Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130352e302f32342d3234203d3e203439353932.roa
File: 33312e3138352e3130352e302f32342d3234203d3e203439353932.roa (raw, json)
Hash identifier: JlMtTfTfP9mAdMBrmYW2itCr9phEwZpX3sQKtokqaZw=
Subject key identifier: 0B:33:35:FD:0E:E7:C4:64:50:1A:B3:18:2E:6D:73:3F:66:17:E4:43
Certificate issuer: /CN=38a93c81ecd308e6a7632717045b3d35150120f8
Certificate serial: 42399D73FF803F91B1113A75AFA7A8A0433FFBD9
Authority key identifier: 38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130352e302f32342d3234203d3e203439353932.roa
Signing time: Sat 27 Sep 2025 20:49:22 +0000
ROA not before: Sat 27 Sep 2025 20:44:22 +0000
ROA not after: Sat 26 Sep 2026 20:49:22 +0000
asID: 49592
IP address blocks: 31.185.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:39:9d:73:ff:80:3f:91:b1:11:3a:75:af:a7:a8:a0:43:3f:fb:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a93c81ecd308e6a7632717045b3d35150120f8
Validity
Not Before: Sep 27 20:44:22 2025 GMT
Not After : Sep 26 20:49:22 2026 GMT
Subject: CN=0B3335FD0EE7C464501AB3182E6D733F6617E443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5e:0a:2c:a1:cf:d2:98:cc:79:02:25:72:3d:
59:00:07:46:a0:25:39:56:8c:61:69:f3:82:3b:29:
47:07:b1:ec:43:8a:0a:51:11:dc:80:9b:a3:9a:cc:
1d:56:63:2b:0e:f2:b3:0f:57:ce:82:b8:c4:a0:42:
88:96:ce:1d:e1:91:bf:ef:ea:ba:cf:dc:a6:e3:06:
79:83:51:71:16:fe:90:33:5d:77:1a:e2:66:8a:5f:
4a:60:8e:5a:17:30:36:83:e9:32:ad:67:b2:1a:d8:
57:88:79:69:ab:0c:e6:74:36:a2:56:38:a9:93:96:
f3:82:03:28:c7:38:f5:ed:d2:8d:1b:13:66:7a:0b:
90:aa:00:99:41:fd:34:db:eb:79:ca:25:7c:6d:bb:
64:50:d7:f0:50:c0:8c:66:74:5f:30:4e:d9:e3:c2:
91:59:fe:01:38:4d:24:b3:39:96:cc:87:40:ec:71:
75:b7:28:65:e8:7f:9a:4e:f1:da:c0:d6:e5:a2:1f:
ed:2b:2a:56:0d:a2:0e:35:89:89:73:bd:e3:da:09:
5e:a5:30:4c:0e:e6:33:dd:2a:2e:c0:ea:a0:52:e0:
db:28:61:e5:31:6b:8e:8b:fa:d9:e9:d4:cc:79:78:
aa:96:6d:e5:29:d4:d1:b0:2b:91:6f:6b:b0:dd:9e:
0c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:33:35:FD:0E:E7:C4:64:50:1A:B3:18:2E:6D:73:3F:66:17:E4:43
X509v3 Authority Key Identifier:
keyid:38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130352e302f32342d3234203d3e203439353932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.105.0/24
Signature Algorithm: sha256WithRSAEncryption
71:4e:18:bc:79:39:a0:d8:ce:92:82:f6:fb:93:83:7a:24:37:
00:f1:1e:58:f7:82:9e:9d:8f:8a:0a:5a:6a:01:f4:38:0a:a7:
06:bf:8e:5b:01:1c:2e:98:0d:3f:45:fb:6b:96:02:91:5c:9e:
60:6c:8c:c0:4c:ea:f3:38:38:4e:5a:3c:d5:b0:0f:f3:1c:d2:
89:6e:2b:46:90:76:b2:4c:c0:7a:98:0b:f1:4c:a2:42:40:43:
1e:bd:e8:ec:89:4e:bf:6d:1d:e3:e9:c4:e4:34:21:3c:93:f6:
a4:95:3c:0b:c2:12:60:a3:4a:d3:f0:fe:a1:b1:d1:a7:9f:e8:
9f:42:55:ee:ea:b0:0a:dd:73:4c:b5:35:2d:0a:4d:13:92:42:
f2:bc:ac:51:60:51:00:55:d2:72:25:dc:5e:c1:f6:78:9e:36:
55:74:9d:b7:24:f4:b2:b7:d2:cb:9c:4f:39:67:37:cf:e7:ef:
b1:2d:e4:4d:9f:d4:03:34:ae:aa:6f:3a:94:51:f9:b6:57:91:
b5:59:f1:ac:11:96:a3:4c:54:a0:c4:55:5e:fe:8e:97:6a:3d:
0e:23:ce:37:b8:0f:be:97:f1:85:9d:91:34:3b:1f:f6:e2:da:
e5:55:ae:96:53:db:2d:0a:56:6f:de:c5:ea:64:1f:19:e1:79:
32:36:f9:bf
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQjmdc/+AP5GxETp1r6eooEM/+9kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzhhOTNjODFlY2QzMDhlNmE3NjMyNzE3MDQ1YjNkMzUx
NTAxMjBmODAeFw0yNTA5MjcyMDQ0MjJaFw0yNjA5MjYyMDQ5MjJaMDMxMTAvBgNV
BAMTKDBCMzMzNUZEMEVFN0M0NjQ1MDFBQjMxODJFNkQ3MzNGNjYxN0U0NDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Xgosoc/SmMx5AiVyPVkAB0ag
JTlWjGFp84I7KUcHsexDigpREdyAm6OazB1WYysO8rMPV86CuMSgQoiWzh3hkb/v
6rrP3KbjBnmDUXEW/pAzXXca4maKX0pgjloXMDaD6TKtZ7Ia2FeIeWmrDOZ0NqJW
OKmTlvOCAyjHOPXt0o0bE2Z6C5CqAJlB/TTb63nKJXxtu2RQ1/BQwIxmdF8wTtnj
wpFZ/gE4TSSzOZbMh0DscXW3KGXof5pO8drA1uWiH+0rKlYNog41iYlzvePaCV6l
MEwO5jPdKi7A6qBS4NsoYeUxa46L+tnp1Mx5eKqWbeUp1NGwK5Fva7DdngzLAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUCzM1/Q7nxGRQGrMYLm1zP2YX5EMwHwYDVR0j
BBgwFoAUOKk8gezTCOanYycXBFs9NRUBIPgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTgyYzY1YjktNzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZm
OWI4LzAvMzhBOTNDODFFQ0QzMDhFNkE3NjMyNzE3MDQ1QjNEMzUxNTAxMjBGOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09LazhnZXpUQ09hbll5Y1hCRnM5TlJV
QklQZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTgyYzY1Yjkt
NzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZmOWI4LzAvMzMzMTJlMzEzODM1MmUzMTMw
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM5MzUzOTMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H7lpMA0GCSqGSIb3DQEBCwUAA4IBAQBxThi8eTmg2M6Sgvb7k4N6JDcA8R5Y94Ke
nY+KClpqAfQ4CqcGv45bARwumA0/RftrlgKRXJ5gbIzATOrzODhOWjzVsA/zHNKJ
bitGkHayTMB6mAvxTKJCQEMevejsiU6/bR3j6cTkNCE8k/aklTwLwhJgo0rT8P6h
sdGnn+ifQlXu6rAK3XNMtTUtCk0TkkLyvKxRYFEAVdJyJdxewfZ4njZVdJ23JPSy
t9LLnE85ZzfP5++xLeRNn9QDNK6qbzqUUfm2V5G1WfGsEZajTFSgxFVe/o6Xaj0O
I843uA++l/GFnZE0Ox/24trlVa6WU9stClZv3sXqZB8Z4XkyNvm/
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:00:29 2025 by rpki-client