![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/9fd57c-90ef-44b0-93e4-fe5aed59a7d9/1/obw4nOA7tbdHTmeG8UDdlnqVl2Y.roa
File: obw4nOA7tbdHTmeG8UDdlnqVl2Y.roa (raw, json)
Hash identifier: irTwgjfFzy8NnkY/EBFl3pB1GcEZSVUg+iwZc/3vTSw=
Subject key identifier: A1:BC:38:9C:E0:3B:B5:B7:47:4E:67:86:F1:40:DD:96:7A:95:97:66
Certificate issuer: /CN=313cdbc4b4de5495ee61317d2e737c2c3f7f83ba
Certificate serial: 0194228D2346ECCA4FF1F9554C89C445A2FD
Authority key identifier: 31:3C:DB:C4:B4:DE:54:95:EE:61:31:7D:2E:73:7C:2C:3F:7F:83:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTzbxLTeVJXuYTF9LnN8LD9_g7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/9fd57c-90ef-44b0-93e4-fe5aed59a7d9/1/obw4nOA7tbdHTmeG8UDdlnqVl2Y.roa
Signing time: Wed 01 Jan 2025 15:47:42 +0000
ROA not before: Wed 01 Jan 2025 15:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39926
IP address blocks: 195.95.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/9fd57c-90ef-44b0-93e4-fe5aed59a7d9/1/MTzbxLTeVJXuYTF9LnN8LD9_g7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/9fd57c-90ef-44b0-93e4-fe5aed59a7d9/1/MTzbxLTeVJXuYTF9LnN8LD9_g7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTzbxLTeVJXuYTF9LnN8LD9_g7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 17:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:23:46:ec:ca:4f:f1:f9:55:4c:89:c4:45:a2:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=313cdbc4b4de5495ee61317d2e737c2c3f7f83ba
Validity
Not Before: Jan 1 15:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1bc389ce03bb5b7474e6786f140dd967a959766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:37:a7:54:8c:6a:ee:8f:bd:4b:8b:21:59:85:
ce:1f:f5:58:cb:04:1d:d1:a7:45:28:eb:17:1e:85:
b5:e7:ca:64:10:ac:f2:f7:61:fa:7b:34:62:0a:e9:
d9:56:f4:58:3c:80:09:25:27:96:37:88:f6:87:70:
c0:09:f0:08:32:89:1e:40:c6:ab:8c:e7:4b:74:01:
9b:88:00:06:12:38:e1:f5:18:a6:c2:65:cc:e4:76:
92:4a:26:de:b4:36:9b:67:4c:60:c7:82:45:6e:b2:
01:6c:44:7c:94:f3:1a:c8:2d:93:47:b5:64:df:52:
46:1d:60:7f:31:d1:bc:35:76:84:b1:87:76:3f:ca:
56:09:8d:c2:90:4c:0c:a4:36:77:f1:24:b8:d6:0f:
8a:b9:a5:d9:bc:d1:10:b5:f5:e4:f8:9a:bb:33:30:
83:9a:f3:23:c0:51:4e:48:e1:9b:48:99:6d:a2:8b:
3c:5f:79:c7:39:58:88:b4:ec:3b:cf:42:c2:f0:77:
66:77:9b:c1:bc:fe:57:84:b3:57:0a:6b:64:a7:37:
58:1d:60:d4:bd:91:83:f4:2c:78:38:de:6e:c1:99:
0d:13:86:99:7e:5f:23:db:df:e6:89:be:73:6a:ce:
4e:d4:41:c9:24:9a:03:f7:dd:70:c6:7a:c8:e1:5a:
ee:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:BC:38:9C:E0:3B:B5:B7:47:4E:67:86:F1:40:DD:96:7A:95:97:66
X509v3 Authority Key Identifier:
