Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130372e302f32342d3234203d3e20323134323038.roa
File: 33312e3138352e3130372e302f32342d3234203d3e20323134323038.roa (raw, json)
Hash identifier: iqiKl6+YIrHEBq6ZgXjEwpHNvYPhUvsfMc60LM1HGfk=
Subject key identifier: 05:FC:12:17:D0:A0:D9:EC:89:C9:AB:F4:24:4A:63:C4:F2:DE:A8:74
Certificate issuer: /CN=38a93c81ecd308e6a7632717045b3d35150120f8
Certificate serial: 6DCBE01414F2FA97E8249A9F1D94BCABFC0639C2
Authority key identifier: 38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130372e302f32342d3234203d3e20323134323038.roa
Signing time: Mon 14 Jul 2025 14:46:24 +0000
ROA not before: Mon 14 Jul 2025 14:41:24 +0000
ROA not after: Mon 13 Jul 2026 14:46:24 +0000
asID: 214208
IP address blocks: 31.185.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 01:30:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:cb:e0:14:14:f2:fa:97:e8:24:9a:9f:1d:94:bc:ab:fc:06:39:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a93c81ecd308e6a7632717045b3d35150120f8
Validity
Not Before: Jul 14 14:41:24 2025 GMT
Not After : Jul 13 14:46:24 2026 GMT
Subject: CN=05FC1217D0A0D9EC89C9ABF4244A63C4F2DEA874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:68:d2:99:0d:54:c5:02:15:a1:46:4e:b2:a5:
18:6f:36:fb:5e:d4:ba:f4:a9:44:c2:b4:05:49:3d:
e8:39:e4:85:44:eb:17:c0:f0:6f:ef:27:7c:93:cf:
f0:e3:3d:e3:ba:44:b5:11:9b:65:e4:7a:79:9b:1c:
4e:b0:0e:0e:cb:92:41:58:7f:eb:16:6a:57:f0:be:
cf:3a:9a:fa:4e:d4:36:20:33:c4:b7:ba:9d:69:e7:
11:5a:65:a0:19:ca:19:ba:d1:0d:1e:26:31:28:29:
0f:5d:71:68:12:21:b4:e6:0d:1a:49:08:fe:19:04:
56:71:96:c9:5e:5a:c3:88:3a:5e:a9:c3:14:5b:b7:
df:a0:b3:9d:b9:3c:34:c3:ff:67:97:e3:65:4a:ad:
92:0e:50:17:3c:09:b8:0f:a3:e7:d6:28:64:5d:2e:
bb:01:8e:f2:70:20:96:71:08:b9:b6:6c:39:b7:73:
93:34:9f:c1:7d:25:7c:b7:fe:96:10:55:af:19:21:
c0:eb:90:30:b6:f4:de:c9:b2:8f:bc:a7:81:13:1c:
5b:f1:46:89:2f:a8:60:75:47:89:8b:f7:95:fc:5c:
e5:28:72:62:51:d4:70:e2:7b:05:5e:bc:00:e3:a8:
6f:92:87:26:e2:47:e1:a6:07:39:56:56:aa:de:b2:
9e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:FC:12:17:D0:A0:D9:EC:89:C9:AB:F4:24:4A:63:C4:F2:DE:A8:74
X509v3 Authority Key Identifier:
keyid:38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130372e302f32342d3234203d3e20323134323038.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.107.0/24
Signature Algorithm: sha256WithRSAEncryption
83:75:a5:97:d4:ad:03:4f:54:93:11:b1:3f:fc:41:22:da:e2:
fc:2a:c9:ea:88:17:e5:bf:f2:e1:a7:dd:53:af:d1:65:7e:e1:
