![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132302e302f32342d3234203d3e20313336373837.roa
File: 34352e3134312e3132302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: uKHKWarJnte5YpejJpJPgKQ6XO2auet6w1Wlug88vjk=
Subject key identifier: B1:EE:9B:C7:B8:66:B1:05:1A:87:AB:55:6C:6B:3E:A8:B8:94:0B:A3
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 774EA7BA2C1997EA2B6D170287DCF4690F87C011
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132302e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 01 Feb 2025 22:45:35 +0000
ROA not before: Sat 01 Feb 2025 22:40:35 +0000
ROA not after: Sat 31 Jan 2026 22:45:35 +0000
asID: 136787
IP address blocks: 45.141.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:4e:a7:ba:2c:19:97:ea:2b:6d:17:02:87:dc:f4:69:0f:87:c0:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 1 22:40:35 2025 GMT
Not After : Jan 31 22:45:35 2026 GMT
Subject: CN=B1EE9BC7B866B1051A87AB556C6B3EA8B8940BA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:66:54:4a:73:25:66:3c:05:e3:12:7d:c0:52:
7e:c7:fd:3a:4e:d2:c2:99:2c:d2:2a:65:97:86:2a:
06:38:24:3d:d5:75:32:25:60:46:6f:31:24:5d:31:
d3:af:93:bd:a3:ec:bc:fb:77:e6:b6:d6:a8:d5:50:
31:b0:da:5c:95:37:03:c1:27:8d:b1:99:a4:bf:08:
07:e2:4f:d0:32:ad:50:b8:0b:e3:b1:98:92:c0:2d:
c5:7f:df:2e:2f:ea:87:a1:8c:30:06:0a:55:05:59:
00:c9:34:c7:7b:fa:30:6d:d9:23:d0:3d:e5:d3:82:
0a:33:4f:08:22:a3:46:54:92:d4:9f:17:3a:73:4d:
b0:b6:7c:e9:8b:13:88:42:63:ae:37:13:07:82:99:
99:95:db:37:92:4e:b7:0b:b9:27:5e:73:28:6d:a5:
0d:87:08:a6:35:97:a2:00:f6:b9:ae:4a:50:68:d8:
15:65:ec:f8:a5:c7:8e:a4:6d:a0:0f:72:71:69:6e:
78:86:09:1a:c5:c8:64:12:7d:b8:2a:8a:23:f2:7f:
12:23:1c:95:3a:f5:17:9b:1f:34:c8:df:5b:c3:79:
89:e6:63:ad:03:23:ba:d0:0c:d0:50:7a:2e:e0:e8:
f0:35:23:76:1a:48:ca:12:40:2d:57:b3:c2:20:7f:
0f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:EE:9B:C7:B8:66:B1:05:1A:87:AB:55:6C:6B:3E:A8:B8:94:0B:A3
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.120.0/24
Signature Algorithm: sha256WithRSAEncryption
54:c9:c6:68:a7:c8:f9:d1:d3:6b:1f:fd:6c:e7:ff:d3:8e:ad:
87:6e:7a:fb:0d:cb:a1:93:6e:b3:94:99:c9:11:80:ad:bd:5e:
e8:62:ec:cf:82:ee:8f:bf:32:1d:83:0e:33:0f:9f:6b:19:fd:
4e:da:4e:60:52:ec:29:f5:f9:11:e9:84:5a:5e:9a:2a:60:a7:
53:56:58:5f:94:12:34:b2:bd:7e:21:e0:71:96:02:37:16:03:
61:40:df:d0:ba:6f:d8:f7:5c:48:cf:a9:e1:2e:a9:3d:29:26:
b6:95:40:3c:df:6b:45:6c:68:e3:74:c8:6f:c3:2a:f3:a2:11:
ec:a4:0b:c0:60:35:0b:fd:51:07:73:85:6f:d8:9e:70:74:f1:
2c:66:a3:95:7e:06:2d:be:49:5e:68:9f:ef:75:9d:b0:54:13:
e5:62:ac:30:ca:2a:02:7f:3d:cc:4b:64:1b:0f:ab:c9:ae:7c:
bf:41:2e:e8:a0:0c:0e:ac:75:4d:c4:bc:17:a6:8f:02:62:c5:
62:42:7d:d4:ad:8c:70:57:ad:76:e9:9e:ab:8a:4a:90:75:0e:
74:ed:a3:dd:f5:a6:b2:7f:88:20:b4:c8:0f:f1:75:e7:e6:74:
b0:d2:c5:77:65:2f:13:06:9d:57:36:0e:b4:31:9b:ae:26:78:
a6:6c:76:ff
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUd06nuiwZl+orbRcCh9z0aQ+HwBEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAyMDEyMjQwMzVaFw0yNjAxMzEyMjQ1MzVaMDMxMTAvBgNV
BAMTKEIxRUU5QkM3Qjg2NkIxMDUxQTg3QUI1NTZDNkIzRUE4Qjg5NDBCQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaZlRKcyVmPAXjEn3AUn7H/TpO
0sKZLNIqZZeGKgY4JD3VdTIlYEZvMSRdMdOvk72j7Lz7d+a21qjVUDGw2lyVNwPB
J42xmaS/CAfiT9AyrVC4C+OxmJLALcV/3y4v6oehjDAGClUFWQDJNMd7+jBt2SPQ
PeXTggozTwgio0ZUktSfFzpzTbC2fOmLE4hCY643EweCmZmV2zeSTrcLuSdecyht
pQ2HCKY1l6IA9rmuSlBo2BVl7Pilx46kbaAPcnFpbniGCRrFyGQSfbgqiiPyfxIj
HJU69RebHzTI31vDeYnmY60DI7rQDNBQei7g6PA1I3YaSMoSQC1Xs8Igfw95AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUse6bx7hmsQUah6tVbGs+qLiUC6MwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNDMxMmUzMTMy
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtjXgwDQYJKoZIhvcNAQELBQADggEBAFTJxminyPnR02sf/Wzn/9OOrYduevsN
y6GTbrOUmckRgK29Xuhi7M+C7o+/Mh2DDjMPn2sZ/U7aTmBS7Cn1+RHphFpemipg
p1NWWF+UEjSyvX4h4HGWAjcWA2FA39C6b9j3XEjPqeEuqT0pJraVQDzfa0VsaON0
yG/DKvOiEeykC8BgNQv9UQdzhW/YnnB08Sxmo5V+Bi2+SV5on+91nbBUE+VirDDK
KgJ/PcxLZBsPq8mufL9BLuigDA6sdU3EvBemjwJixWJCfdStjHBXrXbpnquKSpB1
DnTto931prJ/iCC0yA/xdefmdLDSxXdlLxMGnVc2DrQxm64meKZsdv8=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:58:13 2025 by rpki-client