Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/ndKmZul4TmrLysbdAHv2TdPx3YI.roa
File: ndKmZul4TmrLysbdAHv2TdPx3YI.roa (raw, json)
Hash identifier: MA6ve6ns46O8nAHaLW/ESCUujJDx6mhMBRqi1sXugZw=
Subject key identifier: 9D:D2:A6:66:E9:78:4E:6A:CB:CA:C6:DD:00:7B:F6:4D:D3:F1:DD:82
Certificate issuer: /CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Certificate serial: 019754223C8B734D4F5317B030F0AEED5C7B
Authority key identifier: BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/ndKmZul4TmrLysbdAHv2TdPx3YI.roa
Signing time: Mon 09 Jun 2025 10:00:19 +0000
ROA not before: Mon 09 Jun 2025 10:00:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28716
IP address blocks: 212.104.0.0/24 maxlen: 24
212.104.2.0/23 maxlen: 24
212.104.4.0/22 maxlen: 24
212.104.8.0/23 maxlen: 24
212.104.11.0/24 maxlen: 24
212.104.12.0/23 maxlen: 24
212.104.15.0/24 maxlen: 24
212.104.16.0/20 maxlen: 24
212.104.32.0/21 maxlen: 24
212.104.40.0/23 maxlen: 24
212.104.42.0/24 maxlen: 24
212.104.44.0/22 maxlen: 24
212.104.48.0/21 maxlen: 24
212.104.56.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/vIo7xH0TyD99HPcqE34AZvg9Bgg.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/vIo7xH0TyD99HPcqE34AZvg9Bgg.mft
rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:54:22:3c:8b:73:4d:4f:53:17:b0:30:f0:ae:ed:5c:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Validity
Not Before: Jun 9 10:00:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dd2a666e9784e6acbcac6dd007bf64dd3f1dd82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:c5:e5:30:24:40:52:95:d8:5e:6f:c7:e8:dc:
a2:e1:f4:99:25:31:8c:4f:02:50:4d:55:97:7c:1a:
95:41:2b:39:a6:3a:e9:07:7e:3e:d8:6c:87:8d:10:
96:8e:f9:f1:9d:01:c7:eb:14:ff:2c:18:2b:32:58:
38:1b:1a:93:db:87:33:70:9d:41:54:84:0a:83:fb:
d0:91:f4:33:66:97:92:a7:3b:c9:26:d6:71:34:b9:
99:24:3a:74:e3:22:74:05:a4:2b:5b:b1:db:7b:1e:
a5:05:fd:b4:01:e5:a3:55:b2:96:dd:11:0e:68:23:
77:ec:b2:0b:97:94:5e:47:4d:70:9f:31:26:60:38:
4e:3f:0d:ee:10:c7:26:a9:eb:84:84:eb:03:46:c4:
53:d7:7d:00:7c:da:6d:0d:91:c8:3f:ee:e2:97:6b:
c4:23:01:34:03:0d:4f:df:e2:7c:a6:36:50:cf:89:
01:03:81:b3:96:43:39:2e:98:71:d1:f6:22:a3:54:
a4:d6:92:dd:25:62:53:2f:61:8d:3c:20:cb:44:32:
20:a9:51:06:55:74:d8:76:23:51:15:9c:ea:57:25:
fe:01:d8:b2:a5:46:5b:9a:cc:6c:a1:12:8e:1d:ef:
12:f2:0e:f9:a7:03:92:8d:03:66:3d:1c:bd:85:ad:
79:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D2:A6:66:E9:78:4E:6A:CB:CA:C6:DD:00:7B:F6:4D:D3:F1:DD:82
X509v3 Authority Key Identifier:
keyid:BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/ndKmZul4TmrLysbdAHv2TdPx3YI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/vIo7xH0TyD99HPcqE34AZvg9Bgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.104.0.0/24
