Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/10d5b2-85e3-49ed-bdc1-8069c46771cc/1/Ad9fi9qlun6YM_gFezIokOCQkLs.roa
File: Ad9fi9qlun6YM_gFezIokOCQkLs.roa (raw, json)
Hash identifier: S4qKDAh1WyrdkcGPs8CGFXh64ebt7vNp8v8VXZtyJ2o=
Subject key identifier: 01:DF:5F:8B:DA:A5:BA:7E:98:33:F8:05:7B:32:28:90:E0:90:90:BB
Certificate issuer: /CN=ba23b07a3c0ac9e333f52e8b5d41a768a3d39025
Certificate serial: 0198567C4F6AD09C575D457B9E491E76B089
Authority key identifier: BA:23:B0:7A:3C:0A:C9:E3:33:F5:2E:8B:5D:41:A7:68:A3:D3:90:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uiOwejwKyeMz9S6LXUGnaKPTkCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/10d5b2-85e3-49ed-bdc1-8069c46771cc/1/Ad9fi9qlun6YM_gFezIokOCQkLs.roa
Signing time: Tue 29 Jul 2025 14:00:43 +0000
ROA not before: Tue 29 Jul 2025 14:00:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215593
IP address blocks: 212.108.124.0/24 maxlen: 24
2a0e:8340::/48 maxlen: 48
2a0e:8340:1::/48 maxlen: 48
2a0e:8340:2::/48 maxlen: 48
2a0e:8340:3::/48 maxlen: 48
2a0e:8340:4::/48 maxlen: 48
2a0e:8341::/32 maxlen: 32
2a0e:8342::/32 maxlen: 32
2a0e:8343::/32 maxlen: 32
2a0e:8344::/32 maxlen: 32
2a0e:8345::/32 maxlen: 32
2a0e:8346::/32 maxlen: 32
2a0e:8347::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/10d5b2-85e3-49ed-bdc1-8069c46771cc/1/uiOwejwKyeMz9S6LXUGnaKPTkCU.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/10d5b2-85e3-49ed-bdc1-8069c46771cc/1/uiOwejwKyeMz9S6LXUGnaKPTkCU.mft
rsync://rpki.ripe.net/repository/DEFAULT/uiOwejwKyeMz9S6LXUGnaKPTkCU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 08:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:56:7c:4f:6a:d0:9c:57:5d:45:7b:9e:49:1e:76:b0:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba23b07a3c0ac9e333f52e8b5d41a768a3d39025
Validity
Not Before: Jul 29 14:00:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01df5f8bdaa5ba7e9833f8057b322890e09090bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:92:7e:9e:13:d6:ad:a4:32:09:ae:b6:e8:7d:
ef:38:11:92:12:bb:0f:bb:b2:eb:da:ba:ac:ee:a8:
ff:32:8b:05:80:fa:04:d4:f2:9a:58:f8:61:53:c8:
c1:81:28:08:5c:44:9e:d8:51:c3:2b:d8:58:42:cf:
b3:8b:0e:db:9b:1e:85:5f:84:5d:80:10:22:12:04:
22:fd:69:c5:2a:9f:c8:09:ed:25:77:99:28:1f:fc:
b5:77:e7:43:fb:fc:e2:da:c7:f8:bb:d9:6d:73:88:
0e:49:9b:80:0d:9f:7a:e4:0a:cb:29:0d:74:32:a7:
b7:9d:46:1c:1c:78:2f:67:17:6f:2c:e5:4a:7c:f6:
88:e9:a1:d1:ff:fe:d7:36:bb:30:22:45:8c:30:0c:
2c:cd:aa:ed:c3:f8:09:70:5e:73:fc:6c:a6:e1:7a:
3c:6a:cb:9c:36:b3:a4:58:5f:3d:ae:fb:43:29:11:
4a:83:cc:53:7b:c1:f0:16:c4:0f:d9:bd:d9:e5:97:
31:70:69:f4:91:39:ea:91:29:d8:ee:f2:9c:f9:40:
5b:73:fc:20:0a:16:ef:b9:03:03:9d:5f:53:48:bc:
40:cd:5d:54:51:54:33:09:96:8a:a8:26:db:56:39:
01:40:07:9c:d2:26:f9:78:1c:4e:bd:7d:7c:7d:2a:
11:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:DF:5F:8B:DA:A5:BA:7E:98:33:F8:05:7B:32:28:90:E0:90:90:BB
X509v3 Authority Key Identifier:
keyid:BA:23:B0:7A:3C:0A:C9:E3:33:F5:2E:8B:5D:41:A7:68:A3:D3:90:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uiOwejwKyeMz9S6LXUGnaKPTkCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/10d5b2-85e3-49ed-bdc1-8069c46771cc/1/Ad9fi9qlun6YM_gFezIokOCQkLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/10d5b2-85e3-49ed-bdc1-8069c46771cc/1/uiOwejwKyeMz9S6LXUGnaKPTkCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.108.124.0/24
IPv6:
2a0e:8340::-2a0e:8340:4:ffff:ffff:ffff:ffff:ffff
2a0e:8341::-2a0e:8347:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9f:9a:2c:89:72:91:16:77:e3:91:c2:18:c4:94:fe:69:f0:60:
dd:1a:5d:f0:fd:bc:19:3c:80:9a:c7:5f:d8:02:b4:22:91:1f:
26:30:35:6d:11:3d:93:b3:17:b9:f2:85:8c:55:38:42:a2:a8:
e1:31:ff:03:84:1b:df:89:7c:8e:e9:29:b3:88:c7:49:40:de:
03:e6:85:5f:62:63:66:1a:c1:bf:72:e1:ee:1e:ea:e8:05:b4:
b4:b5:c0:fd:ac:4d:02:7a:33:45:20:71:28:46:69:c6:07:41:
01:da:43:1f:6f:79:fd:f4:9c:fe:b7:5b:7c:e4:7b:ed:d9:e1:
38:e4:12:a5:f0:37:03:00:f1:27:b8:9f:52:96:f6:dc:f6:2a:
b4:e8:f5:48:77:94:0e:e7:f4:ce:f4:29:60:88:18:3a:4e:f3:
45:17:cb:ef:70:c9:ac:e2:b1:38:df:f3:ec:7d:6b:b1:a8:f6:
bf:9f:e8:2e:f4:6c:d2:d5:cf:0c:77:d8:b7:cc:b8:92:c1:05:
51:bd:16:7c:d9:19:96:26:40:0c:c2:1a:d7:59:b5:37:93:14:
57:a1:84:f0:cd:9d:3f:9b:42:32:cc:03:92:1c:19:db:4b:28:
83:f2:9c:0d:57:dd:84:ce:7b:a9:a7:b0:b2:19:b4:0b:66:ec:
5d:bc:55:71
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZhWfE9q0JxXXUV7nkkedrCJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMjNiMDdhM2MwYWM5ZTMzM2Y1MmU4YjVkNDFhNzY4YTNk
MzkwMjUwHhcNMjUwNzI5MTQwMDQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWRmNWY4YmRhYTViYTdlOTgzM2Y4MDU3YjMyMjg5MGUwOTA5MGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5J+nhPWraQyCa626H3vOBGSErsP
u7Lr2rqs7qj/MosFgPoE1PKaWPhhU8jBgSgIXESe2FHDK9hYQs+ziw7bmx6FX4Rd
gBAiEgQi/WnFKp/ICe0ld5koH/y1d+dD+/zi2sf4u9ltc4gOSZuADZ965ArLKQ10
Mqe3nUYcHHgvZxdvLOVKfPaI6aHR//7XNrswIkWMMAwszartw/gJcF5z/Gym4Xo8
asucNrOkWF89rvtDKRFKg8xTe8HwFsQP2b3Z5ZcxcGn0kTnqkSnY7vKc+UBbc/wg
ChbvuQMDnV9TSLxAzV1UUVQzCZaKqCbbVjkBQAec0ib5eBxOvX18fSoRowIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAHfX4vapbp+mDP4BXsyKJDgkJC7MB8GA1UdIwQY
MBaAFLojsHo8CsnjM/Uui11Bp2ij05AlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWlPd2Vqd0t5ZU16OVM2TFhVR25hS1BUa0NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8xMGQ1YjItODVlMy00OWVkLWJkYzEt
ODA2OWM0Njc3MWNjLzEvQWQ5Zmk5cWx1bjZZTV9nRmV6SW9rT0NRa0xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8xMGQ1YjItODVlMy00OWVkLWJkYzEtODA2OWM0Njc3MWNj
LzEvdWlPd2Vqd0t5ZU16OVM2TFhVR25hS1BUa0NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAMBAIAATAGAwQA1Gx8MCgE
AgACMCIwEAMFBioOg0ADBwAqDoNAAAQwDgMFACoOg0EDBQMqDoNAMA0GCSqGSIb3
DQEBCwUAA4IBAQCfmiyJcpEWd+ORwhjElP5p8GDdGl3w/bwZPICax1/YArQikR8m
MDVtET2Tsxe58oWMVThCoqjhMf8DhBvfiXyO6SmziMdJQN4D5oVfYmNmGsG/cuHu
HuroBbS0tcD9rE0CejNFIHEoRmnGB0EB2kMfb3n99Jz+t1t85Hvt2eE45BKl8DcD
APEnuJ9Slvbc9iq06PVId5QO5/TO9ClgiBg6TvNFF8vvcMms4rE43/PsfWuxqPa/
n+gu9GzS1c8Md9i3zLiSwQVRvRZ82RmWJkAMwhrXWbU3kxRXoYTwzZ0/m0IyzAOS
HBnbSyiD8pwNV92Eznupp7CyGbQLZuxdvFVx
-----END CERTIFICATE-----
Generated at Wed Aug 6 13:09:30 2025 by rpki-client