Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130342e302f32332d3233203d3e203433383437.roa
File: 33312e3138352e3130342e302f32332d3233203d3e203433383437.roa (raw, json)
Hash identifier: eEMAUpumzcappB7Zi3531kyZDYm0vBvboxygcVH5na0=
Subject key identifier: A5:0E:6B:AF:62:7A:5D:0A:82:D9:5C:DB:4F:40:0D:9D:F5:33:AE:43
Certificate issuer: /CN=38a93c81ecd308e6a7632717045b3d35150120f8
Certificate serial: 4CD3ED8FF967BAE4027D67AF49C590773F848C70
Authority key identifier: 38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130342e302f32332d3233203d3e203433383437.roa
Signing time: Wed 29 Jan 2025 13:36:38 +0000
ROA not before: Wed 29 Jan 2025 13:31:38 +0000
ROA not after: Wed 28 Jan 2026 13:36:38 +0000
asID: 43847
IP address blocks: 31.185.104.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 18:17:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:d3:ed:8f:f9:67:ba:e4:02:7d:67:af:49:c5:90:77:3f:84:8c:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a93c81ecd308e6a7632717045b3d35150120f8
Validity
Not Before: Jan 29 13:31:38 2025 GMT
Not After : Jan 28 13:36:38 2026 GMT
Subject: CN=A50E6BAF627A5D0A82D95CDB4F400D9DF533AE43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:50:3e:ff:b8:79:92:90:7b:1c:14:75:40:50:
3d:d9:2e:55:3e:d7:90:f5:14:34:06:17:21:0d:b5:
b0:5e:f6:09:5d:07:74:28:b5:20:2a:37:de:d5:11:
46:47:13:b0:9c:48:44:5a:a5:27:d5:47:87:04:31:
73:77:f6:6c:16:74:8e:6f:5f:98:00:c0:79:9f:77:
72:76:7b:40:7b:2c:33:7e:e3:bf:78:72:d5:25:f6:
76:9f:f5:2f:ee:8e:16:53:1b:c6:19:6a:e3:ff:c6:
0b:b5:f5:2f:72:97:69:e5:c2:a2:7d:5b:b0:5f:15:
a5:03:e5:92:00:6b:9a:83:2b:13:af:7f:70:05:4f:
28:b8:94:23:98:03:0e:0c:22:10:a7:7e:16:49:84:
0d:77:28:cf:1c:ad:08:ac:b5:7c:e2:6d:bf:aa:e3:
00:c5:6c:50:d4:90:3f:f8:57:f1:b0:9a:1d:0e:8f:
f3:76:0c:d8:85:02:c4:4e:9d:91:e3:3a:1b:c6:fb:
2b:06:f5:67:bb:51:2f:fa:17:ea:2a:2f:00:b2:d2:
de:b0:98:af:2e:8e:1d:50:bd:3b:7c:0b:16:a6:67:
73:4d:7b:6a:df:a5:96:f3:f7:9d:8a:ca:d7:43:a2:
b5:89:cb:87:63:82:8b:b7:b8:63:2f:85:32:55:da:
a0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:0E:6B:AF:62:7A:5D:0A:82:D9:5C:DB:4F:40:0D:9D:F5:33:AE:43
X509v3 Authority Key Identifier:
keyid:38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130342e302f32332d3233203d3e203433383437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.104.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:29:d4:35:32:67:b3:d2:1b:1e:78:44:a2:07:d8:6e:8f:85:
1b:d0:00:c3:f3:bf:43:b2:b0:16:b6:71:ba:00:03:8f:ed:a1:
54:d5:a1:bf:65:cb:95:53:b3:1c:a8:ba:3e:1d:73:da:75:c2:
a8:0b:2b:ba:b6:db:7f:a3:51:e1:2e:99:2d:92:1b:39:67:0c:
a0:2d:74:0b:c5:7d:7a:d4:f8:7a:f0:6c:54:9d:60:90:f6:16:
dd:59:0e:e8:4e:c5:0d:2f:75:a1:4c:ba:97:13:16:e7:7e:c4:
7e:c3:e5:e3:a6:a8:4d:28:35:4f:d7:6b:a6:ec:10:bc:a6:f3:
c3:d9:db:82:c2:2b:a0:08:b6:0e:90:52:cb:c8:c9:a4:3c:f8:
5a:76:e0:05:1c:ba:cf:c9:39:27:71:1b:2d:42:95:ef:9f:af:
e9:72:f9:0b:08:ec:53:ca:2f:df:96:a1:78:04:dc:b1:0c:1f:
42:f9:9b:c9:c2:5f:7b:92:3a:c1:16:12:f7:23:af:19:e1:00:
5c:c8:56:dd:ec:21:88:b0:45:91:60:ed:a9:e7:0b:4c:7a:78:
b0:52:4e:31:9d:96:93:9a:ce:0e:a6:b5:88:65:0e:dc:24:17:
69:10:53:80:10:fc:9a:86:c4:7d:a4:54:86:08:c4:5c:e6:c9:
d9:ff:8c:f3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTNPtj/lnuuQCfWevScWQdz+EjHAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzhhOTNjODFlY2QzMDhlNmE3NjMyNzE3MDQ1YjNkMzUx
NTAxMjBmODAeFw0yNTAxMjkxMzMxMzhaFw0yNjAxMjgxMzM2MzhaMDMxMTAvBgNV
BAMTKEE1MEU2QkFGNjI3QTVEMEE4MkQ5NUNEQjRGNDAwRDlERjUzM0FFNDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpUD7/uHmSkHscFHVAUD3ZLlU+
15D1FDQGFyENtbBe9gldB3QotSAqN97VEUZHE7CcSERapSfVR4cEMXN39mwWdI5v
X5gAwHmfd3J2e0B7LDN+4794ctUl9naf9S/ujhZTG8YZauP/xgu19S9yl2nlwqJ9
W7BfFaUD5ZIAa5qDKxOvf3AFTyi4lCOYAw4MIhCnfhZJhA13KM8crQistXzibb+q
4wDFbFDUkD/4V/Gwmh0Oj/N2DNiFAsROnZHjOhvG+ysG9We7US/6F+oqLwCy0t6w
mK8ujh1QvTt8CxamZ3NNe2rfpZbz952KytdDorWJy4djgou3uGMvhTJV2qDFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUpQ5rr2J6XQqC2VzbT0ANnfUzrkMwHwYDVR0j
BBgwFoAUOKk8gezTCOanYycXBFs9NRUBIPgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTgyYzY1YjktNzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZm
OWI4LzAvMzhBOTNDODFFQ0QzMDhFNkE3NjMyNzE3MDQ1QjNEMzUxNTAxMjBGOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09LazhnZXpUQ09hbll5Y1hCRnM5TlJV
QklQZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTgyYzY1Yjkt
NzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZmOWI4LzAvMzMzMTJlMzEzODM1MmUzMTMw
MzQyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzNDMzMzgzNDM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
H7loMA0GCSqGSIb3DQEBCwUAA4IBAQB8KdQ1Mmez0hseeESiB9huj4Ub0ADD879D
srAWtnG6AAOP7aFU1aG/ZcuVU7McqLo+HXPadcKoCyu6ttt/o1HhLpktkhs5Zwyg
LXQLxX161Ph68GxUnWCQ9hbdWQ7oTsUNL3WhTLqXExbnfsR+w+XjpqhNKDVP12um
7BC8pvPD2duCwiugCLYOkFLLyMmkPPhaduAFHLrPyTkncRstQpXvn6/pcvkLCOxT
yi/flqF4BNyxDB9C+ZvJwl97kjrBFhL3I68Z4QBcyFbd7CGIsEWRYO2p5wtMeniw
Uk4xnZaTms4OprWIZQ7cJBdpEFOAEPyahsR9pFSGCMRc5snZ/4zz
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:00:10 2025 by rpki-client