Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/HWr5mjO0pCI1Vd4EP8Vsj0SbdDk.roa
File: HWr5mjO0pCI1Vd4EP8Vsj0SbdDk.roa (raw, json)
Hash identifier: +GccY64PF6EoLu4o0b6AELGvN60tAWxw+ayqy5DT/8Y=
Subject key identifier: 1D:6A:F9:9A:33:B4:A4:22:35:55:DE:04:3F:C5:6C:8F:44:9B:74:39
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 0194258F7F8372B75F47D6CA79C2B941C463
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/HWr5mjO0pCI1Vd4EP8Vsj0SbdDk.roa
Signing time: Thu 02 Jan 2025 05:49:08 +0000
ROA not before: Thu 02 Jan 2025 05:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25459
IP address blocks: 217.170.1.0/24 maxlen: 24
217.170.12.0/23 maxlen: 23
217.170.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 09:59:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:7f:83:72:b7:5f:47:d6:ca:79:c2:b9:41:c4:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 2 05:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d6af99a33b4a4223555de043fc56c8f449b7439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fb:32:e2:17:27:3c:a2:4d:6b:b1:8a:55:80:
36:06:26:1c:59:aa:28:83:71:a5:8e:14:b2:16:3e:
15:5e:87:17:6e:57:12:be:7b:0f:0c:41:29:97:78:
f9:c1:b8:f7:ac:17:76:e5:cf:de:0b:15:35:b0:fd:
4b:c2:6f:2d:76:3d:d8:cd:e9:32:fb:34:7b:e2:ee:
dd:f5:51:c8:9c:82:cf:15:b0:78:a9:96:25:3b:b0:
10:11:07:ff:69:11:12:70:d9:bf:8e:f4:73:fa:a4:
e0:06:aa:95:94:60:75:17:ef:cb:64:4a:e9:79:3f:
71:e8:37:e2:bc:ad:2c:d5:08:50:35:1e:8c:ba:40:
57:5f:53:64:c2:5c:99:17:15:ab:e9:14:ad:c9:9f:
05:2e:31:50:da:1d:fc:b4:e3:24:2a:82:c9:35:9e:
e7:65:2d:13:af:e9:ad:c3:74:2e:d9:7d:cd:ff:c9:
ba:d5:91:ca:0f:6d:80:c9:3c:7d:77:38:59:ee:ec:
91:44:81:37:2c:74:8b:22:0d:a3:f5:77:1d:a4:7c:
d1:5c:6d:00:a5:b4:7d:93:af:b4:22:7c:79:89:72:
44:d7:a1:bc:34:13:41:8e:8d:e7:a2:6b:bf:84:3e:
62:b6:3b:aa:92:47:16:f9:6b:6b:30:d6:ea:a3:03:
f0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:6A:F9:9A:33:B4:A4:22:35:55:DE:04:3F:C5:6C:8F:44:9B:74:39
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/HWr5mjO0pCI1Vd4EP8Vsj0SbdDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.170.1.0/24
217.170.12.0-217.170.14.255
Signature Algorithm: sha256WithRSAEncryption
44:83:5e:68:07:9b:fd:ff:b2:e1:7e:03:00:8a:a1:3e:06:0a:
f3:12:70:c4:e5:69:f4:f3:c9:62:39:ff:65:d1:98:4b:d3:00:
e1:26:b0:b1:2f:90:99:d0:d6:b1:22:c1:e6:85:98:80:1d:98:
05:a5:7f:9f:8f:ca:bd:93:61:b3:4b:4a:bb:5c:ca:30:08:4b:
dd:3a:aa:6b:ba:cd:64:e9:de:3b:bc:3f:f9:01:ba:db:5e:a9:
ef:7d:fe:b2:28:4f:5b:65:78:cb:ee:d3:c1:c2:8b:db:cc:e7:
32:7d:08:a4:bf:65:cf:1f:13:81:7f:1e:fa:44:2b:a6:db:ac:
81:43:6e:70:4e:60:43:89:df:2c:57:92:0e:2c:c0:36:67:9e:
78:f7:35:3e:d0:e6:ed:56:23:8d:43:8c:86:c7:10:5e:c8:ae:
bb:5b:21:45:f9:d5:ae:ef:27:7e:86:2f:97:3b:32:98:1b:d6:
a9:bf:6a:2d:f8:e0:f1:e2:51:d1:ca:b6:b0:2c:ed:8e:db:b9:
08:f8:cf:29:ba:a8:fa:12:eb:9a:96:ab:91:59:3a:8f:6a:41:
ab:c4:b5:49:72:64:7c:ba:03:ce:e8:05:b6:fb:79:1c:eb:9c:
a5:42:24:c7:bd:78:49:6c:6f:ea:9d:be:52:2d:58:20:23:f9:
bb:bd:55:67
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQlj3+DcrdfR9bKecK5QcRjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjUwMTAyMDU0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDZhZjk5YTMzYjRhNDIyMzU1NWRlMDQzZmM1NmM4ZjQ0OWI3NDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPsy4hcnPKJNa7GKVYA2BiYcWaoo
g3GljhSyFj4VXocXblcSvnsPDEEpl3j5wbj3rBd25c/eCxU1sP1Lwm8tdj3Yzeky
+zR74u7d9VHInILPFbB4qZYlO7AQEQf/aREScNm/jvRz+qTgBqqVlGB1F+/LZErp
eT9x6DfivK0s1QhQNR6MukBXX1NkwlyZFxWr6RStyZ8FLjFQ2h38tOMkKoLJNZ7n
ZS0Tr+mtw3Qu2X3N/8m61ZHKD22AyTx9dzhZ7uyRRIE3LHSLIg2j9XcdpHzRXG0A
pbR9k6+0Inx5iXJE16G8NBNBjo3nomu/hD5itjuqkkcW+WtrMNbqowPwEwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFB1q+ZoztKQiNVXeBD/FbI9Em3Q5MB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvSFdyNW1qTzBwQ0kxVmQ0RVA4VnNqMFNiZERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQA2aoBMAwD
BALZqgwDBADZqg4wDQYJKoZIhvcNAQELBQADggEBAESDXmgHm/3/suF+AwCKoT4G
CvMScMTlafTzyWI5/2XRmEvTAOEmsLEvkJnQ1rEiweaFmIAdmAWlf5+Pyr2TYbNL
SrtcyjAIS906qmu6zWTp3ju8P/kButteqe99/rIoT1tleMvu08HCi9vM5zJ9CKS/
Zc8fE4F/HvpEK6bbrIFDbnBOYEOJ3yxXkg4swDZnnnj3NT7Q5u1WI41DjIbHEF7I
rrtbIUX51a7vJ36GL5c7Mpgb1qm/ai344PHiUdHKtrAs7Y7buQj4zym6qPoS65qW
q5FZOo9qQavEtUlyZHy6A87oBbb7eRzrnKVCJMe9eElsb+qdvlItWCAj+bu9VWc=
-----END CERTIFICATE-----
Generated at Sun Apr 13 19:49:55 2025 by rpki-client