:59:
07:b7:fe:a0:7a:25:c4:cc:b7:da:1d:51:fb:19:69:66:66:6a:
fb:c4:7e:ab:56:f8:aa:82:d2:ee:b3:4a:10:f1:be:ed:ff:98:
de:e4:2a:4f:44:fa:10:8e:ee:b3:fb:6e:e0:5f:c9:e8:db:b9:
60:69:7a:7e:ff:fe:99:66:70:61:53:cc:d9:59:5e:66:ae:9e:
64:4a:5c:09:2c:38:dd:2d:2b:a6:71:35:8b:8e:8e:ff:39:31:
38:eb:00:f7:35:9d:d6:49:9b:50:b0:a5:03:7e:a6:26:e9:75:
11:ce:1b:0c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY46CTIplvp76QoSwwEYGfrBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YjM2ZmVhMjJjMzY2ZDA4YTRiNTQ2YWM4M2Y0NDg1YjJi
MWUxNTkwHhcNMjQwMzEzMjI1NzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWNlNTQzMzZkOGRhY2ZiYTBmOGYxZGFhYzQ0Y2IxYmU1MDI3MWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZPt6mRg4aU3MhiBnLrC6n/SNloT
qFbRClo3WmiXOVI0vLvFEmQToDDjJ3uvgV/rSb/un10uHnWH1t1NmEXWBrYzv06D
0ov8gRTFSmEbfTQmX8HbEt7+mVqS46HOhr5PZJdYxqIVlRuXjqfYaQxXBkySOg5k
XvlMpMCo+KN3Fw7xzQ2Dg2b+JZksQ5jEtm1ioUBloz5k4VRvfyRlRjCSxb7STE0I
ftk1qXeMy3+i7ZmKJW9QQzxg0c+rTnVSAScBAEqOtnJ2yNQqLkQlBBrDZYhkuZWu
xdQxugc2FCU1xVEVULMR5ab18sxC6Cqa1ud7gwyMHp3C7TJwtKZsK/rJ/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNHOVDNtjaz7oPjx2qxEyxvlAnHIMB8GA1UdIwQY
MBaAFMazb+oiw2bQiktUasg/RIWyseFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHJOdjZpTERadENLUzFScXlEOUVoYkt4NFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jYzA4M2MtZmU3Ni00NDNmLWEyMTQt
NTRkMjBkODg5MTVkLzEvMGM1VU0yMk5yUHVnLVBIYXJFVExHLVVDY2NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jYzA4M2MtZmU3Ni00NDNmLWEyMTQtNTRkMjBkODg5MTVk
LzEveHJOdjZpTERadENLUzFScXlEOUVoYkt4NFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAk8
MA0GCSqGSIb3DQEBCwUAA4IBAQB5grXjVhRQrmqDdbOKZlm1dqtxfJ9WPlcIHn0y
nB7A/VJsPiuAkKKALjuxSxZnHG070JZ5Z1hWGnvHbueIQvDaTF01yYF+D+dgsaSs
3QJ+SOenQA2hxzWSIkTjjVhhtlu1YYTXH+UTduWUTUMIdrelycoyzEQsnjO0kAiY
J63tSPqFdeSsLAeojM94bZCmtFkHt/6geiXEzLfaHVH7GWlmZmr7xH6rVviqgtLu
s0oQ8b7t/5je5CpPRPoQju6z+27gX8no27lgaXp+//6ZZnBhU8zZWV5mrp5kSlwJ
LDjdLSumcTWLjo7/OTE46wD3NZ3WSZtQsKUDfqYm6XURzhsM
-----END CERTIFICATE-----
Generated at Mon Jul 1 15:52:20 2024 by rpki-client on console-fra.rpki-client.org