keyid:31:3C:DB:C4:B4:DE:54:95:EE:61:31:7D:2E:73:7C:2C:3F:7F:83:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTzbxLTeVJXuYTF9LnN8LD9_g7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/9fd57c-90ef-44b0-93e4-fe5aed59a7d9/1/obw4nOA7tbdHTmeG8UDdlnqVl2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/9fd57c-90ef-44b0-93e4-fe5aed59a7d9/1/MTzbxLTeVJXuYTF9LnN8LD9_g7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.95.142.0/24
Signature Algorithm: sha256WithRSAEncryption
77:98:5c:28:7f:12:e9:f4:f8:67:b6:e7:28:42:e2:d6:fd:93:
42:52:56:c9:ea:3c:0e:f7:f6:63:70:38:77:31:a4:3b:9e:63:
d2:3c:1f:37:55:9f:57:4c:7c:ae:55:73:13:14:27:ae:be:a7:
3e:db:79:0d:fd:fc:59:b0:4d:f5:93:00:00:ce:28:92:a2:0d:
36:bf:48:22:88:3c:b5:fa:e0:b9:81:56:e9:4d:a0:58:7b:56:
5f:83:e9:e2:83:a9:5c:5f:44:f5:94:85:1d:f3:9c:fe:a5:14:
95:6e:2f:93:5b:20:07:e1:b7:d3:0e:ae:81:b1:53:b2:ba:9a:
e8:e0:a5:96:d9:77:55:04:33:11:d8:1d:43:ec:45:ee:a2:e4:
1f:be:56:1d:15:3a:b4:dd:1a:a2:82:59:8a:10:15:bd:89:17:
d7:59:d2:a0:be:61:b3:69:40:58:8e:7f:c6:a7:bf:7f:50:00:
c2:00:29:71:d1:82:51:a7:cd:4a:5c:a6:2b:48:c8:6a:99:de:
c4:01:bd:6b:ce:8d:63:35:6b:93:f1:b7:9a:92:f2:80:6f:cc:
40:37:83:0a:cf:83:ff:f3:6b:1c:03:c3:fc:7e:86:e7:b0:d2:
01:21:c8:00:50:28:de:de:e9:d1:d1:f2:46:f5:75:6a:76:0c:
af:80:cf:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijSNG7MpP8flVTInERaL9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxM2NkYmM0YjRkZTU0OTVlZTYxMzE3ZDJlNzM3YzJjM2Y3
ZjgzYmEwHhcNMjUwMTAxMTU0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWJjMzg5Y2UwM2JiNWI3NDc0ZTY3ODZmMTQwZGQ5NjdhOTU5NzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6jenVIxq7o+9S4shWYXOH/VYywQd
0adFKOsXHoW158pkEKzy92H6ezRiCunZVvRYPIAJJSeWN4j2h3DACfAIMokeQMar
jOdLdAGbiAAGEjjh9RimwmXM5HaSSibetDabZ0xgx4JFbrIBbER8lPMayC2TR7Vk
31JGHWB/MdG8NXaEsYd2P8pWCY3CkEwMpDZ38SS41g+KuaXZvNEQtfXk+Jq7MzCD
mvMjwFFOSOGbSJltoos8X3nHOViItOw7z0LC8Hdmd5vBvP5XhLNXCmtkpzdYHWDU
vZGD9Cx4ON5uwZkNE4aZfl8j29/mib5zas5O1EHJJJoD991wxnrI4VruawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKG8OJzgO7W3R05nhvFA3ZZ6lZdmMB8GA1UdIwQY
MBaAFDE828S03lSV7mExfS5zfCw/f4O6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVR6YnhMVGVWSlh1WVRGOUxuTjhMRDlfZzdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny85ZmQ1N2MtOTBlZi00NGIwLTkzZTQt
ZmU1YWVkNTlhN2Q5LzEvb2J3NG5PQTd0YmRIVG1lRzhVRGRsbnFWbDJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny85ZmQ1N2MtOTBlZi00NGIwLTkzZTQtZmU1YWVkNTlhN2Q5
LzEvTVR6YnhMVGVWSlh1WVRGOUxuTjhMRDlfZzdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1+OMA0G
CSqGSIb3DQEBCwUAA4IBAQB3mFwofxLp9PhntucoQuLW/ZNCUlbJ6jwO9/ZjcDh3
MaQ7nmPSPB83VZ9XTHyuVXMTFCeuvqc+23kN/fxZsE31kwAAziiSog02v0giiDy1
+uC5gVbpTaBYe1Zfg+nig6lcX0T1lIUd85z+pRSVbi+TWyAH4bfTDq6BsVOyupro
4KWW2XdVBDMR2B1D7EXuouQfvlYdFTq03RqiglmKEBW9iRfXWdKgvmGzaUBYjn/G
p79/UADCAClx0YJRp81KXKYrSMhqmd7EAb1rzo1jNWuT8beakvKAb8xAN4MKz4P/
82scA8P8fobnsNIBIcgAUCje3unR0fJG9XVqdgyvgM//
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:32 2025 by rpki-client