Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/2ee71b-8ffe-4eb6-9434-cf3c1a79e634/1/_HSn7eAJ1-GN-PARSBNdWZcI_CM.roa
File: _HSn7eAJ1-GN-PARSBNdWZcI_CM.roa (raw, json)
Hash identifier: PSxIhhf7j8l1h9bP9LYjz403TkZ/7uIEMgwPHzFFKaA=
Subject key identifier: FC:74:A7:ED:E0:09:D7:E1:8D:F8:F0:11:48:13:5D:59:97:08:FC:23
Certificate issuer: /CN=10b43613535ffaa73d9acc503c71a28fa17b3839
Certificate serial: 019421446C9B056BAA3517F9305A04CA6726
Authority key identifier: 10:B4:36:13:53:5F:FA:A7:3D:9A:CC:50:3C:71:A2:8F:A1:7B:38:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ELQ2E1Nf-qc9msxQPHGij6F7ODk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/2ee71b-8ffe-4eb6-9434-cf3c1a79e634/1/_HSn7eAJ1-GN-PARSBNdWZcI_CM.roa
Signing time: Wed 01 Jan 2025 09:48:39 +0000
ROA not before: Wed 01 Jan 2025 09:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49772
IP address blocks: 91.213.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/2ee71b-8ffe-4eb6-9434-cf3c1a79e634/1/ELQ2E1Nf-qc9msxQPHGij6F7ODk.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/2ee71b-8ffe-4eb6-9434-cf3c1a79e634/1/ELQ2E1Nf-qc9msxQPHGij6F7ODk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ELQ2E1Nf-qc9msxQPHGij6F7ODk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:6c:9b:05:6b:aa:35:17:f9:30:5a:04:ca:67:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10b43613535ffaa73d9acc503c71a28fa17b3839
Validity
Not Before: Jan 1 09:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc74a7ede009d7e18df8f01148135d599708fc23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:db:d9:f6:0f:4f:44:58:4d:46:5b:74:9c:78:
50:88:39:d5:05:23:83:7c:03:d0:a8:38:2b:24:d8:
54:1f:08:4f:0d:62:23:e7:54:bd:53:94:34:8d:f7:
2a:fc:11:49:95:44:c7:af:6c:45:e8:be:9d:ef:ea:
b0:cd:c2:6c:ed:38:db:db:45:30:a6:4d:40:56:b5:
d3:d7:53:76:bc:5e:f8:07:f9:5b:8d:05:52:0b:26:
a6:ae:79:a5:9c:04:9e:1d:5b:d6:e3:8e:44:a6:e5:
3d:38:98:39:98:2f:ff:e6:15:a8:8f:c5:e7:c9:94:
f9:51:77:22:b0:fc:0d:b1:c2:8d:3e:dc:66:4d:ea:
12:06:e6:94:86:0e:d4:96:4e:5a:df:eb:5c:6e:d8:
2e:11:1c:2d:b9:a9:6f:45:b8:ec:71:e7:66:d3:10:
38:cd:f6:a3:b5:b4:06:4e:6c:30:62:3d:15:c0:71:
2a:10:7f:51:25:7e:73:3d:d0:cc:79:4b:03:9f:f4:
de:a7:53:91:05:76:87:5e:90:99:ed:6e:f8:18:11:
a4:a2:60:0b:01:39:bb:68:65:2b:52:06:96:91:09:
83:a6:11:2a:00:d7:58:0a:e0:ac:cf:ad:e4:65:23:
1f:da:39:3b:a2:d6:05:ea:14:25:24:b0:23:8a:bc:
f0:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:74:A7:ED:E0:09:D7:E1:8D:F8:F0:11:48:13:5D:59:97:08:FC:23
X509v3 Authority Key Identifier:
keyid:10:B4:36:13:53:5F:FA:A7:3D:9A:CC:50:3C:71:A2:8F:A1:7B:38:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ELQ2E1Nf-qc9msxQPHGij6F7ODk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2ee71b-8ffe-4eb6-9434-cf3c1a79e634/1/_HSn7eAJ1-GN-PARSBNdWZcI_CM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2ee71b-8ffe-4eb6-9434-cf3c1a79e634/1/ELQ2E1Nf-qc9msxQPHGij6F7ODk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.210.0/24
