Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130342e302f32342d3234203d3e203433383437.roa
File: 33312e3138352e3130342e302f32342d3234203d3e203433383437.roa (raw, json)
Hash identifier: ooBmQ0XsExl9P6cs22gk7QC3kfjfWk/6TOw3sS2GKWM=
Subject key identifier: 86:AA:7A:58:7C:B1:99:A8:AE:AE:E2:F8:4F:D7:7C:B6:F1:C2:E9:4E
Certificate issuer: /CN=38a93c81ecd308e6a7632717045b3d35150120f8
Certificate serial: 76F12ED1432B2CA8696F89BA1CF9452154B14E5E
Authority key identifier: 38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130342e302f32342d3234203d3e203433383437.roa
Signing time: Tue 05 Aug 2025 15:43:46 +0000
ROA not before: Tue 05 Aug 2025 15:38:46 +0000
ROA not after: Tue 04 Aug 2026 15:43:46 +0000
asID: 43847
IP address blocks: 31.185.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:f1:2e:d1:43:2b:2c:a8:69:6f:89:ba:1c:f9:45:21:54:b1:4e:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a93c81ecd308e6a7632717045b3d35150120f8
Validity
Not Before: Aug 5 15:38:46 2025 GMT
Not After : Aug 4 15:43:46 2026 GMT
Subject: CN=86AA7A587CB199A8AEAEE2F84FD77CB6F1C2E94E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:cd:05:28:a9:d8:ec:ee:fe:a2:34:30:99:5a:
e5:e1:d5:53:3f:07:ac:1f:79:14:f6:ea:aa:c5:e8:
19:b1:61:92:93:68:e0:9a:33:23:8d:6b:71:49:a5:
87:74:19:2b:4d:08:09:04:2a:53:02:22:f6:7f:22:
9d:95:30:2d:49:66:66:fb:0b:d4:f0:27:dc:3f:ae:
3c:f1:fe:da:38:30:ef:ee:cc:f2:92:b3:b9:f1:1b:
d5:1f:c3:81:d4:48:7b:f3:fa:9e:a8:1f:a8:e7:ff:
b9:50:ea:8d:98:68:85:52:80:09:3a:4d:88:5f:1a:
08:64:70:9a:65:00:c4:f4:14:f0:c2:10:65:5e:13:
ff:cf:22:44:f8:f5:42:91:f2:d7:e0:dc:e2:74:b9:
2a:2a:40:16:60:39:49:44:d9:c6:ea:82:55:f3:d3:
cd:94:c5:27:fa:bd:b7:99:9e:fd:97:6d:e6:7e:6f:
82:33:42:bb:cd:4f:57:25:f4:fe:92:db:cc:6c:5c:
cd:26:7f:db:a2:5c:a1:31:ce:35:c2:ef:e8:d1:fa:
5c:95:9f:d2:6e:d0:9c:23:66:d9:30:9d:7a:f2:b4:
d1:bb:9e:2c:7b:f6:98:0c:ff:54:46:24:9e:46:30:
20:95:73:a1:c1:e9:dd:4d:24:a2:4b:7a:d3:1a:43:
c3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:AA:7A:58:7C:B1:99:A8:AE:AE:E2:F8:4F:D7:7C:B6:F1:C2:E9:4E
X509v3 Authority Key Identifier:
keyid:38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130342e302f32342d3234203d3e203433383437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.104.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:ca:20:3c:56:92:da:4e:9c:50:00:3b:85:22:04:51:89:5a:
16:f1:94:7b:bd:ed:e1:a0:3b:60:fc:74:98:9e:0b:4e:a6:c8:
74:e1:45:54:74:e4:3d:ba:64:b3:96:2d:9b:73:ac:94:4f:a6:
0d:22:c3:cf:ce:2e:a4:ac:7b:3f:41:89:a5:be:ca:50:e9:24:
52:f3:0a:ab:0f:ac:a5:f0:e5:b7:a0:7e:dd:2b:d0:31:cd:19:
95:9b:54:aa:72:43:af:be:a7:f4:25:81:bd:8a:a1:54:e9:fc:
41:4a:6a:f6:14:d1:e3:12:68:60:57:0b:a8:9a:56:d9:4e:85:
61:18:e1:35:a4:65:35:27:17:62:57:01:21:aa:c4:90:2c:9a:
15:9c:25:4c:43:98:21:09:77:51:04:c3:49:03:c3:58:d4:20:
47:43:5d:2d:27:73:ff:c9:ca:99:0c:5c:47:f3:78:84:b7:3f:
71:1d:70:a3:e9:80:ca:e7:9c:2a:f1:a5:ef:d0:6d:e3:0d:f2:
0d:0c:c2:35:5a:bd:7c:45:0a:b9:1b:d4:2a:6b:3a:8b:be:d5:
d1:85:b7:79:37:d8:a7:58:b3:74:23:1e:d3:e8:9a:30:64:1b:
67:ad:53:f7:c3:a9:22:a4:ec:fe:9a:db:e1:8d:17:ee:20:27:
2d:e3:3c:77
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdvEu0UMrLKhpb4m6HPlFIVSxTl4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzhhOTNjODFlY2QzMDhlNmE3NjMyNzE3MDQ1YjNkMzUx
NTAxMjBmODAeFw0yNTA4MDUxNTM4NDZaFw0yNjA4MDQxNTQzNDZaMDMxMTAvBgNV
BAMTKDg2QUE3QTU4N0NCMTk5QThBRUFFRTJGODRGRDc3Q0I2RjFDMkU5NEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfzQUoqdjs7v6iNDCZWuXh1VM/
B6wfeRT26qrF6BmxYZKTaOCaMyONa3FJpYd0GStNCAkEKlMCIvZ/Ip2VMC1JZmb7
C9TwJ9w/rjzx/to4MO/uzPKSs7nxG9Ufw4HUSHvz+p6oH6jn/7lQ6o2YaIVSgAk6
TYhfGghkcJplAMT0FPDCEGVeE//PIkT49UKR8tfg3OJ0uSoqQBZgOUlE2cbqglXz
082UxSf6vbeZnv2XbeZ+b4IzQrvNT1cl9P6S28xsXM0mf9uiXKExzjXC7+jR+lyV
n9Ju0JwjZtkwnXrytNG7nix79pgM/1RGJJ5GMCCVc6HB6d1NJKJLetMaQ8ODAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUhqp6WHyxmaiuruL4T9d8tvHC6U4wHwYDVR0j
BBgwFoAUOKk8gezTCOanYycXBFs9NRUBIPgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTgyYzY1YjktNzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZm
OWI4LzAvMzhBOTNDODFFQ0QzMDhFNkE3NjMyNzE3MDQ1QjNEMzUxNTAxMjBGOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09LazhnZXpUQ09hbll5Y1hCRnM5TlJV
QklQZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTgyYzY1Yjkt
NzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZmOWI4LzAvMzMzMTJlMzEzODM1MmUzMTMw
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMzMzgzNDM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H7loMA0GCSqGSIb3DQEBCwUAA4IBAQCMyiA8VpLaTpxQADuFIgRRiVoW8ZR7ve3h
oDtg/HSYngtOpsh04UVUdOQ9umSzli2bc6yUT6YNIsPPzi6krHs/QYmlvspQ6SRS
8wqrD6yl8OW3oH7dK9AxzRmVm1SqckOvvqf0JYG9iqFU6fxBSmr2FNHjEmhgVwuo
mlbZToVhGOE1pGU1JxdiVwEhqsSQLJoVnCVMQ5ghCXdRBMNJA8NY1CBHQ10tJ3P/
ycqZDFxH83iEtz9xHXCj6YDK55wq8aXv0G3jDfINDMI1Wr18RQq5G9QqazqLvtXR
hbd5N9inWLN0Ix7T6JowZBtnrVP3w6kipOz+mtvhjRfuICct4zx3
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:40:41 2025 by rpki-client