Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3231322e3130332e34372e302f32342d3234203d3e20333935333734.roa
File: 3231322e3130332e34372e302f32342d3234203d3e20333935333734.roa (raw, json)
Hash identifier: PFxgHUemXkNJXYJkB+UVPkLxlX5c1eOHSCGm+h10TUo=
Subject key identifier: EF:A7:B5:29:54:A6:09:3D:E8:66:8B:DE:9C:82:22:6F:57:EA:7B:29
Certificate issuer: /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial: 707BA85E71D3B3CFD4BF69888AAAE381DF64464F
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3231322e3130332e34372e302f32342d3234203d3e20333935333734.roa
Signing time: Fri 11 Apr 2025 10:07:10 +0000
ROA not before: Fri 11 Apr 2025 10:02:10 +0000
ROA not after: Fri 10 Apr 2026 10:07:10 +0000
asID: 395374
IP address blocks: 212.103.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.mft
rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 17:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:7b:a8:5e:71:d3:b3:cf:d4:bf:69:88:8a:aa:e3:81:df:64:46:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Validity
Not Before: Apr 11 10:02:10 2025 GMT
Not After : Apr 10 10:07:10 2026 GMT
Subject: CN=EFA7B52954A6093DE8668BDE9C82226F57EA7B29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c4:b6:c9:95:b9:cf:6e:d9:b3:b1:a1:17:7b:
4c:82:60:7a:8f:ec:71:5a:0a:6e:d7:d9:5b:ed:09:
38:07:4a:e7:9c:8b:da:40:f3:3a:04:9b:ba:07:a9:
8f:27:3e:6c:64:a3:5c:80:e2:0b:fa:5f:6a:d3:d0:
56:19:78:4b:bb:f5:76:16:a6:a0:7a:ec:ad:5c:ad:
d6:87:42:f7:bb:2d:02:5c:a2:16:ef:d4:71:cd:44:
55:ae:c9:e3:8d:d4:a5:30:02:cc:6f:ab:e1:32:79:
15:f7:ba:88:2c:b8:8c:a9:0d:6f:46:5c:5e:09:f8:
28:5b:08:0f:ce:4b:55:9f:2e:86:e7:fd:91:bc:31:
e8:89:48:55:0b:b7:d6:42:7f:0b:7e:67:63:7c:fe:
b3:af:86:87:f4:87:03:7d:4e:5c:88:cd:52:ad:83:
6c:20:56:a5:21:cd:62:85:83:5d:5d:fd:c3:3a:d5:
17:c4:04:75:cf:2f:77:45:68:f9:16:09:43:ce:56:
2c:c0:93:b5:15:5f:02:c0:e7:6c:f8:47:b4:be:1f:
68:1e:9f:be:06:a6:c0:48:94:bb:67:ca:e8:c8:af:
79:be:7c:17:ca:72:61:78:4b:de:9c:ea:cf:41:2e:
41:f2:7a:9f:d0:a0:55:4d:08:ac:54:45:63:fa:b9:
dd:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:A7:B5:29:54:A6:09:3D:E8:66:8B:DE:9C:82:22:6F:57:EA:7B:29
X509v3 Authority Key Identifier:
keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3231322e3130332e34372e302f32342d3234203d3e20333935333734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.103.47.0/24
Signature Algorithm: sha256WithRSAEncryption
94:14:dd:8f:2d:9c:91:f5:cc:8b:bc:80:11:2b:0d:fe:f9:c7:
77:2c:d6:b7:cf:2b:8e:ce:fe:20:4e:4d:05:18:72:98:52:5c:
70:10:c9:bf:b2:ae:3e:1d:88:93:80:7e:fa:09:b6:ca:76:a3:
b4:e0:5d:0e:20:62:46:0c:7e:ae:68:55:95:74:50:d8:ca:9f:
c8:56:09:22:b8:4e:a2:34:96:aa:f4:a3:01:20:1d:62:ed:bd:
20:86:ce:d3:90:08:c8:f1:b7:b3:17:4e:40:33:82:bf:e3:33:
f2:0d:36:4a:0f:81:f6:b6:54:f8:f8:bf:bd:35:9e:c2:e7:96:
f5:f7:c0:dc:ba:bb:b8:45:fc:3c:5e:33:75:49:93:88:df:8c:
63:58:d6:a9:5c:5b:c9:cf:cf:7b:3d:14:dc:e3:56:df:45:16:
20:7b:07:54:cf:ef:7f:34:0d:43:db:12:d1:ef:fb:49:2c:81:
9f:62:b9:1f:93:17:55:dc:9f:fa:ab:eb:aa:bf:5a:92:95:1e:
18:b1:50:fb:66:5b:67:8b:95:82:3e:8d:b5:a9:60:d0:f0:27:
2e:ec:ab:52:0b:cb:60:04:d0:69:12:07:df:10:92:ba:fa:9b:
e8:82:04:a0:ea:64:2d:79:c7:78:cb:ff:d8:84:a3:b5:1c:31:
31:42:ba:1b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcHuoXnHTs8/Uv2mIiqrjgd9kRk8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNTA0MTExMDAyMTBaFw0yNjA0MTAxMDA3MTBaMDMxMTAvBgNV
BAMTKEVGQTdCNTI5NTRBNjA5M0RFODY2OEJERTlDODIyMjZGNTdFQTdCMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRxLbJlbnPbtmzsaEXe0yCYHqP
7HFaCm7X2VvtCTgHSueci9pA8zoEm7oHqY8nPmxko1yA4gv6X2rT0FYZeEu79XYW
pqB67K1crdaHQve7LQJcohbv1HHNRFWuyeON1KUwAsxvq+EyeRX3uogsuIypDW9G
XF4J+ChbCA/OS1WfLobn/ZG8MeiJSFULt9ZCfwt+Z2N8/rOvhof0hwN9TlyIzVKt
g2wgVqUhzWKFg11d/cM61RfEBHXPL3dFaPkWCUPOVizAk7UVXwLA52z4R7S+H2ge
n74GpsBIlLtnyujIr3m+fBfKcmF4S96c6s9BLkHyep/QoFVNCKxURWP6ud3hAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU76e1KVSmCT3oZovenIIib1fqeykwHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzIzMTMyMmUzMTMwMzMyZTM0
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzUzMzM3MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADUZy8wDQYJKoZIhvcNAQELBQADggEBAJQU3Y8tnJH1zIu8gBErDf75x3cs1rfP
K47O/iBOTQUYcphSXHAQyb+yrj4diJOAfvoJtsp2o7TgXQ4gYkYMfq5oVZV0UNjK
n8hWCSK4TqI0lqr0owEgHWLtvSCGztOQCMjxt7MXTkAzgr/jM/INNkoPgfa2VPj4
v701nsLnlvX3wNy6u7hF/DxeM3VJk4jfjGNY1qlcW8nPz3s9FNzjVt9FFiB7B1TP
7380DUPbEtHv+0ksgZ9iuR+TF1Xcn/qr66q/WpKVHhixUPtmW2eLlYI+jbWpYNDw
Jy7sq1ILy2AE0GkSB98Qkrr6m+iCBKDqZC15x3jL/9iEo7UcMTFCuhs=
-----END CERTIFICATE-----
Generated at Sun Apr 13 23:51:41 2025 by rpki-client