Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/H8-4BKw4Tio0v7fBDDkOvu0xYf0.roa
File: H8-4BKw4Tio0v7fBDDkOvu0xYf0.roa (raw, json)
Hash identifier: KAd/cINuj3Zmkb8yZBl9rfV147mzpewaBmWKPtSwHrI=
Subject key identifier: 1F:CF:B8:04:AC:38:4E:2A:34:BF:B7:C1:0C:39:0E:BE:ED:31:61:FD
Certificate issuer: /CN=220f413fb0af0bd8fe130820d3049d0e71ed4bb0
Certificate serial: 0194258F3472A86E5E9E1FD52B602B283860
Authority key identifier: 22:0F:41:3F:B0:AF:0B:D8:FE:13:08:20:D3:04:9D:0E:71:ED:4B:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ig9BP7CvC9j-Ewgg0wSdDnHtS7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/H8-4BKw4Tio0v7fBDDkOvu0xYf0.roa
Signing time: Thu 02 Jan 2025 05:48:49 +0000
ROA not before: Thu 02 Jan 2025 05:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12794
IP address blocks: 217.169.192.0/20 maxlen: 24
217.169.192.0/21 maxlen: 21
217.169.192.0/22 maxlen: 22
217.169.192.0/24 maxlen: 24
217.169.193.0/24 maxlen: 24
217.169.194.0/24 maxlen: 24
217.169.195.0/24 maxlen: 24
217.169.196.0/24 maxlen: 24
217.169.197.0/24 maxlen: 24
217.169.198.0/24 maxlen: 24
217.169.199.0/24 maxlen: 24
217.169.200.0/24 maxlen: 24
217.169.201.0/24 maxlen: 24
217.169.203.0/24 maxlen: 24
217.169.204.0/24 maxlen: 24
217.169.205.0/24 maxlen: 24
217.169.206.0/24 maxlen: 24
217.169.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/Ig9BP7CvC9j-Ewgg0wSdDnHtS7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/Ig9BP7CvC9j-Ewgg0wSdDnHtS7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ig9BP7CvC9j-Ewgg0wSdDnHtS7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:34:72:a8:6e:5e:9e:1f:d5:2b:60:2b:28:38:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=220f413fb0af0bd8fe130820d3049d0e71ed4bb0
Validity
Not Before: Jan 2 05:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1fcfb804ac384e2a34bfb7c10c390ebeed3161fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:51:1a:b3:8b:b2:f0:16:1a:61:9e:3c:69:8f:
0e:2a:55:dc:f4:5d:66:e9:23:53:71:2b:70:42:e9:
c6:4e:9a:26:56:19:f1:19:bf:45:c7:50:99:fd:09:
13:bd:b9:ec:70:18:f5:0f:c2:46:49:61:ca:6a:38:
b2:99:c5:b8:f2:5d:99:22:71:ab:a7:42:ca:ad:3f:
53:c0:47:6d:11:29:51:da:c6:01:eb:a5:25:2b:bd:
5a:0c:5f:c3:16:4e:5d:e1:ca:2b:05:7f:7a:59:97:
b3:e6:7f:80:d1:46:6b:fb:79:8b:7a:75:c1:b2:bb:
ef:58:05:bc:ef:67:70:61:1e:21:92:79:02:0a:4b:
7f:c8:e4:81:55:02:ab:9f:43:cf:d3:46:e8:f3:06:
bb:f9:7c:17:0b:81:ba:9c:8d:55:b0:a6:02:44:fd:
54:78:ad:96:f2:af:d1:4a:5a:72:47:bb:68:5d:55:
e2:f9:86:a7:cd:a3:60:3e:fc:3e:0a:ae:06:6f:90:
fa:32:1d:7d:e8:cb:a8:35:80:50:b2:80:3e:a9:e3:
5a:84:40:9c:d6:8f:a3:2c:86:ea:15:b6:a0:0a:d8:
36:88:e1:73:1a:c3:45:0b:7c:70:db:d3:4d:5d:db:
e0:ed:14:70:cf:b3:17:de:4d:48:d3:37:6a:2c:cb:
7e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:CF:B8:04:AC:38:4E:2A:34:BF:B7:C1:0C:39:0E:BE:ED:31:61:FD
X509v3 Authority Key Identifier:
