Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/pyfX2Wde-4YhzoDQWRc-_kW4ahs.roa
File: pyfX2Wde-4YhzoDQWRc-_kW4ahs.roa (raw, json)
Hash identifier: DMnr5t8FYa3ZmawzVDuxQN95Av7e1Q0YztBCmOoG1UM=
Subject key identifier: A7:27:D7:D9:67:5E:FB:86:21:CE:80:D0:59:17:3E:FE:45:B8:6A:1B
Certificate issuer: /CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Certificate serial: 01989BF24D581D72310CA64A764BA5C425DB
Authority key identifier: 04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/pyfX2Wde-4YhzoDQWRc-_kW4ahs.roa
Signing time: Tue 12 Aug 2025 01:43:24 +0000
ROA not before: Tue 12 Aug 2025 01:43:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216127
IP address blocks: 212.113.98.0/24 maxlen: 24
212.113.107.0/24 maxlen: 24
212.113.109.0/24 maxlen: 24
212.113.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 07:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9b:f2:4d:58:1d:72:31:0c:a6:4a:76:4b:a5:c4:25:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Validity
Not Before: Aug 12 01:43:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a727d7d9675efb8621ce80d059173efe45b86a1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:82:5b:10:d6:a2:59:79:50:18:db:91:99:2c:
2f:53:e6:2a:48:58:56:6a:39:bc:e8:65:7f:d2:55:
70:36:f2:1a:13:bb:86:91:81:99:99:94:85:88:5a:
02:c6:65:7d:89:06:34:5b:63:75:57:d4:bd:d8:df:
34:2e:ce:91:c8:c7:71:54:2f:15:b7:1f:49:00:9b:
a7:4c:c5:51:b2:d8:7e:4d:d5:46:d6:40:5c:ca:38:
1c:ef:ad:b5:62:37:e0:df:8b:10:b3:94:f1:9a:d5:
12:7b:ca:3b:34:49:14:ac:c4:26:c3:fb:ff:70:3f:
91:af:7b:9a:a4:79:80:ac:5d:03:aa:9d:82:84:a3:
a5:ba:c5:e6:06:4b:83:ce:3b:a0:3a:18:0e:59:61:
0e:86:56:09:c6:5a:b7:51:66:94:d5:79:26:da:ba:
20:b5:60:ad:4a:18:bf:1d:c4:9b:54:52:b5:a9:2f:
d3:d2:b7:c7:04:fb:2d:72:53:7e:a1:3d:1c:86:5c:
ea:b9:9f:0f:ec:7f:72:a3:f6:1d:7e:8a:b9:34:ca:
02:ef:d5:e7:9f:5e:f8:90:2a:d3:f2:c1:97:81:da:
e2:7e:78:ef:74:7f:0f:a0:ab:62:50:6d:2a:3f:ab:
21:4a:70:4e:55:b8:cd:6a:ca:88:60:a9:f5:89:82:
9b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:27:D7:D9:67:5E:FB:86:21:CE:80:D0:59:17:3E:FE:45:B8:6A:1B
X509v3 Authority Key Identifier:
keyid:04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/pyfX2Wde-4YhzoDQWRc-_kW4ahs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.113.98.0/24
212.113.107.0/24
212.113.109.0/24
212.113.112.0/24
Signature Algorithm: sha256WithRSAEncryption
29:58:33:8e:15:81:0a:07:9f:5f:97:0b:17:14:64:30:e0:31:
af:97:97:d3:95:c5:52:6e:9f:f4:8a:d2:ba:3d:a0:23:d3:8d:
e3:f6:63:da:d9:55:a0:50:46:78:e9:d6:22:1c:ed:60:b8:34:
62:38:f0:18:5a:2a:bc:50:25:e8:f9:a2:7f:6b:e8:e4:9a:7e:
3b:3a:eb:5d:d5:00:b0:f8:57:58:64:72:a1:9a:e9:17:ee:9f:
7c:31:3d:a8:1f:02:32:00:34:b2:b4:c6:88:48:95:24:5f:a9:
b3:da:1a:c6:c0:2e:30:c3:a1:c8:52:95:42:5d:12:00:aa:83:
ab:94:d6:e3:e5:11:4b:47:75:a9:39:02:2c:18:64:b4:03:6a:
99:e4:60:f3:a6:cb:cc:96:37:a1:98:3d:0c:7f:05:19:c5:dc:
ba:a6:5a:3e:b8:1d:63:96:2c:3c:92:a4:b0:f9:ef:f8:7c:f6:
70:33:ba:e9:8f:cc:fe:40:b1:88:ec:00:b1:36:b2:3d:80:68:
d4:98:04:20:a0:53:91:10:a7:8d:85:08:38:ce:b4:8f:77:d9:
dc:c2:8f:de:8d:4d:27:f2:de:2f:51:30:aa:52:96:6e:e8:2b:
8f:aa:95:f3:1e:d7:db:2d:75:a3:58:fc:6e:c4:3d:a5:55:e9:
c2:4b:0d:00
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZib8k1YHXIxDKZKdkulxCXbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0Y2JlNWI0NjIzZGFiNDJmMTVhOTA1MDAyZGI3Y2U2MmU4
NTRmMjkwHhcNMjUwODEyMDE0MzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzI3ZDdkOTY3NWVmYjg2MjFjZTgwZDA1OTE3M2VmZTQ1Yjg2YTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYJbENaiWXlQGNuRmSwvU+YqSFhW
ajm86GV/0lVwNvIaE7uGkYGZmZSFiFoCxmV9iQY0W2N1V9S92N80Ls6RyMdxVC8V
tx9JAJunTMVRsth+TdVG1kBcyjgc7621Yjfg34sQs5TxmtUSe8o7NEkUrMQmw/v/
cD+Rr3uapHmArF0Dqp2ChKOlusXmBkuDzjugOhgOWWEOhlYJxlq3UWaU1Xkm2rog
tWCtShi/HcSbVFK1qS/T0rfHBPstclN+oT0chlzquZ8P7H9yo/Ydfoq5NMoC79Xn
n174kCrT8sGXgdrifnjvdH8PoKtiUG0qP6shSnBOVbjNasqIYKn1iYKbQQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKcn19lnXvuGIc6A0FkXPv5FuGobMB8GA1UdIwQY
MBaAFATL5bRiPatC8VqQUALbfOYuhU8pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODct
MDU3ODE3YmE5ZmI3LzEvcHlmWDJXZGUtNFloem9EUVdSYy1fa1c0YWhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODctMDU3ODE3YmE5ZmI3
LzEvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1HFiAwQA
1HFrAwQA1HFtAwQA1HFwMA0GCSqGSIb3DQEBCwUAA4IBAQApWDOOFYEKB59flwsX
FGQw4DGvl5fTlcVSbp/0itK6PaAj043j9mPa2VWgUEZ46dYiHO1guDRiOPAYWiq8
UCXo+aJ/a+jkmn47Outd1QCw+FdYZHKhmukX7p98MT2oHwIyADSytMaISJUkX6mz
2hrGwC4ww6HIUpVCXRIAqoOrlNbj5RFLR3WpOQIsGGS0A2qZ5GDzpsvMljehmD0M
fwUZxdy6plo+uB1jliw8kqSw+e/4fPZwM7rpj8z+QLGI7ACxNrI9gGjUmAQgoFOR
EKeNhQg4zrSPd9ncwo/ejU0n8t4vUTCqUpZu6CuPqpXzHtfbLXWjWPxuxD2lVenC
Sw0A
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:09:33 2025 by rpki-client