Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e31332e302f32342d3234203d3e20333937363330.roa
File: 33312e362e31332e302f32342d3234203d3e20333937363330.roa (raw, json)
Hash identifier: drPSw5IvXOI1FtV2uZVUT7MtUh1CT8EIOo+F9tZoBXE=
Subject key identifier: 87:5A:BC:B6:31:E1:33:D7:FC:08:C5:AB:54:18:E1:CD:2B:8B:D8:77
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 23557113F7C5B9B41AB82811503D31A6EACFC250
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e31332e302f32342d3234203d3e20333937363330.roa
Signing time: Fri 10 Oct 2025 12:25:54 +0000
ROA not before: Fri 10 Oct 2025 12:20:54 +0000
ROA not after: Fri 09 Oct 2026 12:25:54 +0000
asID: 397630
IP address blocks: 31.6.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:15:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:55:71:13:f7:c5:b9:b4:1a:b8:28:11:50:3d:31:a6:ea:cf:c2:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Oct 10 12:20:54 2025 GMT
Not After : Oct 9 12:25:54 2026 GMT
Subject: CN=875ABCB631E133D7FC08C5AB5418E1CD2B8BD877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2a:4d:0a:a7:de:ca:63:e9:5f:db:bf:8a:bf:
2c:3d:f2:6c:da:04:9f:60:ef:f3:45:98:36:b7:3f:
d1:88:3d:5a:e8:06:25:e5:8b:29:4f:89:b8:53:df:
c6:64:5a:c7:9a:ec:e5:ec:f5:3c:08:5c:1e:69:dc:
44:4e:33:90:06:ad:fa:e0:70:5b:f9:3b:00:29:68:
23:b2:aa:ed:41:26:21:ca:b6:6f:4a:ca:5c:52:ea:
0b:f7:da:64:df:1b:44:39:43:ba:fb:d4:74:09:a2:
65:ec:2d:a5:a2:ed:ed:13:22:9d:5b:8a:7b:f0:d5:
11:31:29:15:d0:d3:8c:8f:24:b3:df:22:81:bf:bc:
97:de:b2:2f:ea:de:8d:0f:0c:29:49:c6:32:13:c6:
9c:94:e1:3f:c4:cc:36:4d:50:21:8b:2c:49:49:57:
d7:ad:6c:29:3b:da:c6:b8:3d:26:12:5d:c4:c7:24:
9b:99:30:c4:1b:3a:6c:68:a1:6f:e7:6e:0d:ef:dd:
b1:3e:eb:ee:b8:a6:a5:9a:9a:5c:cc:f7:6b:d5:3a:
d5:ab:00:e7:f6:db:c8:19:f4:10:f9:75:61:0b:c2:
b7:47:1a:85:69:4d:ad:59:fd:e0:41:e6:10:a9:6b:
cf:16:4b:d3:79:70:34:59:4b:80:56:86:17:eb:49:
f5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:5A:BC:B6:31:E1:33:D7:FC:08:C5:AB:54:18:E1:CD:2B:8B:D8:77
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e31332e302f32342d3234203d3e20333937363330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.13.0/24
Signature Algorithm: sha256WithRSAEncryption
15:62:79:d8:68:11:3c:4f:2f:56:e3:bc:d2:5e:fe:bd:a7:e9:
bf:1c:6e:47:ca:30:7a:27:3c:f4:2c:c3:e4:7e:2d:24:08:3b:
24:6c:05:3a:48:f4:d8:a5:8e:e1:78:bc:c3:8d:71:33:41:50:
1d:60:5e:48:d5:19:18:d9:4b:16:cd:22:80:25:d9:98:f5:9a:
df:b5:54:70:3f:93:30:31:47:82:d5:b2:89:9b:3a:91:b3:05:
99:eb:27:0c:7a:b0:b4:15:79:ed:08:ad:60:40:b2:14:5a:23:
f2:6a:6c:80:e1:e6:bb:1c:de:12:56:db:04:aa:2e:3a:c3:0f:
ac:f0:d9:8c:b3:6e:ff:e6:51:9f:9a:c1:66:8a:5c:e6:bb:09:
a7:0c:6e:62:39:1d:ba:f2:4c:43:d3:ee:d0:58:67:2f:76:13:
b0:c5:7a:2d:bf:89:62:e2:a0:5a:5d:c3:d9:83:5c:25:29:17:
9c:4d:ce:73:96:08:26:62:65:80:d2:a7:10:27:4b:b4:08:8a:
a5:d2:b4:90:dd:d0:f1:38:70:da:84:cc:df:2f:78:50:e2:ad:
86:ca:fd:8e:09:d8:da:c6:53:89:f4:3b:0d:25:18:92:86:6e:
c2:61:f3:25:4e:cc:4d:20:c5:c0:e1:7b:a7:39:52:d9:bd:81:
e3:ce:66:f0
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUI1VxE/fFubQauCgRUD0xpurPwlAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNTEwMTAxMjIwNTRaFw0yNjEwMDkxMjI1NTRaMDMxMTAvBgNV
BAMTKDg3NUFCQ0I2MzFFMTMzRDdGQzA4QzVBQjU0MThFMUNEMkI4QkQ4NzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4Kk0Kp97KY+lf27+Kvyw98mza
BJ9g7/NFmDa3P9GIPVroBiXliylPibhT38ZkWsea7OXs9TwIXB5p3EROM5AGrfrg
cFv5OwApaCOyqu1BJiHKtm9KylxS6gv32mTfG0Q5Q7r71HQJomXsLaWi7e0TIp1b
invw1RExKRXQ04yPJLPfIoG/vJfesi/q3o0PDClJxjITxpyU4T/EzDZNUCGLLElJ
V9etbCk72sa4PSYSXcTHJJuZMMQbOmxooW/nbg3v3bE+6+64pqWamlzM92vVOtWr
AOf228gZ9BD5dWELwrdHGoVpTa1Z/eBB5hCpa88WS9N5cDRZS4BWhhfrSfXpAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUh1q8tjHhM9f8CMWrVBjhzSuL2HcwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzMzMTJlMzYyZTMxMzMyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzczNjMzMzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAfBg0w
DQYJKoZIhvcNAQELBQADggEBABViedhoETxPL1bjvNJe/r2n6b8cbkfKMHonPPQs
w+R+LSQIOyRsBTpI9NiljuF4vMONcTNBUB1gXkjVGRjZSxbNIoAl2Zj1mt+1VHA/
kzAxR4LVsombOpGzBZnrJwx6sLQVee0IrWBAshRaI/JqbIDh5rsc3hJW2wSqLjrD
D6zw2Yyzbv/mUZ+awWaKXOa7CacMbmI5HbryTEPT7tBYZy92E7DFei2/iWLioFpd
w9mDXCUpF5xNznOWCCZiZYDSpxAnS7QIiqXStJDd0PE4cNqEzN8veFDirYbK/Y4J
2NrGU4n0Ow0lGJKGbsJh8yVOzE0gxcDhe6c5Utm9gePOZvA=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:32:17 2025 by rpki-client