Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3231322e3130332e34372e302f32342d3234203d3e203630313137.roa
File: 3231322e3130332e34372e302f32342d3234203d3e203630313137.roa (raw, json)
Hash identifier: YdIRouunEJ7v7O6adrWSPqBia6eTO11BexNozDCWbfw=
Subject key identifier: 22:8B:BD:B8:BF:CA:E9:F4:81:48:03:DC:39:A0:84:09:32:5B:8C:30
Certificate issuer: /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial: 46B6F0A39004BF655A9F967A3A3C19C6C77E74CF
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3231322e3130332e34372e302f32342d3234203d3e203630313137.roa
Signing time: Tue 03 Jun 2025 15:04:44 +0000
ROA not before: Tue 03 Jun 2025 14:59:44 +0000
ROA not after: Tue 02 Jun 2026 15:04:44 +0000
asID: 60117
IP address blocks: 212.103.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.mft
rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 07:30:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:b6:f0:a3:90:04:bf:65:5a:9f:96:7a:3a:3c:19:c6:c7:7e:74:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Validity
Not Before: Jun 3 14:59:44 2025 GMT
Not After : Jun 2 15:04:44 2026 GMT
Subject: CN=228BBDB8BFCAE9F4814803DC39A08409325B8C30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:80:dc:60:51:6a:1f:1a:7b:72:0b:8e:88:3f:
14:ae:1d:82:56:d5:db:9e:75:20:3e:3a:59:92:4f:
02:61:11:9c:ae:10:6c:5c:7b:82:10:1b:09:7f:1c:
93:b2:3d:bc:ac:e8:78:11:c3:bf:70:a1:c7:13:56:
18:f8:1b:ef:31:b2:d2:3e:69:2b:07:81:52:1d:60:
03:59:1b:fe:39:cb:78:39:e2:3b:ae:cb:c2:7c:95:
4d:58:9a:f4:ac:17:4b:48:d2:a1:fe:bc:70:cb:f3:
2b:34:14:ce:39:47:c8:b6:85:f9:0d:c1:03:54:0d:
de:50:ce:4f:c9:1b:78:89:0b:34:8d:c2:2d:1c:e1:
00:36:43:68:58:05:6d:ee:11:4f:3d:91:ce:27:65:
c7:e9:34:47:bb:b0:99:bb:a8:29:e2:c0:8e:a0:83:
05:99:63:1b:49:cc:9d:da:d7:4b:25:6d:03:22:27:
a1:fe:83:fa:fb:30:35:86:c7:db:99:4f:f9:3e:c1:
c3:5e:a6:f1:25:91:e4:2e:68:76:01:c9:23:82:74:
31:bf:d5:79:82:46:51:92:60:89:16:c2:76:3b:93:
a9:cb:e3:3d:f6:5f:a4:8f:7d:22:f7:7c:f8:8c:73:
5a:90:18:f8:e7:45:d7:97:06:82:62:1a:ee:31:d7:
67:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:8B:BD:B8:BF:CA:E9:F4:81:48:03:DC:39:A0:84:09:32:5B:8C:30
X509v3 Authority Key Identifier:
keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3231322e3130332e34372e302f32342d3234203d3e203630313137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.103.47.0/24
Signature Algorithm: sha256WithRSAEncryption
18:bf:6b:3c:33:22:40:1f:01:48:80:46:e8:d3:6c:2b:ea:28:
5d:2e:8f:ea:14:53:e4:de:07:c8:9d:d5:d0:ed:0b:d2:8f:2d:
5d:a8:c2:5b:9d:31:d4:01:03:25:92:9f:2a:ce:b8:0a:45:c5:
29:90:3b:bb:7c:4c:ec:a1:ec:0a:40:78:e2:a0:7c:f7:ef:27:
cb:d6:20:62:ac:f5:77:b6:0d:4e:46:02:14:bd:ba:21:63:87:
46:34:4e:d5:6f:d9:9a:96:f5:07:b2:ad:7d:14:4a:31:87:d8:
c4:7b:30:f8:19:b3:96:50:98:9b:12:1b:a1:4e:63:a5:5d:ed:
b2:8d:37:50:7e:68:a3:15:f3:72:32:30:94:ab:ef:06:80:4d:
61:2e:0b:d9:48:44:81:80:92:57:43:b2:b3:10:78:6f:8c:d5:
06:e6:b8:ea:7d:01:e2:85:dd:ec:66:c6:cd:c0:f0:d7:00:86:
be:bb:12:9f:5d:7f:f8:da:84:c9:bc:fd:d7:a7:67:81:b3:5f:
36:c9:90:26:17:85:3a:86:51:6b:08:e7:c8:d9:9e:c4:7f:88:
09:8b:44:0e:d1:2a:4d:df:f4:77:63:b4:83:44:03:cc:7d:80:
33:72:c9:32:8a:a6:38:37:77:5b:1c:7d:75:78:8b:f5:52:9f:
22:8c:a2:e0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURrbwo5AEv2Van5Z6OjwZxsd+dM8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNTA2MDMxNDU5NDRaFw0yNjA2MDIxNTA0NDRaMDMxMTAvBgNV
BAMTKDIyOEJCREI4QkZDQUU5RjQ4MTQ4MDNEQzM5QTA4NDA5MzI1QjhDMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcgNxgUWofGntyC46IPxSuHYJW
1duedSA+OlmSTwJhEZyuEGxce4IQGwl/HJOyPbys6HgRw79woccTVhj4G+8xstI+
aSsHgVIdYANZG/45y3g54juuy8J8lU1YmvSsF0tI0qH+vHDL8ys0FM45R8i2hfkN
wQNUDd5Qzk/JG3iJCzSNwi0c4QA2Q2hYBW3uEU89kc4nZcfpNEe7sJm7qCniwI6g
gwWZYxtJzJ3a10slbQMiJ6H+g/r7MDWGx9uZT/k+wcNepvElkeQuaHYBySOCdDG/
1XmCRlGSYIkWwnY7k6nL4z32X6SPfSL3fPiMc1qQGPjnRdeXBoJiGu4x12ddAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUIou9uL/K6fSBSAPcOaCECTJbjDAwHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzIzMTMyMmUzMTMwMzMyZTM0
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzEzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1GcvMA0GCSqGSIb3DQEBCwUAA4IBAQAYv2s8MyJAHwFIgEbo02wr6ihdLo/qFFPk
3gfIndXQ7QvSjy1dqMJbnTHUAQMlkp8qzrgKRcUpkDu7fEzsoewKQHjioHz37yfL
1iBirPV3tg1ORgIUvbohY4dGNE7Vb9malvUHsq19FEoxh9jEezD4GbOWUJibEhuh
TmOlXe2yjTdQfmijFfNyMjCUq+8GgE1hLgvZSESBgJJXQ7KzEHhvjNUG5rjqfQHi
hd3sZsbNwPDXAIa+uxKfXX/42oTJvP3Xp2eBs182yZAmF4U6hlFrCOfI2Z7Ef4gJ
i0QO0SpN3/R3Y7SDRAPMfYAzcskyiqY4N3dbHH11eIv1Up8ijKLg
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:24:04 2025 by rpki-client