212.104.2.0-212.104.9.255
212.104.11.0-212.104.13.255
212.104.15.0-212.104.42.255
212.104.44.0-212.104.63.255
Signature Algorithm: sha256WithRSAEncryption
08:9e:52:19:1e:c6:20:25:99:73:f4:56:e6:87:fc:13:42:c5:
3c:4d:5f:04:ca:f8:f3:c5:af:da:f8:83:2a:61:b5:3f:50:58:
d4:89:bf:1a:0b:0b:1c:ab:8a:d9:d3:c8:d8:89:07:c9:0b:db:
36:38:ac:e8:7d:a1:ff:24:f5:b7:b6:23:a7:ad:d5:d5:79:39:
5e:43:66:fc:ce:37:bb:30:56:4c:0b:6d:3a:e3:a4:8e:20:ca:
a0:ca:03:95:64:07:a4:18:eb:e0:5d:0a:40:59:cf:c0:56:bd:
ea:33:6d:ca:80:a9:e6:c9:35:99:c6:da:26:9e:e2:f0:92:a9:
18:3a:49:ef:27:91:15:c8:16:13:2d:31:fc:5c:e0:ef:fe:49:
8a:1a:bf:e6:3a:87:fe:b7:2e:14:e0:5a:69:f1:d1:2f:bc:f0:
d5:4e:3f:e4:a0:b6:44:80:3c:1e:b1:49:fc:34:48:f1:b1:ae:
cb:01:05:fa:73:be:63:3f:69:3b:e3:31:5d:f1:b3:45:39:b8:
1e:ec:8c:c5:f7:26:1d:d6:c7:16:11:21:e8:d9:30:ef:b4:c6:
64:11:d8:fd:c6:63:ee:4c:d9:56:57:af:d0:4c:c8:f7:f6:e0:
e6:44:7b:e1:45:f8:0e:1a:d3:c1:28:b6:b9:24:c5:8b:e1:e3:
a8:6d:b8:3f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZdUIjyLc01PUxewMPCu7Vx7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOGEzYmM0N2QxM2M4M2Y3ZDFjZjcyYTEzN2UwMDY2Zjgz
ZDA2MDgwHhcNMjUwNjA5MTAwMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGQyYTY2NmU5Nzg0ZTZhY2JjYWM2ZGQwMDdiZjY0ZGQzZjFkZDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9cXlMCRAUpXYXm/H6Nyi4fSZJTGM
TwJQTVWXfBqVQSs5pjrpB34+2GyHjRCWjvnxnQHH6xT/LBgrMlg4GxqT24czcJ1B
VIQKg/vQkfQzZpeSpzvJJtZxNLmZJDp04yJ0BaQrW7Hbex6lBf20AeWjVbKW3REO
aCN37LILl5ReR01wnzEmYDhOPw3uEMcmqeuEhOsDRsRT130AfNptDZHIP+7il2vE
IwE0Aw1P3+J8pjZQz4kBA4GzlkM5Lphx0fYio1Sk1pLdJWJTL2GNPCDLRDIgqVEG
VXTYdiNRFZzqVyX+AdiypUZbmsxsoRKOHe8S8g75pwOSjQNmPRy9ha15XQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFJ3SpmbpeE5qy8rG3QB79k3T8d2CMB8GA1UdIwQY
MBaAFLyKO8R9E8g/fRz3KhN+AGb4PQYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjIt
NzExM2ZjMWI4NjViLzEvbmRLbVp1bDRUbXJMeXNiZEFIdjJUZFB4M1lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjItNzExM2ZjMWI4NjVi
LzEvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQA1GgAMAwD
BAHUaAIDBAHUaAgwDAMEANRoCwMEAdRoDDAMAwQA1GgPAwQA1GgqMAwDBALUaCwD
BAbUaAAwDQYJKoZIhvcNAQELBQADggEBAAieUhkexiAlmXP0VuaH/BNCxTxNXwTK
+PPFr9r4gyphtT9QWNSJvxoLCxyritnTyNiJB8kL2zY4rOh9of8k9be2I6et1dV5
OV5DZvzON7swVkwLbTrjpI4gyqDKA5VkB6QY6+BdCkBZz8BWveozbcqAqebJNZnG
2iae4vCSqRg6Se8nkRXIFhMtMfxc4O/+SYoav+Y6h/63LhTgWmnx0S+88NVOP+Sg
tkSAPB6xSfw0SPGxrssBBfpzvmM/aTvjMV3xs0U5uB7sjMX3Jh3WxxYRIejZMO+0
xmQR2P3GY+5M2VZXr9BMyPf24OZEe+FF+A4a08EotrkkxYvh46htuD8=
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:06:23 2025 by rpki-client