Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3131302e302f32342d3234203d3e203433383437.roa
File: 33312e3138352e3131302e302f32342d3234203d3e203433383437.roa (raw, json)
Hash identifier: QJBMGqM6yaqk5niJkAuqPHI8VvVSx/j3kqEzba0aJEs=
Subject key identifier: 34:68:24:02:97:D5:C0:CB:AC:28:B0:CF:66:88:49:E9:4D:44:AC:ED
Certificate issuer: /CN=38a93c81ecd308e6a7632717045b3d35150120f8
Certificate serial: 4557F710DD230406A9A768B930D9314250E37261
Authority key identifier: 38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3131302e302f32342d3234203d3e203433383437.roa
Signing time: Wed 11 Mar 2026 03:46:48 +0000
ROA not before: Wed 11 Mar 2026 03:41:48 +0000
ROA not after: Wed 10 Mar 2027 03:46:48 +0000
asID: 43847
IP address blocks: 31.185.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:15:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:57:f7:10:dd:23:04:06:a9:a7:68:b9:30:d9:31:42:50:e3:72:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a93c81ecd308e6a7632717045b3d35150120f8
Validity
Not Before: Mar 11 03:41:48 2026 GMT
Not After : Mar 10 03:46:48 2027 GMT
Subject: CN=3468240297D5C0CBAC28B0CF668849E94D44ACED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:df:5f:5d:12:49:fa:9f:86:78:0f:08:8e:bc:
e8:c9:32:c8:de:12:7f:a4:12:ce:62:15:a4:ce:ee:
ac:b4:d2:67:0e:d9:4d:24:95:83:ea:0b:29:55:d4:
7a:88:9b:c6:20:8c:b0:8d:a7:80:82:7e:cf:66:fb:
b0:44:6a:46:42:07:ac:de:7a:36:b1:2e:75:60:03:
c6:6c:13:a6:22:0a:73:1b:2b:43:2e:ce:b5:a5:d8:
24:7f:81:3e:1d:6c:b7:45:34:a3:0b:b5:d5:e7:f0:
ba:8a:c8:fd:4a:2f:4d:81:dd:03:01:43:c6:2d:8d:
d5:b1:5b:09:fb:88:a1:99:56:2b:d1:1e:06:03:da:
90:7c:1c:10:cf:c7:ec:82:53:aa:b4:de:3e:12:fd:
85:bd:fa:88:64:d4:a0:16:4b:8b:b3:e9:ca:3f:67:
ea:2f:ce:f6:a0:d1:36:52:59:6e:c7:aa:fc:6d:34:
21:db:a8:16:98:da:55:c6:2e:35:97:80:88:6e:93:
a1:8d:2d:39:07:59:1d:7d:53:ca:d4:a4:f1:d2:c4:
9d:22:fe:bd:1c:59:74:1a:40:e2:8e:98:aa:1b:86:
a8:e7:59:24:1a:1b:de:88:e5:a8:05:6f:64:e6:e8:
9d:c5:eb:c1:45:64:64:c0:86:fb:80:7e:52:a5:f9:
c9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:68:24:02:97:D5:C0:CB:AC:28:B0:CF:66:88:49:E9:4D:44:AC:ED
X509v3 Authority Key Identifier:
keyid:38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3131302e302f32342d3234203d3e203433383437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.110.0/24
Signature Algorithm: sha256WithRSAEncryption
32:ec:7e:8f:6e:0f:24:e5:c1:d0:d4:ad:73:29:ae:c9:2b:dd:
d4:64:bc:8c:ed:b5:32:73:7a:ac:40:e2:d7:a6:71:d5:49:c6:
8a:0c:96:55:a4:ae:56:1c:64:29:33:c4:c1:7d:cb:09:b2:16:
db:be:83:ad:c3:8e:bf:6e:76:41:d2:e8:70:90:7c:51:86:99:
f5:c2:24:3e:2e:b6:73:ac:c7:e9:1b:1a:60:a0:fa:50:77:d9:
59:46:86:d9:d8:2c:2f:9a:b8:cc:cb:5a:93:ad:6f:6c:ea:d2:
90:e5:0b:e6:e9:3e:b8:f7:2e:92:33:3a:ba:6c:3f:27:c1:b9:
91:63:c7:71:82:2d:2a:60:0c:24:43:7e:db:50:8b:af:f2:50:
54:c0:6c:25:ce:eb:52:f2:77:5a:bd:9b:00:20:72:e5:b3:1f:
eb:15:b5:48:22:7b:5c:6a:09:3c:4a:34:dd:c1:06:79:8f:95:
92:0f:15:34:58:60:0a:eb:dd:c4:80:52:a7:42:0e:e9:df:68:
56:5c:3d:ba:a6:b9:2d:c2:24:83:f6:fb:69:1e:3d:11:ed:df:
61:75:a8:de:6c:80:ec:7e:38:bb:20:2d:ae:19:7b:82:fc:8a:
4d:7e:f0:54:d0:5b:d8:9d:4b:16:10:95:ad:87:c7:5c:ea:70:
05:a0:70:45
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURVf3EN0jBAapp2i5MNkxQlDjcmEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzhhOTNjODFlY2QzMDhlNmE3NjMyNzE3MDQ1YjNkMzUx
NTAxMjBmODAeFw0yNjAzMTEwMzQxNDhaFw0yNzAzMTAwMzQ2NDhaMDMxMTAvBgNV
BAMTKDM0NjgyNDAyOTdENUMwQ0JBQzI4QjBDRjY2ODg0OUU5NEQ0NEFDRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB319dEkn6n4Z4DwiOvOjJMsje
En+kEs5iFaTO7qy00mcO2U0klYPqCylV1HqIm8YgjLCNp4CCfs9m+7BEakZCB6ze
ejaxLnVgA8ZsE6YiCnMbK0MuzrWl2CR/gT4dbLdFNKMLtdXn8LqKyP1KL02B3QMB
Q8YtjdWxWwn7iKGZVivRHgYD2pB8HBDPx+yCU6q03j4S/YW9+ohk1KAWS4uz6co/
Z+ovzvag0TZSWW7HqvxtNCHbqBaY2lXGLjWXgIhuk6GNLTkHWR19U8rUpPHSxJ0i
/r0cWXQaQOKOmKobhqjnWSQaG96I5agFb2Tm6J3F68FFZGTAhvuAflKl+ckxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUNGgkApfVwMusKLDPZohJ6U1ErO0wHwYDVR0j
BBgwFoAUOKk8gezTCOanYycXBFs9NRUBIPgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTgyYzY1YjktNzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZm
OWI4LzAvMzhBOTNDODFFQ0QzMDhFNkE3NjMyNzE3MDQ1QjNEMzUxNTAxMjBGOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09LazhnZXpUQ09hbll5Y1hCRnM5TlJV
QklQZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTgyYzY1Yjkt
NzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZmOWI4LzAvMzMzMTJlMzEzODM1MmUzMTMx
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMzMzgzNDM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H7luMA0GCSqGSIb3DQEBCwUAA4IBAQAy7H6Pbg8k5cHQ1K1zKa7JK93UZLyM7bUy
c3qsQOLXpnHVScaKDJZVpK5WHGQpM8TBfcsJshbbvoOtw46/bnZB0uhwkHxRhpn1
wiQ+LrZzrMfpGxpgoPpQd9lZRobZ2CwvmrjMy1qTrW9s6tKQ5Qvm6T649y6SMzq6
bD8nwbmRY8dxgi0qYAwkQ37bUIuv8lBUwGwlzutS8ndavZsAIHLlsx/rFbVIIntc
agk8SjTdwQZ5j5WSDxU0WGAK693EgFKnQg7p32hWXD26prktwiSD9vtpHj0R7d9h
dajebIDsfji7IC2uGXuC/IpNfvBU0FvYnUsWEJWth8dc6nAFoHBF
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:55:31 2026 by rpki-client