Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3131302e302f32332d3233203d3e203433383437.roa
File: 33312e3138352e3131302e302f32332d3233203d3e203433383437.roa (raw, json)
Hash identifier: qxCLun/WtTeFMx+PxPX3S31IVGcq1qdFktxPeS1csWo=
Subject key identifier: 09:9A:2B:7C:BD:C8:F7:86:8A:E7:E4:00:97:97:FF:DE:AA:1D:7B:1D
Certificate issuer: /CN=38a93c81ecd308e6a7632717045b3d35150120f8
Certificate serial: 373DF69591FAAF47BED7D7DE7A735CDFD4B3E221
Authority key identifier: 38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3131302e302f32332d3233203d3e203433383437.roa
Signing time: Wed 29 Jan 2025 13:36:58 +0000
ROA not before: Wed 29 Jan 2025 13:31:58 +0000
ROA not after: Wed 28 Jan 2026 13:36:58 +0000
asID: 43847
IP address blocks: 31.185.110.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 18:17:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:3d:f6:95:91:fa:af:47:be:d7:d7:de:7a:73:5c:df:d4:b3:e2:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a93c81ecd308e6a7632717045b3d35150120f8
Validity
Not Before: Jan 29 13:31:58 2025 GMT
Not After : Jan 28 13:36:58 2026 GMT
Subject: CN=099A2B7CBDC8F7868AE7E4009797FFDEAA1D7B1D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:60:7c:25:d2:2c:ae:49:9b:4f:8f:75:12:74:
cc:94:02:d5:b3:6e:2c:cd:71:23:3d:36:4c:3e:5a:
d6:06:52:4c:6f:94:fc:d8:94:b0:6b:14:cd:eb:73:
3a:a7:aa:6e:bc:b0:f0:6d:36:39:5b:bf:01:3c:b3:
b8:89:96:96:80:47:23:64:69:fa:d2:29:de:45:ef:
43:a6:34:1f:1a:03:a7:40:b7:e2:d9:66:e5:3b:92:
83:63:f1:a3:1f:08:9f:6f:a1:d0:32:95:f7:d5:c4:
d1:b3:5d:5f:44:8d:c3:cc:a2:4c:4e:02:bf:95:ca:
b3:56:70:16:b7:84:a4:ab:47:71:d2:ef:17:04:a8:
e0:81:a6:7c:c7:9d:cf:ff:4c:7a:4e:b1:01:61:d5:
11:8c:d9:01:c5:0b:f2:9c:37:51:e9:96:ff:13:2a:
42:b2:dd:14:87:bc:e8:61:04:b1:9c:b1:30:93:71:
dc:88:0c:2e:fb:c5:17:2d:c3:7b:71:e2:6c:ad:ae:
3c:8a:17:44:bf:37:c7:26:c8:b3:94:2a:d4:94:66:
8a:4e:0c:89:57:ed:06:81:cb:73:5c:34:5c:62:72:
20:c4:cc:2d:42:7e:7a:b8:ba:ae:20:d8:ed:13:37:
aa:c2:58:23:da:b2:87:d6:d1:72:d4:4f:2c:a5:bd:
82:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:9A:2B:7C:BD:C8:F7:86:8A:E7:E4:00:97:97:FF:DE:AA:1D:7B:1D
X509v3 Authority Key Identifier:
keyid:38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3131302e302f32332d3233203d3e203433383437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.110.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:64:f8:10:01:a1:d7:21:cc:6b:d1:7b:50:e1:06:fb:e8:6d:
65:08:84:b2:7d:2f:36:ad:b4:c8:d3:7f:32:90:62:ba:67:e0:
1d:af:fb:38:c4:2f:6f:2d:ed:db:6e:d7:21:ec:75:76:ee:92:
d8:f0:72:a8:ba:65:72:00:f6:7e:50:ed:68:92:52:a6:44:e3:
6e:ec:e8:ef:6a:76:61:52:15:eb:ff:66:4e:65:b2:8a:c1:53:
5d:3d:ce:db:11:c6:02:1c:97:bb:61:4a:cf:3e:48:a0:e1:20:
68:ae:28:83:d9:c6:cd:d7:58:0a:83:1f:9a:bc:ab:24:38:bc:
e7:80:82:42:28:9d:84:d0:ce:d8:c2:bf:02:00:6c:8f:ee:a3:
3b:f2:ad:47:0d:1b:a9:37:c2:9d:8f:0f:2b:5f:84:f6:76:0d:
48:e8:29:8c:0f:ac:75:02:48:d5:8d:3c:04:d4:73:cb:26:78:
77:5d:55:b2:61:30:08:c2:a3:81:f6:fd:29:99:36:47:ee:38:
1d:81:d4:65:53:f0:d8:81:2e:7d:86:bb:e4:4f:cd:5d:62:67:
bb:b9:0e:85:83:72:f3:8a:c4:3c:2d:1e:c7:8c:1a:44:7a:94:
b4:4c:0d:da:87:5c:11:3b:7b:7b:86:31:6a:60:a7:1f:66:65:
c6:85:89:d9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUNz32lZH6r0e+19feenNc39Sz4iEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzhhOTNjODFlY2QzMDhlNmE3NjMyNzE3MDQ1YjNkMzUx
NTAxMjBmODAeFw0yNTAxMjkxMzMxNThaFw0yNjAxMjgxMzM2NThaMDMxMTAvBgNV
BAMTKDA5OUEyQjdDQkRDOEY3ODY4QUU3RTQwMDk3OTdGRkRFQUExRDdCMUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnYHwl0iyuSZtPj3USdMyUAtWz
bizNcSM9Nkw+WtYGUkxvlPzYlLBrFM3rczqnqm68sPBtNjlbvwE8s7iJlpaARyNk
afrSKd5F70OmNB8aA6dAt+LZZuU7koNj8aMfCJ9vodAylffVxNGzXV9EjcPMokxO
Ar+VyrNWcBa3hKSrR3HS7xcEqOCBpnzHnc//THpOsQFh1RGM2QHFC/KcN1Hplv8T
KkKy3RSHvOhhBLGcsTCTcdyIDC77xRctw3tx4mytrjyKF0S/N8cmyLOUKtSUZopO
DIlX7QaBy3NcNFxiciDEzC1Cfnq4uq4g2O0TN6rCWCPasofW0XLUTyylvYIDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUCZorfL3I94aK5+QAl5f/3qodex0wHwYDVR0j
BBgwFoAUOKk8gezTCOanYycXBFs9NRUBIPgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTgyYzY1YjktNzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZm
OWI4LzAvMzhBOTNDODFFQ0QzMDhFNkE3NjMyNzE3MDQ1QjNEMzUxNTAxMjBGOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09LazhnZXpUQ09hbll5Y1hCRnM5TlJV
QklQZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTgyYzY1Yjkt
NzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZmOWI4LzAvMzMzMTJlMzEzODM1MmUzMTMx
MzAyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzNDMzMzgzNDM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
H7luMA0GCSqGSIb3DQEBCwUAA4IBAQAqZPgQAaHXIcxr0XtQ4Qb76G1lCISyfS82
rbTI038ykGK6Z+Adr/s4xC9vLe3bbtch7HV27pLY8HKoumVyAPZ+UO1oklKmRONu
7OjvanZhUhXr/2ZOZbKKwVNdPc7bEcYCHJe7YUrPPkig4SBoriiD2cbN11gKgx+a
vKskOLzngIJCKJ2E0M7Ywr8CAGyP7qM78q1HDRupN8Kdjw8rX4T2dg1I6CmMD6x1
AkjVjTwE1HPLJnh3XVWyYTAIwqOB9v0pmTZH7jgdgdRlU/DYgS59hrvkT81dYme7
uQ6Fg3LzisQ8LR7HjBpEepS0TA3ah1wRO3t7hjFqYKcfZmXGhYnZ
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:50:44 2025 by rpki-client