Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130352e302f32342d3234203d3e203231383539.roa
File: 33312e3138352e3130352e302f32342d3234203d3e203231383539.roa (raw, json)
Hash identifier: a63rT1N28Uv/Le5pLK02Tt+HFr5JVrcUSe5O3d53VJA=
Subject key identifier: 77:35:E4:88:17:9C:9E:06:04:E5:9C:28:AC:87:85:A8:BB:D4:94:D2
Certificate issuer: /CN=38a93c81ecd308e6a7632717045b3d35150120f8
Certificate serial: 254417FDFFBA70394C16750199F2A02C2E1F2949
Authority key identifier: 38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130352e302f32342d3234203d3e203231383539.roa
Signing time: Wed 27 Aug 2025 05:26:08 +0000
ROA not before: Wed 27 Aug 2025 05:21:08 +0000
ROA not after: Wed 26 Aug 2026 05:26:08 +0000
asID: 21859
IP address blocks: 31.185.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:44:17:fd:ff:ba:70:39:4c:16:75:01:99:f2:a0:2c:2e:1f:29:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a93c81ecd308e6a7632717045b3d35150120f8
Validity
Not Before: Aug 27 05:21:08 2025 GMT
Not After : Aug 26 05:26:08 2026 GMT
Subject: CN=7735E488179C9E0604E59C28AC8785A8BBD494D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:82:1d:1f:78:67:81:30:cc:42:6e:5a:57:a3:
f3:69:c6:df:43:99:21:33:ad:d7:3c:2d:70:e5:60:
5c:df:af:a3:a2:19:a5:10:b7:12:4b:32:e3:7e:57:
22:21:e8:da:45:0b:af:d2:7a:3e:6c:71:6b:eb:b5:
29:49:ce:72:6a:e9:35:f8:0b:15:62:97:3e:14:d0:
9d:92:2f:bf:82:c6:25:19:5a:a1:b8:d8:d8:c0:a4:
00:e1:ea:2b:2f:1b:2e:f0:da:f6:d8:62:d1:49:a0:
69:b2:65:4b:7e:b4:a0:e7:a6:8f:6b:f0:b3:99:73:
cd:cc:4b:43:4b:95:2e:7f:65:3a:51:c7:b3:a4:32:
77:63:23:bf:97:82:22:9a:b7:9e:fe:ca:99:93:84:
54:8e:f2:6b:bc:5d:2a:41:7c:63:ba:98:bc:d9:d0:
e0:47:21:57:22:eb:76:7a:83:f7:2c:82:ed:04:8f:
cc:ba:26:6f:02:19:d0:b7:f8:ea:cc:83:2c:ca:27:
54:af:4a:8a:92:b9:0d:e1:1d:60:68:5f:40:71:9d:
82:38:b1:99:5c:52:e5:30:c6:de:89:f4:23:97:53:
07:3e:8c:ee:db:bf:e5:44:ce:02:b9:51:14:3b:62:
cd:d1:a6:b4:8a:57:11:53:8d:ea:40:85:ca:27:3a:
73:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:35:E4:88:17:9C:9E:06:04:E5:9C:28:AC:87:85:A8:BB:D4:94:D2
X509v3 Authority Key Identifier:
keyid:38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130352e302f32342d3234203d3e203231383539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.105.0/24
Signature Algorithm: sha256WithRSAEncryption
29:4c:45:b9:02:b7:18:bb:a3:05:06:1e:22:43:d4:c5:42:d1:
49:bf:3f:cb:40:52:9d:39:dc:f8:f0:63:5d:e5:19:cb:db:ec:
15:47:bf:d5:43:f1:9c:10:56:99:e1:13:f3:0c:81:dc:3b:02:
47:e5:c2:8a:41:07:d9:b9:95:a9:65:a8:74:80:83:7f:00:00:
ab:f8:4e:36:a3:1a:83:cc:6f:d6:5d:52:47:35:7c:85:d0:89:
c2:78:45:38:1b:28:4d:8a:1f:a1:75:07:14:df:61:02:8c:a5:
8e:1b:b7:e6:51:26:74:77:fd:d3:6f:e8:07:2f:a4:5e:be:e0:
b9:5a:12:c9:c5:70:3b:f4:21:93:93:e4:39:ba:fc:da:64:1c:
a0:ae:34:ed:16:4b:df:28:cf:a3:14:dc:d8:f1:32:4f:b3:35:
c9:74:69:3a:5d:67:38:a2:36:b4:f4:53:3e:eb:9d:d9:33:4f:
32:c9:55:56:56:be:c0:d7:d7:f5:04:d1:2a:4a:92:d2:28:f8:
6d:fe:ab:76:88:0f:73:97:33:c1:ec:4b:15:a6:32:f9:38:8c:
95:c9:eb:e8:bf:a8:92:86:54:08:0c:1c:ac:e3:2c:f2:5a:f0:
ad:85:90:89:f0:b2:50:07:9c:cf:6d:64:79:ff:72:45:94:4b:
12:f7:73:e9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJUQX/f+6cDlMFnUBmfKgLC4fKUkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzhhOTNjODFlY2QzMDhlNmE3NjMyNzE3MDQ1YjNkMzUx
NTAxMjBmODAeFw0yNTA4MjcwNTIxMDhaFw0yNjA4MjYwNTI2MDhaMDMxMTAvBgNV
BAMTKDc3MzVFNDg4MTc5QzlFMDYwNEU1OUMyOEFDODc4NUE4QkJENDk0RDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvgh0feGeBMMxCblpXo/Npxt9D
mSEzrdc8LXDlYFzfr6OiGaUQtxJLMuN+VyIh6NpFC6/Sej5scWvrtSlJznJq6TX4
CxVilz4U0J2SL7+CxiUZWqG42NjApADh6isvGy7w2vbYYtFJoGmyZUt+tKDnpo9r
8LOZc83MS0NLlS5/ZTpRx7OkMndjI7+XgiKat57+ypmThFSO8mu8XSpBfGO6mLzZ
0OBHIVci63Z6g/csgu0Ej8y6Jm8CGdC3+OrMgyzKJ1SvSoqSuQ3hHWBoX0BxnYI4
sZlcUuUwxt6J9COXUwc+jO7bv+VEzgK5URQ7Ys3RprSKVxFTjepAhconOnNpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUdzXkiBecngYE5ZworIeFqLvUlNIwHwYDVR0j
BBgwFoAUOKk8gezTCOanYycXBFs9NRUBIPgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTgyYzY1YjktNzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZm
OWI4LzAvMzhBOTNDODFFQ0QzMDhFNkE3NjMyNzE3MDQ1QjNEMzUxNTAxMjBGOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09LazhnZXpUQ09hbll5Y1hCRnM5TlJV
QklQZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTgyYzY1Yjkt
NzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZmOWI4LzAvMzMzMTJlMzEzODM1MmUzMTMw
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzgzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H7lpMA0GCSqGSIb3DQEBCwUAA4IBAQApTEW5ArcYu6MFBh4iQ9TFQtFJvz/LQFKd
Odz48GNd5RnL2+wVR7/VQ/GcEFaZ4RPzDIHcOwJH5cKKQQfZuZWpZah0gIN/AACr
+E42oxqDzG/WXVJHNXyF0InCeEU4GyhNih+hdQcU32ECjKWOG7fmUSZ0d/3Tb+gH
L6RevuC5WhLJxXA79CGTk+Q5uvzaZBygrjTtFkvfKM+jFNzY8TJPszXJdGk6XWc4
oja09FM+653ZM08yyVVWVr7A19f1BNEqSpLSKPht/qt2iA9zlzPB7EsVpjL5OIyV
yevov6iShlQIDBys4yzyWvCthZCJ8LJQB5zPbWR5/3JFlEsS93Pp
-----END CERTIFICATE-----
Generated at Fri Sep 19 13:56:18 2025 by rpki-client