Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130372e302f32342d3234203d3e203231383539.roa
File: 33312e3138352e3130372e302f32342d3234203d3e203231383539.roa (raw, json)
Hash identifier: X23TgVm2+OwqELUYhUauYCGCU9YC3xkuQ9JiAV3abPE=
Subject key identifier: 4D:61:9E:BF:0A:5E:41:26:78:EC:07:81:C2:E4:A3:63:79:D0:9F:E2
Certificate issuer: /CN=38a93c81ecd308e6a7632717045b3d35150120f8
Certificate serial: 2AC68DC69B9C96498967ECEE3756FC65CCA73DCD
Authority key identifier: 38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130372e302f32342d3234203d3e203231383539.roa
Signing time: Fri 07 Mar 2025 07:09:28 +0000
ROA not before: Fri 07 Mar 2025 07:04:28 +0000
ROA not after: Fri 06 Mar 2026 07:09:28 +0000
asID: 21859
IP address blocks: 31.185.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:c6:8d:c6:9b:9c:96:49:89:67:ec:ee:37:56:fc:65:cc:a7:3d:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a93c81ecd308e6a7632717045b3d35150120f8
Validity
Not Before: Mar 7 07:04:28 2025 GMT
Not After : Mar 6 07:09:28 2026 GMT
Subject: CN=4D619EBF0A5E412678EC0781C2E4A36379D09FE2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7e:b0:ae:a6:0e:b2:3d:1d:76:fe:3f:7b:1b:
69:3b:ce:83:11:dd:99:34:40:6f:d9:0f:f6:66:02:
b8:0a:82:53:19:ca:21:92:6e:5a:6b:91:4a:8d:a3:
a9:5a:6a:8f:20:e6:99:e9:12:56:fa:6b:94:56:12:
ce:2a:ae:e2:91:a6:52:bb:ef:64:bf:67:26:42:c5:
12:e2:bc:d4:71:c8:8e:da:7f:02:f8:b0:ec:6d:d9:
e0:59:52:8b:fa:22:8f:56:fa:ff:bc:d7:74:93:de:
5e:27:d8:4d:db:a2:43:15:94:06:08:a2:36:31:a2:
7c:09:5a:20:42:e4:3c:b1:c5:68:d5:c2:91:01:39:
ae:b5:b9:51:26:e2:ab:df:cf:55:e6:be:01:f2:fc:
cf:31:b1:91:04:31:e6:b2:41:1b:05:0f:3f:52:ad:
03:5c:68:ab:2f:98:df:ea:84:c1:48:0e:26:0d:71:
f2:e4:99:ac:74:63:d4:37:cf:75:3b:e5:4f:65:30:
88:1e:e9:ff:a3:62:9b:82:e2:c9:ff:ed:06:cf:fc:
51:27:2d:6c:0f:6e:98:b2:8e:99:4d:a9:c1:73:ce:
8c:66:5b:89:a9:0a:cd:b4:03:c4:ba:2a:02:45:d1:
ef:11:d1:19:96:37:69:a8:b2:35:0b:9a:4a:f8:b1:
55:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:61:9E:BF:0A:5E:41:26:78:EC:07:81:C2:E4:A3:63:79:D0:9F:E2
X509v3 Authority Key Identifier:
keyid:38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130372e302f32342d3234203d3e203231383539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.107.0/24
Signature Algorithm: sha256WithRSAEncryption
83:7b:32:76:56:65:5c:f1:e6:19:b0:08:19:c4:e3:1f:f7:24:
25:bb:56:3c:4d:74:06:86:38:32:9f:06:db:e6:00:3a:d5:fc:
66:22:f4:60:fd:d5:a3:55:ae:89:92:6d:0f:d9:f2:1e:67:42:
