Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3231322e3130322e3131342e302f32342d3234203d3e20323132363039.roa
File: 3231322e3130322e3131342e302f32342d3234203d3e20323132363039.roa (raw, json)
Hash identifier: WTJQYj4kO8Tl738Oa1dFz0b2fCNqs4KUQg06eTa2Ut4=
Subject key identifier: E3:E5:95:77:F8:93:A0:5D:18:A5:19:A1:99:0F:F3:E6:8F:F3:B1:7D
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 114CAA7E3F16C4633E770558FD82EDF9E6A2A541
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3231322e3130322e3131342e302f32342d3234203d3e20323132363039.roa
Signing time: Tue 28 Apr 2026 07:47:06 +0000
ROA not before: Tue 28 Apr 2026 07:42:06 +0000
ROA not after: Tue 27 Apr 2027 07:47:06 +0000
asID: 212609
IP address blocks: 212.102.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.mft
rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 02:37:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:4c:aa:7e:3f:16:c4:63:3e:77:05:58:fd:82:ed:f9:e6:a2:a5:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Apr 28 07:42:06 2026 GMT
Not After : Apr 27 07:47:06 2027 GMT
Subject: CN=E3E59577F893A05D18A519A1990FF3E68FF3B17D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:b0:68:85:bd:3d:a6:c8:07:e9:ae:72:bc:7e:
f5:72:cc:78:5b:f0:a7:6e:c3:24:c5:c2:19:9c:d5:
38:33:aa:03:9a:e3:d5:d8:c4:5c:fd:de:11:42:c8:
ee:9a:d8:92:2f:ce:13:90:a6:c5:47:c1:21:0a:d4:
35:66:cc:52:7e:c6:7f:97:52:77:c0:8a:1a:49:30:
a4:a9:88:50:d4:b9:17:bc:d6:a1:59:0c:1e:f8:07:
d1:96:a2:a3:1a:6b:73:66:13:e7:05:c6:78:b6:71:
0d:8c:99:21:d0:b8:27:91:ef:0e:16:a2:99:ee:79:
6d:2a:9d:f2:f5:6c:82:aa:59:91:29:78:fa:84:51:
a5:c4:5f:f4:95:68:f3:92:99:6c:5f:08:c4:5d:84:
e5:e3:c4:7f:9f:6c:38:2f:3a:31:fd:5b:34:b1:91:
9e:0f:80:ce:d3:ba:34:31:ca:29:a5:3a:c3:81:b1:
6c:b0:b0:8e:49:93:2f:be:bc:0c:2d:0d:fa:25:96:
4c:3c:80:fa:f3:10:8c:84:6b:8b:37:27:de:81:e7:
de:3f:de:f2:db:31:04:b4:c9:5b:5b:8d:44:71:24:
96:2d:76:1a:66:f2:e7:73:bf:ea:5c:a6:3c:53:58:
80:70:71:bd:34:9e:33:c7:19:db:d4:c7:4f:e3:62:
07:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E5:95:77:F8:93:A0:5D:18:A5:19:A1:99:0F:F3:E6:8F:F3:B1:7D
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3231322e3130322e3131342e302f32342d3234203d3e20323132363039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.102.114.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:31:9b:9c:46:81:2f:57:38:d8:91:1b:52:a7:47:ec:2e:74:
9d:3e:22:37:a5:82:c4:03:0e:7e:07:8e:c6:c9:0b:e8:2c:f4:
f0:61:03:18:b1:1a:47:58:4c:c2:10:f2:f8:e9:8a:99:7f:e6:
72:72:e1:8e:8f:db:a4:0b:22:ff:63:25:d4:47:59:81:97:eb:
85:bc:a8:dd:8c:c7:27:50:b3:fa:ac:4a:28:c3:0c:a0:f5:14:
9d:84:ce:6d:6e:9b:1b:5a:2e:15:d8:6a:75:4f:05:60:dc:5a:
b4:d7:8f:ab:db:65:70:87:3f:b2:0a:01:4a:9f:d2:55:8f:5b:
aa:34:23:27:3f:48:e2:c1:84:5f:bf:22:fe:76:56:2c:45:da:
ac:87:13:a1:18:d4:b1:5e:9a:a9:2e:b2:b9:3f:88:53:7a:38:
e1:da:d7:84:dd:d3:fa:37:e9:bd:a0:fd:c5:42:61:28:74:5b:
09:cf:4c:26:b9:4d:47:a1:4c:5d:21:20:f6:8e:55:9e:ca:cf:
02:72:eb:b9:46:ac:7e:31:bd:cf:19:12:17:00:84:f8:24:ae:
29:09:1a:36:ed:9c:45:0e:14:bf:a1:4a:cf:68:1a:86:c2:22:
75:3f:51:09:93:88:5d:c1:5d:9d:d3:98:6f:29:64:d5:e5:1b:
c6:c2:26:95
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUEUyqfj8WxGM+dwVY/YLt+eaipUEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNjA0MjgwNzQyMDZaFw0yNzA0MjcwNzQ3MDZaMDMxMTAvBgNV
BAMTKEUzRTU5NTc3Rjg5M0EwNUQxOEE1MTlBMTk5MEZGM0U2OEZGM0IxN0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDksGiFvT2myAfprnK8fvVyzHhb
8KduwyTFwhmc1TgzqgOa49XYxFz93hFCyO6a2JIvzhOQpsVHwSEK1DVmzFJ+xn+X
UnfAihpJMKSpiFDUuRe81qFZDB74B9GWoqMaa3NmE+cFxni2cQ2MmSHQuCeR7w4W
opnueW0qnfL1bIKqWZEpePqEUaXEX/SVaPOSmWxfCMRdhOXjxH+fbDgvOjH9WzSx
kZ4PgM7TujQxyimlOsOBsWywsI5Jky++vAwtDfollkw8gPrzEIyEa4s3J96B594/
3vLbMQS0yVtbjURxJJYtdhpm8udzv+pcpjxTWIBwcb00njPHGdvUx0/jYgcRAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU4+WVd/iToF0YpRmhmQ/z5o/zsX0wHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzIzMTMyMmUzMTMwMzIyZTMx
MzEzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjM2MzAzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANRmcjANBgkqhkiG9w0BAQsFAAOCAQEAjTGbnEaBL1c42JEbUqdH7C50nT4i
N6WCxAMOfgeOxskL6Cz08GEDGLEaR1hMwhDy+OmKmX/mcnLhjo/bpAsi/2Ml1EdZ
gZfrhbyo3YzHJ1Cz+qxKKMMMoPUUnYTObW6bG1ouFdhqdU8FYNxatNePq9tlcIc/
sgoBSp/SVY9bqjQjJz9I4sGEX78i/nZWLEXarIcToRjUsV6aqS6yuT+IU3o44drX
hN3T+jfpvaD9xUJhKHRbCc9MJrlNR6FMXSEg9o5VnsrPAnLruUasfjG9zxkSFwCE
+CSuKQkaNu2cRQ4Uv6FKz2gahsIidT9RCZOIXcFdndOYbylk1eUbxsImlQ==
-----END CERTIFICATE-----
Generated at Wed May 13 12:07:59 2026 by rpki-client