Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3231322e3130322e3131342e302f32342d3234203d3e20323132363039.roa
File: 3231322e3130322e3131342e302f32342d3234203d3e20323132363039.roa (raw, json)
Hash identifier: k4QPq18KIVcE3YfXs1geEObswKolsmORhNCPU0jWep8=
Subject key identifier: 8E:B9:B3:5C:B2:05:B7:CC:EB:7B:1B:75:85:FA:AE:0F:4E:FC:D8:E7
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 605A58BEEA81134A558B2EF387140A03ACB79430
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3231322e3130322e3131342e302f32342d3234203d3e20323132363039.roa
Signing time: Tue 27 May 2025 06:54:08 +0000
ROA not before: Tue 27 May 2025 06:49:08 +0000
ROA not after: Tue 26 May 2026 06:54:08 +0000
asID: 212609
IP address blocks: 212.102.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.mft
rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 01:50:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:5a:58:be:ea:81:13:4a:55:8b:2e:f3:87:14:0a:03:ac:b7:94:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: May 27 06:49:08 2025 GMT
Not After : May 26 06:54:08 2026 GMT
Subject: CN=8EB9B35CB205B7CCEB7B1B7585FAAE0F4EFCD8E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:13:6c:62:df:35:54:96:67:87:cd:b2:28:75:
e8:66:52:af:f0:8e:ff:fb:62:60:7c:82:50:c8:4b:
ad:b4:ac:5e:7d:20:a2:fd:35:95:04:25:f4:c2:6b:
27:a1:a7:fb:14:0d:1b:57:f6:df:e3:3f:7b:66:36:
96:78:19:7f:3a:b6:00:a3:9c:b8:10:ff:dc:1a:d1:
1e:79:82:5d:e2:15:a5:4b:ba:48:e2:34:00:66:c9:
26:51:6c:e0:76:74:1f:47:98:dd:48:9e:2d:51:45:
53:39:e4:26:68:5d:70:ad:bd:f8:2e:df:61:eb:ec:
49:19:59:dc:80:65:c9:1c:ef:a0:89:64:94:09:02:
10:63:25:5e:ad:9f:22:df:05:95:b6:5d:72:04:ac:
54:c7:bc:88:4b:af:8b:d0:af:bc:da:52:de:24:52:
8a:b1:8c:b6:46:4d:2b:2f:e3:50:a5:2d:ba:64:bd:
58:1f:7f:bc:26:85:18:ce:0d:3c:9e:2d:79:77:90:
2b:dc:e3:bc:da:fb:9e:f6:0c:fb:ce:e6:25:01:11:
97:38:6a:4a:36:b8:89:02:8e:4d:d6:06:83:03:d6:
c4:65:40:76:20:67:6a:f6:8d:1b:88:fe:62:2e:74:
17:42:7e:f9:2c:a5:b5:24:db:a8:7f:ce:fc:9c:4c:
64:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:B9:B3:5C:B2:05:B7:CC:EB:7B:1B:75:85:FA:AE:0F:4E:FC:D8:E7
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3231322e3130322e3131342e302f32342d3234203d3e20323132363039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.102.114.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:5c:86:04:47:81:93:6a:29:42:af:ef:7e:f3:9f:e2:98:1d:
2f:eb:ed:d9:6a:16:e3:dd:b5:02:2e:0c:f8:ad:da:2e:54:59:
24:d6:98:24:9d:19:a2:54:46:b5:16:a8:17:9b:67:e8:1c:2e:
71:4e:2f:d1:53:03:b5:bb:4b:e5:de:93:95:80:b1:70:04:46:
7f:69:d5:04:99:db:2b:23:06:54:16:69:66:41:da:40:c4:40:
73:d3:65:cb:6b:d2:06:88:40:75:bc:27:02:ff:52:e3:f8:42:
38:a2:7d:28:8b:04:99:c2:59:07:ed:ba:71:5b:6a:d2:1b:15:
24:82:5f:a8:07:de:f4:51:65:54:97:71:a6:44:9c:e9:db:bf:
be:dc:e0:9b:4f:27:43:ba:d9:47:40:6f:4b:38:ff:2c:2d:fd:
9d:10:32:03:a2:1b:9b:04:82:48:cb:d0:e6:eb:b1:95:05:87:
59:97:9e:e4:73:00:c4:ca:c3:26:01:b7:f7:d2:2d:74:d0:da:
35:d5:5f:f5:f2:aa:b4:16:73:12:d5:05:6f:ef:69:41:f4:30:
41:31:bb:64:92:bf:6e:5b:74:00:fb:29:e3:7e:53:6d:40:d8:
43:84:c4:ce:8c:f6:a7:ef:f9:37:e3:a5:50:f7:a2:22:74:8d:
d1:d5:b7:8f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUYFpYvuqBE0pViy7zhxQKA6y3lDAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNTA1MjcwNjQ5MDhaFw0yNjA1MjYwNjU0MDhaMDMxMTAvBgNV
BAMTKDhFQjlCMzVDQjIwNUI3Q0NFQjdCMUI3NTg1RkFBRTBGNEVGQ0Q4RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPE2xi3zVUlmeHzbIodehmUq/w
jv/7YmB8glDIS620rF59IKL9NZUEJfTCayehp/sUDRtX9t/jP3tmNpZ4GX86tgCj
nLgQ/9wa0R55gl3iFaVLukjiNABmySZRbOB2dB9HmN1Ini1RRVM55CZoXXCtvfgu
32Hr7EkZWdyAZckc76CJZJQJAhBjJV6tnyLfBZW2XXIErFTHvIhLr4vQr7zaUt4k
UoqxjLZGTSsv41ClLbpkvVgff7wmhRjODTyeLXl3kCvc47za+572DPvO5iUBEZc4
ako2uIkCjk3WBoMD1sRlQHYgZ2r2jRuI/mIudBdCfvkspbUk26h/zvycTGRPAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUjrmzXLIFt8zrext1hfquD0782OcwHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzIzMTMyMmUzMTMwMzIyZTMx
MzEzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjM2MzAzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANRmcjANBgkqhkiG9w0BAQsFAAOCAQEAmlyGBEeBk2opQq/vfvOf4pgdL+vt
2WoW4921Ai4M+K3aLlRZJNaYJJ0ZolRGtRaoF5tn6BwucU4v0VMDtbtL5d6TlYCx
cARGf2nVBJnbKyMGVBZpZkHaQMRAc9Nly2vSBohAdbwnAv9S4/hCOKJ9KIsEmcJZ
B+26cVtq0hsVJIJfqAfe9FFlVJdxpkSc6du/vtzgm08nQ7rZR0BvSzj/LC39nRAy
A6IbmwSCSMvQ5uuxlQWHWZee5HMAxMrDJgG399ItdNDaNdVf9fKqtBZzEtUFb+9p
QfQwQTG7ZJK/blt0APsp435TbUDYQ4TEzoz2p+/5N+OlUPeiInSN0dW3jw==
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:15:59 2025 by rpki-client