Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e32302e302f32342d3234203d3e20313439393438.roa
File: 33312e362e32302e302f32342d3234203d3e20313439393438.roa (raw, json)
Hash identifier: U9d9WIMck4PsJ0f9IlIF9id6NHOuAztnGLIgLaZEOYY=
Subject key identifier: F1:30:AB:AA:05:71:35:79:B3:9C:A4:CB:6D:68:2D:6B:AF:BF:5A:C3
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 5822DF2B2E1C2D3EA047C70D8A62284E91F9925A
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e32302e302f32342d3234203d3e20313439393438.roa
Signing time: Sun 12 Oct 2025 17:54:43 +0000
ROA not before: Sun 12 Oct 2025 17:49:43 +0000
ROA not after: Sun 11 Oct 2026 17:54:43 +0000
asID: 149948
IP address blocks: 31.6.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:22:df:2b:2e:1c:2d:3e:a0:47:c7:0d:8a:62:28:4e:91:f9:92:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Oct 12 17:49:43 2025 GMT
Not After : Oct 11 17:54:43 2026 GMT
Subject: CN=F130ABAA05713579B39CA4CB6D682D6BAFBF5AC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ad:39:41:bc:f6:8d:a3:b8:82:9b:c0:74:f8:
2c:1f:fa:cb:4e:e8:d7:bb:27:8f:00:07:b2:a5:41:
a6:59:8e:38:fe:2c:31:73:cc:4b:d1:df:a6:65:12:
f0:16:ae:f4:2d:f3:38:99:db:b2:af:ee:ba:73:6a:
c2:8c:9b:82:00:e6:aa:d1:14:bb:82:4d:12:c1:0a:
3c:94:4f:43:60:c7:3f:ed:2c:e3:46:26:93:35:64:
08:ce:69:a9:4a:bd:96:64:8f:bf:10:ec:f5:4f:70:
e4:e2:b5:7d:70:c9:6a:79:93:a2:59:38:1c:1a:e1:
c3:fe:fc:e2:14:ad:3c:17:44:5d:ff:cc:c2:79:26:
50:91:3d:7e:05:be:dd:ae:56:98:cc:71:6d:7f:d6:
13:2c:cf:9b:29:4d:d7:4e:db:d0:c6:39:35:69:7b:
8d:87:e5:93:89:37:df:71:fb:18:49:74:dd:13:44:
74:69:31:69:eb:b5:21:c7:f1:86:79:e7:eb:07:b3:
5f:3c:c3:97:71:5c:b6:48:42:58:f1:ca:d2:a8:e4:
39:1d:fc:38:a9:0c:a6:96:a0:96:14:84:6c:b2:f9:
de:33:58:50:41:7f:30:04:95:57:07:ef:2d:4a:29:
75:0e:97:0d:23:a2:18:b3:59:02:45:6b:17:40:89:
40:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:30:AB:AA:05:71:35:79:B3:9C:A4:CB:6D:68:2D:6B:AF:BF:5A:C3
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e32302e302f32342d3234203d3e20313439393438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.20.0/24
Signature Algorithm: sha256WithRSAEncryption
03:e3:c3:13:98:1c:3e:27:56:59:8f:1f:7f:b6:7e:34:c4:14:
62:e4:6f:56:38:0f:94:5b:ab:2d:d2:30:63:bf:38:b9:f7:2b:
b9:6c:8d:5e:18:0e:cc:31:7f:b3:13:08:40:02:21:f9:6f:93:
82:ab:29:62:93:6c:48:7a:8f:b9:3d:91:45:70:8c:23:8e:1c:
4f:c0:60:6d:be:92:0b:6a:56:2d:55:d3:a3:b6:14:ac:80:0c:
86:4b:89:ff:8f:b8:10:2b:80:86:39:54:d6:b0:76:71:9f:8c:
7e:64:fd:a0:bd:e6:7e:e8:66:16:cd:75:1a:fe:85:11:66:e5:
fe:3c:d6:9d:ee:7b:ac:49:05:ab:3d:ef:9d:b3:e4:9c:8e:5a:
b9:8b:b8:31:1a:1f:3e:02:37:df:e7:d0:0e:99:94:c2:75:50:
2d:80:40:dd:5e:54:be:95:16:54:8c:c6:29:62:a0:5d:6b:1b:
52:57:4a:ad:9c:b1:a5:c2:af:ea:02:1b:18:45:b9:b7:ad:21:
db:09:17:5d:e1:1b:66:24:fe:28:0c:bd:3e:01:37:bc:4f:7f:
8c:b6:0a:a8:a9:62:0c:8a:55:75:b5:a6:1e:11:64:73:ec:34:
cf:68:00:8b:78:e3:bd:df:4d:33:75:9f:ff:47:e2:81:aa:d5:
0e:f9:df:00
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUWCLfKy4cLT6gR8cNimIoTpH5klowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNTEwMTIxNzQ5NDNaFw0yNjEwMTExNzU0NDNaMDMxMTAvBgNV
BAMTKEYxMzBBQkFBMDU3MTM1NzlCMzlDQTRDQjZENjgyRDZCQUZCRjVBQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkrTlBvPaNo7iCm8B0+Cwf+stO
6Ne7J48AB7KlQaZZjjj+LDFzzEvR36ZlEvAWrvQt8ziZ27Kv7rpzasKMm4IA5qrR
FLuCTRLBCjyUT0Ngxz/tLONGJpM1ZAjOaalKvZZkj78Q7PVPcOTitX1wyWp5k6JZ
OBwa4cP+/OIUrTwXRF3/zMJ5JlCRPX4Fvt2uVpjMcW1/1hMsz5spTddO29DGOTVp
e42H5ZOJN99x+xhJdN0TRHRpMWnrtSHH8YZ55+sHs188w5dxXLZIQljxytKo5Dkd
/DipDKaWoJYUhGyy+d4zWFBBfzAElVcH7y1KKXUOlw0johizWQJFaxdAiUC9AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU8TCrqgVxNXmznKTLbWgta6+/WsMwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzMzMTJlMzYyZTMyMzAyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzkzOTM0Mzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAfBhQw
DQYJKoZIhvcNAQELBQADggEBAAPjwxOYHD4nVlmPH3+2fjTEFGLkb1Y4D5Rbqy3S
MGO/OLn3K7lsjV4YDswxf7MTCEACIflvk4KrKWKTbEh6j7k9kUVwjCOOHE/AYG2+
kgtqVi1V06O2FKyADIZLif+PuBArgIY5VNawdnGfjH5k/aC95n7oZhbNdRr+hRFm
5f481p3ue6xJBas9752z5JyOWrmLuDEaHz4CN9/n0A6ZlMJ1UC2AQN1eVL6VFlSM
xilioF1rG1JXSq2csaXCr+oCGxhFubetIdsJF13hG2Yk/igMvT4BN7xPf4y2Cqip
YgyKVXW1ph4RZHPsNM9oAIt4473fTTN1n/9H4oGq1Q753wA=
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:34:44 2025 by rpki-client