Signature Algorithm: sha256WithRSAEncryption
92:a9:a4:36:24:eb:cf:53:23:99:3b:28:58:4a:db:8a:3c:11:
a8:03:ef:62:d3:aa:25:1b:91:f3:77:2a:38:2b:38:eb:33:94:
33:ab:04:9f:5f:a1:70:78:a1:91:39:6b:31:3c:05:82:d2:f6:
f5:b8:82:64:7f:7e:7b:a7:61:0e:9f:bd:2e:c0:8b:60:0b:ff:
e2:f3:a0:79:84:80:4a:08:ff:50:af:f2:1a:78:1d:b1:92:80:
c5:33:ca:35:2e:1c:33:80:5b:de:cb:3c:12:30:db:32:b5:54:
e9:52:fb:eb:04:5f:3f:e0:10:78:03:18:33:94:7a:ca:32:74:
9d:4b:39:1c:6a:de:96:b9:14:c0:e0:b2:6d:0a:ec:58:5c:25:
e3:c6:5f:9c:6c:78:37:a4:58:56:3a:3c:77:01:a1:b9:5c:ba:
93:da:2c:65:43:1d:de:05:55:fe:a3:4e:e5:3b:37:7b:e5:e6:
de:6e:e6:52:d3:45:72:20:e1:5f:1b:f2:98:82:a7:bf:31:19:
6d:b7:60:89:60:80:08:88:27:db:e8:40:7d:ab:22:9e:e7:e9:
cb:54:04:eb:14:28:61:70:9b:ec:e8:3d:3c:b4:87:bc:df:0e:
47:34:d3:e8:16:6d:97:c2:d4:c1:10:05:bf:f1:b9:dd:99:15:
77:3f:5e:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRGybBWuqNRf5MFoEymcmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYjQzNjEzNTM1ZmZhYTczZDlhY2M1MDNjNzFhMjhmYTE3
YjM4MzkwHhcNMjUwMTAxMDk0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzc0YTdlZGUwMDlkN2UxOGRmOGYwMTE0ODEzNWQ1OTk3MDhmYzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNvZ9g9PRFhNRlt0nHhQiDnVBSOD
fAPQqDgrJNhUHwhPDWIj51S9U5Q0jfcq/BFJlUTHr2xF6L6d7+qwzcJs7Tjb20Uw
pk1AVrXT11N2vF74B/lbjQVSCyamrnmlnASeHVvW445EpuU9OJg5mC//5hWoj8Xn
yZT5UXcisPwNscKNPtxmTeoSBuaUhg7Ulk5a3+tcbtguERwtualvRbjscedm0xA4
zfajtbQGTmwwYj0VwHEqEH9RJX5zPdDMeUsDn/Tep1ORBXaHXpCZ7W74GBGkomAL
ATm7aGUrUgaWkQmDphEqANdYCuCsz63kZSMf2jk7otYF6hQlJLAjirzwtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPx0p+3gCdfhjfjwEUgTXVmXCPwjMB8GA1UdIwQY
MBaAFBC0NhNTX/qnPZrMUDxxoo+hezg5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUxRMkUxTmYtcWM5bXN4UVBIR2lqNkY3T0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8yZWU3MWItOGZmZS00ZWI2LTk0MzQt
Y2YzYzFhNzllNjM0LzEvX0hTbjdlQUoxLUdOLVBBUlNCTmRXWmNJX0NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8yZWU3MWItOGZmZS00ZWI2LTk0MzQtY2YzYzFhNzllNjM0
LzEvRUxRMkUxTmYtcWM5bXN4UVBIR2lqNkY3T0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9XSMA0G
CSqGSIb3DQEBCwUAA4IBAQCSqaQ2JOvPUyOZOyhYStuKPBGoA+9i06olG5Hzdyo4
KzjrM5QzqwSfX6FweKGROWsxPAWC0vb1uIJkf357p2EOn70uwItgC//i86B5hIBK
CP9Qr/IaeB2xkoDFM8o1LhwzgFveyzwSMNsytVTpUvvrBF8/4BB4AxgzlHrKMnSd
Szkcat6WuRTA4LJtCuxYXCXjxl+cbHg3pFhWOjx3AaG5XLqT2ixlQx3eBVX+o07l
Ozd75ebebuZS00VyIOFfG/KYgqe/MRltt2CJYIAIiCfb6EB9qyKe5+nLVATrFChh
cJvs6D08tIe83w5HNNPoFm2XwtTBEAW/8bndmRV3P17D
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:36:43 2025 by rpki-client