Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3131312e302f32342d3234203d3e203433383437.roa
File: 33312e3138352e3131312e302f32342d3234203d3e203433383437.roa (raw, json)
Hash identifier: Z+WIv07j1sBVImJqjc9zRKxTh7Kgz0Src+x8TbAlpmA=
Subject key identifier: B4:DD:DD:B3:11:4E:6C:CC:ED:64:97:EC:5F:F8:08:EF:CA:0F:F5:C8
Certificate issuer: /CN=38a93c81ecd308e6a7632717045b3d35150120f8
Certificate serial: 4BAC20C8282D04C686E98B6857F2EE098450B8AB
Authority key identifier: 38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3131312e302f32342d3234203d3e203433383437.roa
Signing time: Wed 11 Mar 2026 03:46:48 +0000
ROA not before: Wed 11 Mar 2026 03:41:48 +0000
ROA not after: Wed 10 Mar 2027 03:46:48 +0000
asID: 43847
IP address blocks: 31.185.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:15:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:ac:20:c8:28:2d:04:c6:86:e9:8b:68:57:f2:ee:09:84:50:b8:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a93c81ecd308e6a7632717045b3d35150120f8
Validity
Not Before: Mar 11 03:41:48 2026 GMT
Not After : Mar 10 03:46:48 2027 GMT
Subject: CN=B4DDDDB3114E6CCCED6497EC5FF808EFCA0FF5C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:13:c3:72:c5:a2:04:18:78:6d:55:0d:1b:fa:
46:0d:e2:ce:9c:e2:74:92:6e:72:ec:1b:c3:2b:41:
62:c0:77:83:6d:1c:55:5c:40:d2:37:07:f6:44:08:
a7:b0:1e:47:f7:c8:e4:ca:34:42:44:67:26:21:67:
04:44:b9:fb:c5:3d:dc:5e:b3:6a:00:ed:80:e8:db:
c8:15:40:d7:e8:a6:e0:af:80:2e:b6:5c:37:94:4f:
12:e4:21:3a:ac:e0:ca:f3:db:24:c6:09:27:ba:f5:
36:48:f3:59:e2:1e:10:77:c2:7d:32:00:5c:5c:cc:
62:8f:7a:df:74:bf:4a:89:e1:62:0b:8b:9b:f0:26:
dc:f5:a1:22:b1:d7:ea:77:bd:40:c2:36:16:3d:64:
64:c3:cd:89:40:8f:c1:0a:b6:9d:48:be:e2:d8:d5:
f2:e7:04:a1:45:cb:dc:26:db:39:45:2f:11:35:40:
bb:bf:1e:81:fd:fc:d8:d3:3d:2a:f3:6d:24:8f:62:
cb:a8:60:e2:c5:7b:9a:f7:92:07:eb:d2:d8:0c:da:
71:b9:c4:81:10:db:1c:07:fb:6a:3b:2a:db:66:ca:
6e:95:85:13:1f:f4:76:1d:75:a0:cc:4c:6c:a8:c7:
b8:d6:6a:ea:fd:00:4e:d1:5a:8f:ed:5a:a9:2c:ca:
e3:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:DD:DD:B3:11:4E:6C:CC:ED:64:97:EC:5F:F8:08:EF:CA:0F:F5:C8
X509v3 Authority Key Identifier:
keyid:38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3131312e302f32342d3234203d3e203433383437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.111.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:da:34:67:9f:c4:b9:4d:88:1d:37:ca:a7:9b:44:96:8b:cd:
7a:8a:78:8d:7e:24:42:cc:06:1b:64:70:3b:c7:a1:b9:90:8e:
ac:49:2c:83:3c:bd:54:14:aa:14:50:34:29:5b:cd:af:04:fb:
e3:de:cd:d2:c1:9f:52:7d:e0:85:7f:64:ad:6e:57:95:a6:cf:
93:8d:37:df:48:a2:f9:a8:02:89:c5:06:17:e7:24:35:59:1d:
dc:8e:57:ba:2d:7d:6b:e2:a1:85:4c:fa:21:40:29:98:ef:12:
b3:4c:d2:46:16:50:76:cc:56:3d:9b:18:08:6e:f6:fd:7b:cd:
10:ff:e9:c9:59:ba:a1:69:df:e0:51:6d:43:f6:af:cd:ae:59:
1a:86:4d:9f:4c:cc:1f:a5:80:88:26:e4:0d:7f:20:89:68:48:
56:c4:50:f4:6c:a9:7b:e3:48:9a:c8:12:07:a2:32:3b:7c:db:
b7:74:6b:45:a7:cd:11:b0:57:c7:5e:3b:f7:db:a4:e6:a8:98:
85:18:2e:d1:4f:fd:e1:74:4e:44:94:9f:fd:19:a2:c4:2e:2b:
5c:d9:3a:bd:81:8c:f5:2a:5b:6c:d4:35:c3:af:d6:57:94:54:
51:d1:3b:8d:07:28:19:10:59:5d:e6:0b:f7:a2:be:e7:46:e2:
49:c1:63:96
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUS6wgyCgtBMaG6YtoV/LuCYRQuKswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzhhOTNjODFlY2QzMDhlNmE3NjMyNzE3MDQ1YjNkMzUx
NTAxMjBmODAeFw0yNjAzMTEwMzQxNDhaFw0yNzAzMTAwMzQ2NDhaMDMxMTAvBgNV
BAMTKEI0REREREIzMTE0RTZDQ0NFRDY0OTdFQzVGRjgwOEVGQ0EwRkY1QzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6E8NyxaIEGHhtVQ0b+kYN4s6c
4nSSbnLsG8MrQWLAd4NtHFVcQNI3B/ZECKewHkf3yOTKNEJEZyYhZwREufvFPdxe
s2oA7YDo28gVQNfopuCvgC62XDeUTxLkITqs4Mrz2yTGCSe69TZI81niHhB3wn0y
AFxczGKPet90v0qJ4WILi5vwJtz1oSKx1+p3vUDCNhY9ZGTDzYlAj8EKtp1IvuLY
1fLnBKFFy9wm2zlFLxE1QLu/HoH9/NjTPSrzbSSPYsuoYOLFe5r3kgfr0tgM2nG5
xIEQ2xwH+2o7Kttmym6VhRMf9HYddaDMTGyox7jWaur9AE7RWo/tWqksyuNxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUtN3dsxFObMztZJfsX/gI78oP9cgwHwYDVR0j
BBgwFoAUOKk8gezTCOanYycXBFs9NRUBIPgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTgyYzY1YjktNzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZm
OWI4LzAvMzhBOTNDODFFQ0QzMDhFNkE3NjMyNzE3MDQ1QjNEMzUxNTAxMjBGOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09LazhnZXpUQ09hbll5Y1hCRnM5TlJV
QklQZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTgyYzY1Yjkt
NzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZmOWI4LzAvMzMzMTJlMzEzODM1MmUzMTMx
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMzMzgzNDM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H7lvMA0GCSqGSIb3DQEBCwUAA4IBAQAs2jRnn8S5TYgdN8qnm0SWi816iniNfiRC
zAYbZHA7x6G5kI6sSSyDPL1UFKoUUDQpW82vBPvj3s3SwZ9SfeCFf2StbleVps+T
jTffSKL5qAKJxQYX5yQ1WR3cjle6LX1r4qGFTPohQCmY7xKzTNJGFlB2zFY9mxgI
bvb9e80Q/+nJWbqhad/gUW1D9q/Nrlkahk2fTMwfpYCIJuQNfyCJaEhWxFD0bKl7
40iayBIHojI7fNu3dGtFp80RsFfHXjv326TmqJiFGC7RT/3hdE5ElJ/9GaLELitc
2Tq9gYz1Klts1DXDr9ZXlFRR0TuNBygZEFld5gv3or7nRuJJwWOW
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:55:24 2026 by rpki-client