Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3231322e3130332e34372e302f32342d3234203d3e20383334.roa
File: 3231322e3130332e34372e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 7EFeqqtN+B2ApgmMDDuqP2FR80lZRbeYex9btxUFGEc=
Subject key identifier: 4D:C4:36:67:FF:09:89:F5:3C:DF:D0:26:5D:D4:E8:F6:3B:9B:83:AC
Certificate issuer: /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial: 1056BA531C501174E498481F85D6491EB1E36FEA
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3231322e3130332e34372e302f32342d3234203d3e20383334.roa
Signing time: Fri 26 Sep 2025 03:06:27 +0000
ROA not before: Fri 26 Sep 2025 03:01:27 +0000
ROA not after: Fri 25 Sep 2026 03:06:27 +0000
asID: 834
IP address blocks: 212.103.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.mft
rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:38:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:56:ba:53:1c:50:11:74:e4:98:48:1f:85:d6:49:1e:b1:e3:6f:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Validity
Not Before: Sep 26 03:01:27 2025 GMT
Not After : Sep 25 03:06:27 2026 GMT
Subject: CN=4DC43667FF0989F53CDFD0265DD4E8F63B9B83AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a0:e3:d4:f4:84:66:0d:d6:00:d7:bb:06:fe:
e2:58:4c:c4:5f:31:cd:d9:bb:36:68:6b:d2:ef:1b:
c9:cf:c4:bc:10:a5:64:53:34:75:cc:ff:17:6c:25:
b8:0a:8a:bc:e8:2e:05:ab:4e:66:33:d9:23:d5:7d:
e8:ff:e9:c2:9e:e1:2d:de:3c:90:5c:2e:ef:2c:6a:
75:e9:d1:5e:70:39:2d:57:d2:95:dd:ca:00:32:cf:
0e:33:e8:aa:08:0f:c2:4b:21:d2:7b:c3:c8:7e:0e:
19:f7:d0:ee:15:55:04:0f:d6:f8:48:72:df:1f:17:
86:ba:1e:7b:5a:76:4a:d2:6a:89:82:6c:42:14:c5:
bf:18:3a:2c:27:50:13:68:c2:3a:10:17:40:0d:ee:
28:ba:c1:4d:01:b4:58:e6:b5:8f:ae:50:b0:6e:aa:
52:23:b5:09:18:d7:aa:5b:e8:73:6b:e2:a6:29:47:
bd:b9:c9:78:68:14:ec:f2:59:b8:37:68:52:2c:c8:
47:02:c7:57:30:b6:57:7b:09:43:bf:0e:b2:d3:56:
61:38:0d:49:c4:9b:d9:7a:c3:66:ea:a5:f3:2d:5a:
ea:82:87:0a:9b:96:ab:70:ec:5e:97:b7:3d:9a:3d:
7e:a6:c1:10:c7:80:6e:1f:4f:d5:53:2a:d3:8d:ae:
ff:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C4:36:67:FF:09:89:F5:3C:DF:D0:26:5D:D4:E8:F6:3B:9B:83:AC
X509v3 Authority Key Identifier:
keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3231322e3130332e34372e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.103.47.0/24
Signature Algorithm: sha256WithRSAEncryption
84:69:4a:04:ac:6b:1a:51:d3:9f:bd:c0:50:eb:b6:bd:d3:e9:
a6:85:53:22:f2:ef:cf:06:f1:90:a7:5a:73:e7:1f:81:db:d8:
b6:9e:0f:52:c4:86:1a:8c:73:8b:ec:9d:d4:c4:ca:a2:67:a7:
04:08:37:47:3e:4c:b8:d7:aa:bc:45:80:e7:47:be:dd:7e:2d:
46:18:2c:d0:60:fe:7b:63:23:3e:46:cc:92:a8:f9:4f:6d:6a:
59:12:6d:86:83:b4:f5:c6:99:28:d1:7e:fd:6b:eb:56:42:76:
b4:e0:eb:57:68:bb:58:24:30:83:df:d0:04:55:cd:02:31:98:
f6:67:72:69:48:40:70:12:0f:46:93:ad:e9:2a:65:e5:c5:2f:
72:f1:de:89:e0:ce:a4:e4:ad:17:c1:aa:7a:64:b9:aa:5f:f3:
25:06:18:e3:4c:5e:82:e5:c6:22:ca:5f:d7:5a:d2:0d:51:a5:
94:09:64:94:81:da:eb:13:36:05:22:f3:3c:f7:cd:e1:5d:6e:
c5:90:6f:93:76:62:ba:4f:b2:89:90:26:aa:73:f6:19:e8:d8:
d3:01:38:3d:58:92:80:ce:15:88:98:8f:05:0d:00:a4:6d:86:
66:bb:f2:9d:90:1c:e6:5b:d5:52:e6:e4:f2:86:c8:ac:0a:87:
d6:f9:01:14
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUEFa6UxxQEXTkmEgfhdZJHrHjb+owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNTA5MjYwMzAxMjdaFw0yNjA5MjUwMzA2MjdaMDMxMTAvBgNV
BAMTKDREQzQzNjY3RkYwOTg5RjUzQ0RGRDAyNjVERDRFOEY2M0I5QjgzQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeoOPU9IRmDdYA17sG/uJYTMRf
Mc3ZuzZoa9LvG8nPxLwQpWRTNHXM/xdsJbgKirzoLgWrTmYz2SPVfej/6cKe4S3e
PJBcLu8sanXp0V5wOS1X0pXdygAyzw4z6KoID8JLIdJ7w8h+Dhn30O4VVQQP1vhI
ct8fF4a6HntadkrSaomCbEIUxb8YOiwnUBNowjoQF0AN7ii6wU0BtFjmtY+uULBu
qlIjtQkY16pb6HNr4qYpR725yXhoFOzyWbg3aFIsyEcCx1cwtld7CUO/DrLTVmE4
DUnEm9l6w2bqpfMtWuqChwqblqtw7F6Xtz2aPX6mwRDHgG4fT9VTKtONrv8HAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUTcQ2Z/8JifU839AmXdTo9jubg6wwHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzIzMTMyMmUzMTMwMzMyZTM0
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADUZy8w
DQYJKoZIhvcNAQELBQADggEBAIRpSgSsaxpR05+9wFDrtr3T6aaFUyLy788G8ZCn
WnPnH4Hb2LaeD1LEhhqMc4vsndTEyqJnpwQIN0c+TLjXqrxFgOdHvt1+LUYYLNBg
/ntjIz5GzJKo+U9talkSbYaDtPXGmSjRfv1r61ZCdrTg61dou1gkMIPf0ARVzQIx
mPZncmlIQHASD0aTrekqZeXFL3Lx3ongzqTkrRfBqnpkuapf8yUGGONMXoLlxiLK
X9da0g1RpZQJZJSB2usTNgUi8zz3zeFdbsWQb5N2YrpPsomQJqpz9hno2NMBOD1Y
koDOFYiYjwUNAKRthma78p2QHOZb1VLm5PKGyKwKh9b5ARQ=
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:44:48 2025 by rpki-client