![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/8d7e85-00c0-40e0-aa80-c7dcc2391cc9/1/a9ofITqqYa60yp597jFNJiFfkDk.roa
File: a9ofITqqYa60yp597jFNJiFfkDk.roa (raw, json)
Hash identifier: +VNpTQzKJJZj8EZ6senrGu1+xne4/xLouiN0wCmmxbU=
Subject key identifier: 6B:DA:1F:21:3A:AA:61:AE:B4:CA:9E:7D:EE:31:4D:26:21:5F:90:39
Certificate issuer: /CN=aeb76321c8d469ee3ba023920b372ccda5de9e0f
Certificate serial: 019425FCB2CFF5DDDEEFD34539D606AF2784
Authority key identifier: AE:B7:63:21:C8:D4:69:EE:3B:A0:23:92:0B:37:2C:CD:A5:DE:9E:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rrdjIcjUae47oCOSCzcszaXeng8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/8d7e85-00c0-40e0-aa80-c7dcc2391cc9/1/a9ofITqqYa60yp597jFNJiFfkDk.roa
Signing time: Thu 02 Jan 2025 07:48:25 +0000
ROA not before: Thu 02 Jan 2025 07:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1152
IP address blocks: 2a0f:d980::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/8d7e85-00c0-40e0-aa80-c7dcc2391cc9/1/rrdjIcjUae47oCOSCzcszaXeng8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/8d7e85-00c0-40e0-aa80-c7dcc2391cc9/1/rrdjIcjUae47oCOSCzcszaXeng8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rrdjIcjUae47oCOSCzcszaXeng8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:b2:cf:f5:dd:de:ef:d3:45:39:d6:06:af:27:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeb76321c8d469ee3ba023920b372ccda5de9e0f
Validity
Not Before: Jan 2 07:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bda1f213aaa61aeb4ca9e7dee314d26215f9039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:13:da:6a:b0:63:6d:3f:7f:b3:92:5e:c4:08:
c5:3b:64:45:fa:f9:18:54:5e:2c:f8:71:f5:fa:46:
eb:d8:c8:19:ce:49:6d:1e:d3:32:14:74:d8:00:3f:
a5:5d:1c:df:a7:8b:17:2e:07:c2:f5:46:70:31:9c:
fb:1b:1e:71:39:86:bc:3f:72:d3:b7:83:b0:48:29:
27:82:31:82:0a:9f:34:d6:a6:ab:94:66:70:8a:6d:
fe:32:e2:fa:9f:08:32:e7:9d:a3:3b:a3:a3:a7:19:
63:11:b4:a5:18:52:d1:bb:ec:93:bf:ce:88:07:e7:
68:32:ad:f7:f0:0b:16:56:1c:45:10:1e:dd:c6:3a:
67:01:8a:ae:66:fa:05:60:5a:5e:43:8b:de:59:8f:
d1:f8:83:10:42:2f:4b:0e:2b:f0:8b:53:d2:d2:ef:
91:80:5b:43:6f:66:c2:c8:4d:30:c8:f5:94:0a:0e:
44:27:00:f1:d7:d1:f6:84:af:dc:f9:38:53:8d:44:
73:b7:be:7c:f5:9d:fa:57:a2:8c:0a:b8:84:42:01:
4b:05:4b:0e:ab:68:bd:cc:08:a3:dc:3e:aa:c3:81:
08:49:f1:f7:56:a0:ca:5b:37:f0:ce:96:e1:12:12:
bf:ad:33:6c:a9:39:18:7f:5b:8d:0a:1f:01:2e:90:
1d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:DA:1F:21:3A:AA:61:AE:B4:CA:9E:7D:EE:31:4D:26:21:5F:90:39
X509v3 Authority Key Identifier:
keyid:AE:B7:63:21:C8:D4:69:EE:3B:A0:23:92:0B:37:2C:CD:A5:DE:9E:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrdjIcjUae47oCOSCzcszaXeng8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/8d7e85-00c0-40e0-aa80-c7dcc2391cc9/1/a9ofITqqYa60yp597jFNJiFfkDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/8d7e85-00c0-40e0-aa80-c7dcc2391cc9/1/rrdjIcjUae47oCOSCzcszaXeng8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:d980::/32