e1:7e:93:01:5c:4d:12:0e:ae:a5:5f:10:b8:b7:ea:df:9e:f1:
ab:94:19:44:98:c5:3d:a2:f1:70:b5:9a:d6:8d:47:ad:74:0e:
ed:eb:ec:1f:21:d3:4c:ee:45:28:76:60:43:32:41:aa:b3:04:
10:1c:3a:b6:3f:12:9d:d4:cb:9d:56:3e:7a:c7:dd:03:eb:88:
e1:76:2e:5a:82:03:b2:fa:3d:dd:bb:bf:03:3b:9d:fc:94:fc:
ad:78:40:a3:f7:2e:9d:0b:06:df:46:c8:4a:d6:ea:6a:ca:68:
fc:22:89:16:2c:01:a9:d7:60:d4:38:c1:88:99:f4:84:cf:1f:
5c:7c:dd:7c:13:3d:5f:69:40:a6:3f:a1:0e:24:ae:b7:e6:3a:
55:6a:cb:53:90:06:76:c3:82:28:9b:c7:ea:d1:6a:d6:b7:d6:
5a:b5:3d:26:73:e5:94:ca:12:52:27:95:81:74:b8:88:71:36:
a0:11:7e:2e:6b:51:19:d8:83:94:24:06:5b:9d:56:30:65:30:
00:76:1e:fb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKsaNxpuclkmJZ+zuN1b8ZcynPc0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzhhOTNjODFlY2QzMDhlNmE3NjMyNzE3MDQ1YjNkMzUx
NTAxMjBmODAeFw0yNTAzMDcwNzA0MjhaFw0yNjAzMDYwNzA5MjhaMDMxMTAvBgNV
BAMTKDRENjE5RUJGMEE1RTQxMjY3OEVDMDc4MUMyRTRBMzYzNzlEMDlGRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6frCupg6yPR12/j97G2k7zoMR
3Zk0QG/ZD/ZmArgKglMZyiGSblprkUqNo6laao8g5pnpElb6a5RWEs4qruKRplK7
72S/ZyZCxRLivNRxyI7afwL4sOxt2eBZUov6Io9W+v+813ST3l4n2E3bokMVlAYI
ojYxonwJWiBC5DyxxWjVwpEBOa61uVEm4qvfz1XmvgHy/M8xsZEEMeayQRsFDz9S
rQNcaKsvmN/qhMFIDiYNcfLkmax0Y9Q3z3U75U9lMIge6f+jYpuC4sn/7QbP/FEn
LWwPbpiyjplNqcFzzoxmW4mpCs20A8S6KgJF0e8R0RmWN2mosjULmkr4sVULAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUTWGevwpeQSZ47AeBwuSjY3nQn+IwHwYDVR0j
BBgwFoAUOKk8gezTCOanYycXBFs9NRUBIPgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTgyYzY1YjktNzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZm
OWI4LzAvMzhBOTNDODFFQ0QzMDhFNkE3NjMyNzE3MDQ1QjNEMzUxNTAxMjBGOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09LazhnZXpUQ09hbll5Y1hCRnM5TlJV
QklQZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTgyYzY1Yjkt
NzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZmOWI4LzAvMzMzMTJlMzEzODM1MmUzMTMw
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzgzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H7lrMA0GCSqGSIb3DQEBCwUAA4IBAQCDezJ2VmVc8eYZsAgZxOMf9yQlu1Y8TXQG
hjgynwbb5gA61fxmIvRg/dWjVa6Jkm0P2fIeZ0LhfpMBXE0SDq6lXxC4t+rfnvGr
lBlEmMU9ovFwtZrWjUetdA7t6+wfIdNM7kUodmBDMkGqswQQHDq2PxKd1MudVj56
x90D64jhdi5aggOy+j3du78DO538lPyteECj9y6dCwbfRshK1upqymj8IokWLAGp
12DUOMGImfSEzx9cfN18Ez1faUCmP6EOJK635jpVastTkAZ2w4Iom8fq0WrWt9Za
tT0mc+WUyhJSJ5WBdLiIcTagEX4ua1EZ2IOUJAZbnVYwZTAAdh77
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:53:43 2025 by rpki-client