Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3231322e3130332e34342e302f32342d3234203d3e20323133393138.roa
File: 3231322e3130332e34342e302f32342d3234203d3e20323133393138.roa (raw, json)
Hash identifier: qGJQiTgIvP4Ve1lRuA50bfURyANdu4X5JKcPosVvvQA=
Subject key identifier: CF:F4:7D:1F:B9:0A:90:57:52:C5:74:2A:9A:ED:93:6B:53:2F:FB:2A
Certificate issuer: /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial: 5985F40AC3568168AFD00D25019096C70F64EC84
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3231322e3130332e34342e302f32342d3234203d3e20323133393138.roa
Signing time: Fri 27 Dec 2024 11:57:58 +0000
ROA not before: Fri 27 Dec 2024 11:52:58 +0000
ROA not after: Fri 26 Dec 2025 11:57:58 +0000
asID: 213918
IP address blocks: 212.103.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.mft
rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:85:f4:0a:c3:56:81:68:af:d0:0d:25:01:90:96:c7:0f:64:ec:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Validity
Not Before: Dec 27 11:52:58 2024 GMT
Not After : Dec 26 11:57:58 2025 GMT
Subject: CN=CFF47D1FB90A905752C5742A9AED936B532FFB2A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:87:3d:dd:5c:42:89:65:33:5a:4a:f5:a6:91:
04:0e:8e:13:92:86:65:e0:97:1e:28:11:87:0c:af:
5b:bd:9c:24:1b:b3:70:51:98:87:71:50:4e:88:31:
78:80:51:35:99:cf:ae:fe:0a:05:4d:a7:1c:70:2f:
cf:06:6b:db:53:2b:b9:ea:c4:c1:5d:17:d3:c0:5b:
27:a3:df:44:cd:45:36:a1:fd:42:dd:d4:cb:ef:78:
96:4f:ac:80:4d:67:12:95:bd:58:f7:56:e1:77:6c:
9a:8f:bf:a9:78:7f:b3:48:22:9d:bd:c8:ac:5b:a4:
ee:99:b1:fe:05:2c:b2:b8:4a:40:74:6e:d7:ef:0c:
d3:d8:85:ed:18:41:b0:de:12:9a:0d:a4:55:e7:5c:
45:17:d3:21:be:25:d5:c6:61:a5:46:33:17:53:ed:
50:44:1e:7b:e5:2d:5d:ac:d9:3c:31:d3:c7:f4:91:
2e:5b:7e:89:fa:45:55:60:b5:0e:5b:f6:ea:9f:4b:
42:c2:07:5b:8b:5a:ed:4b:46:26:ac:10:3a:59:fb:
45:a8:92:27:fc:41:c8:ff:04:17:be:5c:c4:28:e3:
f7:bd:d5:99:5f:3b:db:49:ed:f5:77:39:cb:da:ae:
08:9a:c2:7c:5a:9c:1f:35:d0:c9:e1:d7:ae:8f:c4:
f8:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:F4:7D:1F:B9:0A:90:57:52:C5:74:2A:9A:ED:93:6B:53:2F:FB:2A
X509v3 Authority Key Identifier:
keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3231322e3130332e34342e302f32342d3234203d3e20323133393138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.103.44.0/24
Signature Algorithm: sha256WithRSAEncryption
71:3f:84:2a:fd:9c:43:6b:d3:f1:0e:bd:1b:14:9d:f7:75:6b:
3a:02:14:13:92:99:88:db:69:86:f2:26:c5:5a:30:44:19:31:
cb:0b:d5:16:50:12:c1:4c:37:65:00:cf:ab:eb:68:22:78:c7:
39:c2:d7:cf:6c:83:5b:7e:b8:81:75:07:21:cf:6d:ee:42:b7:
61:a9:ce:0f:a9:92:87:9c:4b:6e:1a:75:a1:d9:3a:fa:b4:a4:
81:d8:cd:81:d8:9e:0d:62:f3:29:5b:a1:9e:00:43:2e:f4:60:
3c:5f:88:8a:f5:90:df:5e:6a:fe:61:a3:6b:4c:11:db:37:1a:
e2:05:e2:5b:84:9a:85:c8:6c:6f:12:92:e9:0e:72:78:1f:9f:
42:3a:6e:b0:e2:fc:c6:17:28:f1:6c:ed:4d:6a:ad:5c:ec:81:
94:20:f0:34:54:88:85:d8:34:cf:33:be:e6:e9:2e:bb:06:4b:
18:5e:77:a3:3d:45:75:7a:40:dc:9b:b6:1b:d1:1d:91:46:90:
93:ab:c7:9c:12:0f:91:b0:b4:cf:7a:70:f2:70:e4:29:6e:47:
65:e6:18:c9:d7:ef:9c:60:86:72:cd:fd:6f:4c:bc:cf:84:bb:
89:bf:cb:4c:10:b4:6d:7d:50:f6:dc:33:a2:31:9a:89:a3:51:
cd:79:24:7f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUWYX0CsNWgWiv0A0lAZCWxw9k7IQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNDEyMjcxMTUyNThaFw0yNTEyMjYxMTU3NThaMDMxMTAvBgNV
BAMTKENGRjQ3RDFGQjkwQTkwNTc1MkM1NzQyQTlBRUQ5MzZCNTMyRkZCMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmhz3dXEKJZTNaSvWmkQQOjhOS
hmXglx4oEYcMr1u9nCQbs3BRmIdxUE6IMXiAUTWZz67+CgVNpxxwL88Ga9tTK7nq
xMFdF9PAWyej30TNRTah/ULd1MvveJZPrIBNZxKVvVj3VuF3bJqPv6l4f7NIIp29
yKxbpO6Zsf4FLLK4SkB0btfvDNPYhe0YQbDeEpoNpFXnXEUX0yG+JdXGYaVGMxdT
7VBEHnvlLV2s2Twx08f0kS5bfon6RVVgtQ5b9uqfS0LCB1uLWu1LRiasEDpZ+0Wo
kif8Qcj/BBe+XMQo4/e91ZlfO9tJ7fV3OcvargiawnxanB810Mnh166PxPg3AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUz/R9H7kKkFdSxXQqmu2Ta1Mv+yowHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzIzMTMyMmUzMTMwMzMyZTM0
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzMzOTMxMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADUZywwDQYJKoZIhvcNAQELBQADggEBAHE/hCr9nENr0/EOvRsUnfd1azoCFBOS
mYjbaYbyJsVaMEQZMcsL1RZQEsFMN2UAz6vraCJ4xznC189sg1t+uIF1ByHPbe5C
t2Gpzg+pkoecS24adaHZOvq0pIHYzYHYng1i8ylboZ4AQy70YDxfiIr1kN9eav5h
o2tMEds3GuIF4luEmoXIbG8SkukOcngfn0I6brDi/MYXKPFs7U1qrVzsgZQg8DRU
iIXYNM8zvubpLrsGSxhed6M9RXV6QNybthvRHZFGkJOrx5wSD5GwtM96cPJw5Clu
R2XmGMnX75xghnLN/W9MvM+Eu4m/y0wQtG19UPbcM6IxmomjUc15JH8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:42:54 2025 by rpki-client