Signature Algorithm: sha256WithRSAEncryption
1d:ee:1b:76:c5:9d:16:09:d8:53:ee:3c:cf:ee:b1:8c:a8:0d:
f1:5b:47:0e:fb:a7:eb:d0:57:6b:17:e4:c1:5c:9c:36:cf:a4:
0c:0d:5c:80:63:3d:c7:c6:26:5a:de:39:39:26:bd:ce:bb:68:
96:20:87:11:a9:df:14:c7:96:d4:2b:ab:ac:69:c3:91:eb:71:
82:94:8b:2c:0e:01:05:40:d8:78:dd:6d:05:be:3c:a7:c5:d1:
af:7e:f4:a7:c1:44:a0:10:b9:83:22:a0:ef:c8:87:d4:a0:b1:
c6:e8:32:36:ba:97:a4:d6:bd:90:3f:ef:b3:27:53:af:0b:76:
63:be:95:ff:f4:43:39:c5:19:a7:4f:51:12:ac:ae:c5:15:59:
0a:a1:7c:88:1b:91:d9:bc:45:21:e6:29:4d:e5:1f:91:67:08:
a6:48:a3:33:52:60:4e:15:81:60:66:64:f9:b0:9e:62:1f:19:
64:d3:b5:ee:95:3f:04:7e:3a:6f:1f:f7:f6:cc:bd:f2:7b:bd:
13:ce:17:39:34:36:1d:1a:8a:dc:29:31:0d:1b:18:4d:d5:87:
d4:2d:ab:ee:1d:e9:ba:76:14:cd:04:3c:d2:4a:7f:ab:7e:fa:
d3:c1:56:30:46:1c:0f:1b:3d:b5:23:e6:4c:95:23:b2:5a:e0:
d2:34:4e:6a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQl/LLP9d3e79NFOdYGryeEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYjc2MzIxYzhkNDY5ZWUzYmEwMjM5MjBiMzcyY2NkYTVk
ZTllMGYwHhcNMjUwMTAyMDc0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmRhMWYyMTNhYWE2MWFlYjRjYTllN2RlZTMxNGQyNjIxNWY5MDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBPaarBjbT9/s5JexAjFO2RF+vkY
VF4s+HH1+kbr2MgZzkltHtMyFHTYAD+lXRzfp4sXLgfC9UZwMZz7Gx5xOYa8P3LT
t4OwSCkngjGCCp801qarlGZwim3+MuL6nwgy552jO6OjpxljEbSlGFLRu+yTv86I
B+doMq338AsWVhxFEB7dxjpnAYquZvoFYFpeQ4veWY/R+IMQQi9LDivwi1PS0u+R
gFtDb2bCyE0wyPWUCg5EJwDx19H2hK/c+ThTjURzt7589Z36V6KMCriEQgFLBUsO
q2i9zAij3D6qw4EISfH3VqDKWzfwzpbhEhK/rTNsqTkYf1uNCh8BLpAdfwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGvaHyE6qmGutMqefe4xTSYhX5A5MB8GA1UdIwQY
MBaAFK63YyHI1GnuO6Ajkgs3LM2l3p4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJkakljalVhZTQ3b0NPU0N6Y3N6YVhlbmc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC84ZDdlODUtMDBjMC00MGUwLWFhODAt
YzdkY2MyMzkxY2M5LzEvYTlvZklUcXFZYTYweXA1OTdqRk5KaUZma0RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC84ZDdlODUtMDBjMC00MGUwLWFhODAtYzdkY2MyMzkxY2M5
LzEvcnJkakljalVhZTQ3b0NPU0N6Y3N6YVhlbmc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg/ZgDAN
BgkqhkiG9w0BAQsFAAOCAQEAHe4bdsWdFgnYU+48z+6xjKgN8VtHDvun69BXaxfk
wVycNs+kDA1cgGM9x8YmWt45OSa9zrtoliCHEanfFMeW1CurrGnDketxgpSLLA4B
BUDYeN1tBb48p8XRr370p8FEoBC5gyKg78iH1KCxxugyNrqXpNa9kD/vsydTrwt2
Y76V//RDOcUZp09REqyuxRVZCqF8iBuR2bxFIeYpTeUfkWcIpkijM1JgThWBYGZk
+bCeYh8ZZNO17pU/BH46bx/39sy98nu9E84XOTQ2HRqK3CkxDRsYTdWH1C2r7h3p
unYUzQQ80kp/q37608FWMEYcDxs9tSPmTJUjslrg0jROag==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:33 2025 by rpki-client