6f:0d:89:a4:6c:ba:bf:96:cf:d9:35:14:38:13:1c:3d:c7:0a:
e9:a2:45:c5:6e:5b:ca:aa:6a:48:62:21:7f:f3:0e:db:af:cb:
7d:24:f6:e9:f5:1e:a9:bf:65:78:0a:18:85:6d:6c:c9:06:f9:
59:2d:fe:94:aa:87:7f:82:50:b8:73:7b:12:25:e5:45:db:54:
80:84:43:8e:8c:c1:3b:40:98:28:9e:5a:78:b2:75:4d:26:f0:
76:59:97:d8:3a:2f:19:2f:fa:95:e8:60:19:d4:2b:d7:b8:80:
9f:4a:28:06:84:bf:15:77:04:4b:ac:d4:8f:46:0e:d3:bd:6a:
29:f9:bc:46:69:bf:bd:50:45:51:21:cd:1f:eb:ff:4a:65:d0:
3a:2c:7d:8b:db:4a:d1:d2:6d:eb:3e:cd:da:b4:6d:37:52:5d:
df:79:af:fa:5f:2c:3f:18:dd:f0:08:62:e8:1c:10:27:3e:b7:
57:2d:4b:4f:9e:bd:14:bf:dc:83:d1:fd:ed:b9:2c:3a:4c:a7:
6c:a8:06:3e:d1:74:8f:d2:8a:78:87:35:59:82:f3:c7:5f:7a:
fd:04:1f:27
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUbcvgFBTy+pfoJJqfHZS8q/wGOcIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzhhOTNjODFlY2QzMDhlNmE3NjMyNzE3MDQ1YjNkMzUx
NTAxMjBmODAeFw0yNTA3MTQxNDQxMjRaFw0yNjA3MTMxNDQ2MjRaMDMxMTAvBgNV
BAMTKDA1RkMxMjE3RDBBMEQ5RUM4OUM5QUJGNDI0NEE2M0M0RjJERUE4NzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoaNKZDVTFAhWhRk6ypRhvNvte
1Lr0qUTCtAVJPeg55IVE6xfA8G/vJ3yTz/DjPeO6RLURm2XkenmbHE6wDg7LkkFY
f+sWalfwvs86mvpO1DYgM8S3up1p5xFaZaAZyhm60Q0eJjEoKQ9dcWgSIbTmDRpJ
CP4ZBFZxlsleWsOIOl6pwxRbt9+gs525PDTD/2eX42VKrZIOUBc8CbgPo+fWKGRd
LrsBjvJwIJZxCLm2bDm3c5M0n8F9JXy3/pYQVa8ZIcDrkDC29N7Jso+8p4ETHFvx
RokvqGB1R4mL95X8XOUocmJR1HDiewVevADjqG+ShybiR+GmBzlWVqresp4VAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUBfwSF9Cg2eyJyav0JEpjxPLeqHQwHwYDVR0j
BBgwFoAUOKk8gezTCOanYycXBFs9NRUBIPgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTgyYzY1YjktNzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZm
OWI4LzAvMzhBOTNDODFFQ0QzMDhFNkE3NjMyNzE3MDQ1QjNEMzUxNTAxMjBGOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09LazhnZXpUQ09hbll5Y1hCRnM5TlJV
QklQZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTgyYzY1Yjkt
NzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZmOWI4LzAvMzMzMTJlMzEzODM1MmUzMTMw
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzMjMwMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAfuWswDQYJKoZIhvcNAQELBQADggEBAIN1pZfUrQNPVJMRsT/8QSLa4vwqyeqI
F+W/8uGn3VOv0WV+4W8NiaRsur+Wz9k1FDgTHD3HCumiRcVuW8qqakhiIX/zDtuv
y30k9un1Hqm/ZXgKGIVtbMkG+Vkt/pSqh3+CULhzexIl5UXbVICEQ46MwTtAmCie
WniydU0m8HZZl9g6Lxkv+pXoYBnUK9e4gJ9KKAaEvxV3BEus1I9GDtO9ain5vEZp
v71QRVEhzR/r/0pl0DosfYvbStHSbes+zdq0bTdSXd95r/pfLD8Y3fAIYugcECc+
t1ctS0+evRS/3IPR/e25LDpMp2yoBj7RdI/SiniHNVmC88dfev0EHyc=
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:55:46 2025 by rpki-client