Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e33392e302f32342d3234203d3e20323134343332.roa
File: 33312e362e33392e302f32342d3234203d3e20323134343332.roa (raw, json)
Hash identifier: G3YjCkgzTDScCyQmbsbhDJqeJo2gTIcuu9zQxvFa7Z4=
Subject key identifier: 5B:00:33:16:54:53:86:72:CE:A7:BC:AE:60:B2:6C:F3:30:D5:37:6B
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 2E28EAF345F081FF2D65D6223D3E3071286FDE89
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e33392e302f32342d3234203d3e20323134343332.roa
Signing time: Sun 22 Jun 2025 09:36:23 +0000
ROA not before: Sun 22 Jun 2025 09:31:23 +0000
ROA not after: Sun 21 Jun 2026 09:36:23 +0000
asID: 214432
IP address blocks: 31.6.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 05:11:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:28:ea:f3:45:f0:81:ff:2d:65:d6:22:3d:3e:30:71:28:6f:de:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Jun 22 09:31:23 2025 GMT
Not After : Jun 21 09:36:23 2026 GMT
Subject: CN=5B00331654538672CEA7BCAE60B26CF330D5376B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3a:e4:c1:93:33:65:49:06:9d:ad:41:1b:91:
2b:b9:55:67:4c:d0:e4:b2:45:a0:87:82:44:68:c8:
d2:25:76:5d:e0:0c:40:94:50:8d:e0:1d:35:ec:14:
62:d0:c4:17:77:c8:32:85:8a:bd:14:da:85:95:b7:
de:d0:3b:a3:f8:11:de:59:57:9a:46:9f:c8:3d:d8:
c7:98:72:13:7e:29:53:9d:e2:85:1b:8f:04:cf:06:
0e:06:b8:99:62:5d:5c:2a:29:73:5d:d1:ee:1e:83:
73:ec:65:45:c7:9e:db:e3:d1:7d:6f:93:2b:08:9a:
37:ed:94:1e:19:68:1a:8e:09:48:df:d9:e4:e8:7d:
cb:9b:a2:24:68:af:83:ac:c6:83:7c:32:52:dc:b2:
0f:dd:dd:51:81:53:0c:26:a3:83:73:84:f3:ff:b6:
e9:31:d9:0a:fb:6a:6a:b4:b3:da:d0:fd:ca:35:88:
0c:e1:f9:81:71:e4:c5:91:e6:5f:3f:ac:cc:93:09:
b7:61:71:9d:ce:ec:ed:1a:eb:35:47:e6:00:60:11:
7c:b9:c7:d8:c1:37:ec:42:1e:97:a7:d2:ef:36:0b:
4a:6c:c3:8e:29:70:41:03:a7:c0:a6:cd:55:e3:14:
c9:2c:1e:ea:f4:a4:d7:56:34:ed:8f:36:db:d6:6a:
85:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:00:33:16:54:53:86:72:CE:A7:BC:AE:60:B2:6C:F3:30:D5:37:6B
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e33392e302f32342d3234203d3e20323134343332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.39.0/24
Signature Algorithm: sha256WithRSAEncryption
58:13:23:31:be:ed:29:00:f0:de:af:96:de:3a:b9:8b:3f:4d:
82:64:af:38:06:d0:da:9e:ed:da:23:0b:49:05:73:af:69:aa:
be:e8:38:1b:f5:e8:e4:33:3d:22:fe:fa:47:ec:c0:5b:b1:49:
11:be:09:99:68:34:d3:fd:ad:64:68:29:22:d1:dc:65:6c:b2:
9b:6d:31:9f:1f:4b:27:4c:06:3f:4a:69:f1:2b:72:a1:30:32:
22:14:c2:e8:c9:18:96:aa:b2:f5:1e:d8:c3:f0:98:64:47:a9:
c4:da:b1:db:cd:9d:8b:c9:00:c2:c2:09:34:25:c0:7b:a5:de:
e8:84:73:b2:f0:52:78:d4:e9:ac:ac:9b:1a:71:cf:03:5c:97:
14:d9:bc:c1:3a:e4:51:4f:58:16:fa:4c:d4:a6:67:36:41:43:
30:85:41:a4:d8:53:2a:1b:6b:e3:d4:10:7e:09:69:7d:72:28:
69:dd:b4:3d:f2:7d:ce:d0:e8:70:55:44:49:e2:6b:bb:a2:3b:
39:15:91:96:75:ba:ac:46:32:72:71:54:6b:0d:8e:49:c9:c5:
db:54:43:52:90:9e:83:09:04:13:15:f8:3d:f7:b9:14:52:bd:
b5:e2:5e:90:4c:70:1d:48:f0:87:89:21:f7:cf:02:86:a9:c6:
3f:f5:4d:46
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIULijq80Xwgf8tZdYiPT4wcShv3okwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNTA2MjIwOTMxMjNaFw0yNjA2MjEwOTM2MjNaMDMxMTAvBgNV
BAMTKDVCMDAzMzE2NTQ1Mzg2NzJDRUE3QkNBRTYwQjI2Q0YzMzBENTM3NkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvOuTBkzNlSQadrUEbkSu5VWdM
0OSyRaCHgkRoyNIldl3gDECUUI3gHTXsFGLQxBd3yDKFir0U2oWVt97QO6P4Ed5Z
V5pGn8g92MeYchN+KVOd4oUbjwTPBg4GuJliXVwqKXNd0e4eg3PsZUXHntvj0X1v
kysImjftlB4ZaBqOCUjf2eTofcuboiRor4OsxoN8MlLcsg/d3VGBUwwmo4NzhPP/
tukx2Qr7amq0s9rQ/co1iAzh+YFx5MWR5l8/rMyTCbdhcZ3O7O0a6zVH5gBgEXy5
x9jBN+xCHpen0u82C0psw44pcEEDp8CmzVXjFMksHur0pNdWNO2PNtvWaoUJAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUWwAzFlRThnLOp7yuYLJs8zDVN2swHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzMzMTJlMzYyZTMzMzkyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzNDMzMzIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAfBicw
DQYJKoZIhvcNAQELBQADggEBAFgTIzG+7SkA8N6vlt46uYs/TYJkrzgG0Nqe7doj
C0kFc69pqr7oOBv16OQzPSL++kfswFuxSRG+CZloNNP9rWRoKSLR3GVsspttMZ8f
SydMBj9KafErcqEwMiIUwujJGJaqsvUe2MPwmGRHqcTasdvNnYvJAMLCCTQlwHul
3uiEc7LwUnjU6aysmxpxzwNclxTZvME65FFPWBb6TNSmZzZBQzCFQaTYUyoba+PU
EH4JaX1yKGndtD3yfc7Q6HBVREnia7uiOzkVkZZ1uqxGMnJxVGsNjknJxdtUQ1KQ
noMJBBMV+D33uRRSvbXiXpBMcB1I8IeJIffPAoapxj/1TUY=
-----END CERTIFICATE-----
Generated at Tue Jul 22 20:18:02 2025 by rpki-client