keyid:22:0F:41:3F:B0:AF:0B:D8:FE:13:08:20:D3:04:9D:0E:71:ED:4B:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ig9BP7CvC9j-Ewgg0wSdDnHtS7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/H8-4BKw4Tio0v7fBDDkOvu0xYf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/Ig9BP7CvC9j-Ewgg0wSdDnHtS7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.169.192.0/20
Signature Algorithm: sha256WithRSAEncryption
7c:17:bc:90:51:65:54:ed:b1:78:ca:76:6d:53:22:23:2f:3a:
fd:0e:52:ae:a7:55:23:9f:e1:9f:fd:4a:81:aa:29:a1:01:05:
97:c6:fb:f0:3b:0f:6a:54:52:f9:ea:f4:49:22:66:5f:a5:50:
0c:f4:1f:98:e7:08:b5:36:9e:ef:4f:db:39:2c:9b:cb:fd:fa:
be:a7:d3:73:fb:24:93:05:b4:8e:8f:71:e3:cc:05:90:cf:3e:
9f:af:ab:4f:04:37:6d:12:99:79:87:6a:bc:22:81:20:00:8d:
5d:27:b5:03:33:7c:98:fa:45:a9:81:7b:ab:bb:d1:4a:39:3b:
e1:77:b0:a3:a8:4c:b6:84:c9:ad:8f:4b:ee:7c:df:26:c7:46:
4b:6a:20:a1:c3:de:98:81:c9:f9:72:7c:26:58:0e:12:f4:d6:
7b:83:e0:e1:10:b5:36:27:dd:dd:fc:95:90:2b:e8:ed:1f:54:
7e:ac:a5:aa:dc:c2:fa:9a:5e:18:e1:ff:81:fd:24:c6:59:5a:
db:35:ee:70:1a:d6:5d:b7:3f:15:cb:d6:58:ae:39:89:e9:52:
f4:b0:2b:cf:7d:63:1f:e8:46:a7:ad:00:97:9f:3c:9d:82:40:
44:66:1b:dd:b6:2c:60:5d:33:1c:d8:d9:e5:1f:66:66:fe:94:
4d:48:05:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQljzRyqG5enh/VK2ArKDhgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMGY0MTNmYjBhZjBiZDhmZTEzMDgyMGQzMDQ5ZDBlNzFl
ZDRiYjAwHhcNMjUwMTAyMDU0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmNmYjgwNGFjMzg0ZTJhMzRiZmI3YzEwYzM5MGViZWVkMzE2MWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVEas4uy8BYaYZ48aY8OKlXc9F1m
6SNTcStwQunGTpomVhnxGb9Fx1CZ/QkTvbnscBj1D8JGSWHKajiymcW48l2ZInGr
p0LKrT9TwEdtESlR2sYB66UlK71aDF/DFk5d4corBX96WZez5n+A0UZr+3mLenXB
srvvWAW872dwYR4hknkCCkt/yOSBVQKrn0PP00bo8wa7+XwXC4G6nI1VsKYCRP1U
eK2W8q/RSlpyR7toXVXi+YanzaNgPvw+Cq4Gb5D6Mh196MuoNYBQsoA+qeNahECc
1o+jLIbqFbagCtg2iOFzGsNFC3xw29NNXdvg7RRwz7MX3k1I0zdqLMt+0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB/PuASsOE4qNL+3wQw5Dr7tMWH9MB8GA1UdIwQY
MBaAFCIPQT+wrwvY/hMIINMEnQ5x7UuwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWc5QlA3Q3ZDOWotRXdnZzB3U2REbkh0UzdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjM1N2QtYjE3MC00MGE1LWE2Njkt
ODJlYmEwY2IzYjBkLzEvSDgtNEJLdzRUaW8wdjdmQkREa092dTB4WWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjM1N2QtYjE3MC00MGE1LWE2NjktODJlYmEwY2IzYjBk
LzEvSWc5QlA3Q3ZDOWotRXdnZzB3U2REbkh0UzdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2anAMA0G
CSqGSIb3DQEBCwUAA4IBAQB8F7yQUWVU7bF4ynZtUyIjLzr9DlKup1Ujn+Gf/UqB
qimhAQWXxvvwOw9qVFL56vRJImZfpVAM9B+Y5wi1Np7vT9s5LJvL/fq+p9Nz+yST
BbSOj3HjzAWQzz6fr6tPBDdtEpl5h2q8IoEgAI1dJ7UDM3yY+kWpgXuru9FKOTvh
d7CjqEy2hMmtj0vufN8mx0ZLaiChw96Ygcn5cnwmWA4S9NZ7g+DhELU2J93d/JWQ
K+jtH1R+rKWq3ML6ml4Y4f+B/STGWVrbNe5wGtZdtz8Vy9ZYrjmJ6VL0sCvPfWMf
6EanrQCXnzydgkBEZhvdtixgXTMc2NnlH2Zm/pRNSAXF
-----END CERTIFICATE-----
Generated at Sun Apr 13 07:34:28 2025 by rpki-client