Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130352e302f32342d3234203d3e20313335333931.roa
File: 33312e3138352e3130352e302f32342d3234203d3e20313335333931.roa (raw, json)
Hash identifier: UHjaYZdaJB6lUIpYnqhxUJeEQvDh7dO7siLVcmgE1HM=
Subject key identifier: 16:8A:45:A3:04:3E:88:05:65:4D:B1:84:AF:65:26:06:1F:17:D4:F5
Certificate issuer: /CN=38a93c81ecd308e6a7632717045b3d35150120f8
Certificate serial: 743DFABFC2702FFE9D0610BA397D1459C008E825
Authority key identifier: 38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130352e302f32342d3234203d3e20313335333931.roa
Signing time: Mon 26 May 2025 08:21:42 +0000
ROA not before: Mon 26 May 2025 08:16:42 +0000
ROA not after: Mon 25 May 2026 08:21:42 +0000
asID: 135391
IP address blocks: 31.185.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 03:50:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:3d:fa:bf:c2:70:2f:fe:9d:06:10:ba:39:7d:14:59:c0:08:e8:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a93c81ecd308e6a7632717045b3d35150120f8
Validity
Not Before: May 26 08:16:42 2025 GMT
Not After : May 25 08:21:42 2026 GMT
Subject: CN=168A45A3043E8805654DB184AF6526061F17D4F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1f:00:58:90:f3:08:ef:2e:94:1f:02:95:94:
cc:9c:2b:73:08:1d:02:31:fc:be:64:bf:22:7d:df:
d2:13:47:13:41:71:32:6f:a1:d4:31:de:2f:7e:ab:
c9:78:f3:69:98:b4:e6:18:ce:b9:bc:5a:48:37:95:
0e:cd:9e:b6:93:40:79:69:6a:8f:d9:32:9e:b5:80:
09:4c:71:f8:69:97:91:23:87:50:fd:00:cc:02:f6:
13:5c:b2:2b:ed:b1:55:c0:10:31:44:4d:cc:9f:df:
9e:a5:ae:94:e2:39:d4:3e:9d:90:92:37:88:e7:00:
76:d4:f5:38:eb:15:7f:f9:3e:38:4a:25:e8:51:4b:
82:fc:1a:f4:74:56:af:8e:3f:5f:cf:1b:19:a7:5b:
e0:48:ab:3e:96:b8:d4:37:79:c5:e5:bc:6d:98:5d:
f9:78:0c:49:ad:ea:e0:a4:d1:87:a3:dc:73:b7:7f:
01:1b:83:75:f9:56:d0:b9:d3:f0:17:c2:5d:66:b0:
83:49:67:26:10:12:d4:58:a1:72:4f:df:55:ae:dc:
5e:e1:50:b9:20:88:75:5d:ec:30:38:b4:2a:d7:f9:
84:81:3e:74:b7:7f:42:a1:ee:13:23:c7:94:2e:cc:
45:34:0c:f8:79:9f:d4:ea:65:f0:f2:5e:cf:a5:d9:
0b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:8A:45:A3:04:3E:88:05:65:4D:B1:84:AF:65:26:06:1F:17:D4:F5
X509v3 Authority Key Identifier:
keyid:38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130352e302f32342d3234203d3e20313335333931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.105.0/24
Signature Algorithm: sha256WithRSAEncryption
24:05:bd:67:c2:5e:f4:88:b2:49:8a:0b:c9:2b:c6:61:d6:45:
a6:e3:72:b5:29:7d:96:8c:6e:90:cb:8d:51:92:70:ff:db:25:
89:ab:6d:c8:c2:91:24:75:37:3e:76:61:ca:49:b7:f2:38:c6:
8a:4d:d8:24:d2:3a:05:c6:2c:e7:b8:28:cd:9b:6f:3e:ac:70:
9a:34:4e:d2:53:05:39:d5:35:26:45:5b:b6:1e:e2:96:b6:21:
44:bd:59:65:48:ef:9a:db:4f:d3:eb:50:bc:6a:a3:87:dd:35:
b1:fd:e7:e4:e4:d8:2d:8d:6d:13:62:c4:3c:a3:fe:ed:13:d1:
c4:6d:2c:d4:08:b0:1a:40:52:d1:67:49:50:43:21:49:f3:eb:
af:74:41:3e:2a:e3:aa:9f:f7:de:1c:58:a5:70:0b:89:59:50:
23:55:dc:e1:26:ce:1a:01:78:1a:19:82:e7:be:93:49:92:d0:
fe:f6:a4:7c:2f:72:cb:f1:03:1e:ca:f2:01:e4:0c:35:00:76:
f8:17:a2:49:75:9e:e1:d6:54:3e:aa:8f:db:b8:ab:07:16:4f:
b1:4b:7e:de:98:5a:1e:4c:b3:6c:4c:25:d2:4f:66:a1:e9:0c:
bc:ff:cd:c6:39:06:ab:d2:59:66:d9:79:18:53:9b:b8:a1:6a:
79:05:af:44
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdD36v8JwL/6dBhC6OX0UWcAI6CUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzhhOTNjODFlY2QzMDhlNmE3NjMyNzE3MDQ1YjNkMzUx
NTAxMjBmODAeFw0yNTA1MjYwODE2NDJaFw0yNjA1MjUwODIxNDJaMDMxMTAvBgNV
BAMTKDE2OEE0NUEzMDQzRTg4MDU2NTREQjE4NEFGNjUyNjA2MUYxN0Q0RjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyHwBYkPMI7y6UHwKVlMycK3MI
HQIx/L5kvyJ939ITRxNBcTJvodQx3i9+q8l482mYtOYYzrm8Wkg3lQ7NnraTQHlp
ao/ZMp61gAlMcfhpl5Ejh1D9AMwC9hNcsivtsVXAEDFETcyf356lrpTiOdQ+nZCS
N4jnAHbU9TjrFX/5PjhKJehRS4L8GvR0Vq+OP1/PGxmnW+BIqz6WuNQ3ecXlvG2Y
Xfl4DEmt6uCk0Yej3HO3fwEbg3X5VtC50/AXwl1msINJZyYQEtRYoXJP31Wu3F7h
ULkgiHVd7DA4tCrX+YSBPnS3f0Kh7hMjx5QuzEU0DPh5n9TqZfDyXs+l2QuFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUFopFowQ+iAVlTbGEr2UmBh8X1PUwHwYDVR0j
BBgwFoAUOKk8gezTCOanYycXBFs9NRUBIPgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTgyYzY1YjktNzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZm
OWI4LzAvMzhBOTNDODFFQ0QzMDhFNkE3NjMyNzE3MDQ1QjNEMzUxNTAxMjBGOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09LazhnZXpUQ09hbll5Y1hCRnM5TlJV
QklQZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTgyYzY1Yjkt
NzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZmOWI4LzAvMzMzMTJlMzEzODM1MmUzMTMw
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzUzMzM5MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAfuWkwDQYJKoZIhvcNAQELBQADggEBACQFvWfCXvSIskmKC8krxmHWRabjcrUp
fZaMbpDLjVGScP/bJYmrbcjCkSR1Nz52YcpJt/I4xopN2CTSOgXGLOe4KM2bbz6s
cJo0TtJTBTnVNSZFW7Ye4pa2IUS9WWVI75rbT9PrULxqo4fdNbH95+Tk2C2NbRNi
xDyj/u0T0cRtLNQIsBpAUtFnSVBDIUnz6690QT4q46qf994cWKVwC4lZUCNV3OEm
zhoBeBoZgue+k0mS0P72pHwvcsvxAx7K8gHkDDUAdvgXokl1nuHWVD6qj9u4qwcW
T7FLft6YWh5Ms2xMJdJPZqHpDLz/zcY5BqvSWWbZeRhTm7ihankFr0Q=
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:03:44 2025 by rpki-client