Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3131302e302f32342d3234203d3e203433383437.roa
File: 33312e3138352e3131302e302f32342d3234203d3e203433383437.roa (raw, json)
Hash identifier: YFUHOvZUTuDXo1v/ldHHqjI9VjtTCBbJBPcqOziNAKY=
Subject key identifier: E3:00:A7:BB:1C:76:A3:C6:38:A0:18:9B:A9:9D:8E:F4:42:C2:40:9E
Certificate issuer: /CN=38a93c81ecd308e6a7632717045b3d35150120f8
Certificate serial: 375DFDD91C27D3F68183DA2333FB16DCB26DCA88
Authority key identifier: 38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3131302e302f32342d3234203d3e203433383437.roa
Signing time: Wed 09 Apr 2025 03:07:33 +0000
ROA not before: Wed 09 Apr 2025 03:02:33 +0000
ROA not after: Wed 08 Apr 2026 03:07:33 +0000
asID: 43847
IP address blocks: 31.185.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 15:04:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:5d:fd:d9:1c:27:d3:f6:81:83:da:23:33:fb:16:dc:b2:6d:ca:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a93c81ecd308e6a7632717045b3d35150120f8
Validity
Not Before: Apr 9 03:02:33 2025 GMT
Not After : Apr 8 03:07:33 2026 GMT
Subject: CN=E300A7BB1C76A3C638A0189BA99D8EF442C2409E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:37:07:94:c9:2f:39:be:8a:a3:79:7e:16:b5:
dc:df:d1:f2:e9:a6:4c:68:c0:a7:7d:3e:9b:ee:ca:
eb:9e:4c:19:6b:99:f3:6d:3e:6b:b6:e4:c0:a8:82:
63:e8:c2:ec:af:77:e3:8e:44:06:0b:c3:e5:94:3e:
44:8e:c1:12:69:54:0f:ba:22:4f:92:96:5b:fb:c7:
1f:c8:a8:a1:3c:be:39:db:64:0a:df:cf:ab:60:17:
b3:57:b2:b9:e7:03:db:7e:36:a0:f8:67:f2:bd:ac:
e1:31:98:5d:0c:37:d1:1f:69:37:af:e1:d8:8e:62:
a0:23:1c:d7:98:5e:53:3d:d7:fc:27:72:4b:5a:15:
fe:dd:a8:5f:04:29:bc:ab:b8:a7:91:5d:27:79:4d:
9a:f9:41:93:98:3f:fa:32:80:99:78:10:3d:5e:cd:
af:a2:6f:4c:7b:cb:f8:d2:dc:a0:8d:0e:6c:a8:1b:
69:c4:15:ad:d3:89:f2:6c:de:cf:ca:34:a4:16:88:
f8:31:ca:85:35:4a:68:42:31:a3:df:c3:5f:54:f4:
e7:42:f5:12:e3:ad:4a:de:e2:93:54:5a:3e:bf:e3:
9b:51:e4:c2:8c:a8:5b:ab:88:fa:fe:5c:e5:74:28:
21:a2:d4:12:6a:ae:d2:bf:f4:e6:fe:f3:94:18:4a:
d7:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:00:A7:BB:1C:76:A3:C6:38:A0:18:9B:A9:9D:8E:F4:42:C2:40:9E
X509v3 Authority Key Identifier:
keyid:38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3131302e302f32342d3234203d3e203433383437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.110.0/24
Signature Algorithm: sha256WithRSAEncryption
52:f9:d9:41:2d:e8:63:be:84:b6:ae:fd:ae:96:9d:f9:76:e5:
07:3c:6d:6a:f6:11:11:b3:0a:d9:fe:7c:1e:11:08:18:4c:ed:
f8:16:04:b8:1d:4f:95:bd:77:0b:cd:98:80:34:08:8f:6f:52:
8e:43:6f:3b:c8:a2:d5:fd:ae:1e:ae:e0:ee:bc:ae:71:37:f9:
68:94:80:e0:62:8d:38:4b:a6:16:24:cb:d6:25:e7:ed:23:a7:
c5:db:e4:bc:ac:67:b5:ad:61:8f:fd:d0:aa:87:bd:a3:ba:29:
7e:ba:ef:11:45:44:ac:f1:9b:ae:3c:82:8e:80:a2:21:a8:1d:
73:a4:f8:eb:28:6e:3f:fa:e5:71:75:0b:d6:a4:ec:01:07:4f:
3d:85:25:c5:71:7a:5c:9e:9d:ca:b7:d2:51:66:37:90:96:60:
ed:6c:04:aa:4a:b7:68:aa:10:c2:6f:91:e1:ab:e1:6f:eb:08:
e5:c4:09:4c:57:6a:ca:9f:4f:44:2e:e8:3d:54:c8:6a:c7:d6:
d6:2f:7a:f0:24:e9:30:22:ed:81:08:51:9a:36:eb:bc:48:9e:
7c:da:e6:45:25:f1:96:9a:0b:78:f8:7a:58:77:45:0c:9b:91:
d9:91:49:46:4d:1f:9e:64:04:bf:c6:da:44:89:2c:cc:d4:fb:
cc:10:7b:41
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUN1392Rwn0/aBg9ojM/sW3LJtyogwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzhhOTNjODFlY2QzMDhlNmE3NjMyNzE3MDQ1YjNkMzUx
NTAxMjBmODAeFw0yNTA0MDkwMzAyMzNaFw0yNjA0MDgwMzA3MzNaMDMxMTAvBgNV
BAMTKEUzMDBBN0JCMUM3NkEzQzYzOEEwMTg5QkE5OUQ4RUY0NDJDMjQwOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKNweUyS85voqjeX4Wtdzf0fLp
pkxowKd9PpvuyuueTBlrmfNtPmu25MCogmPowuyvd+OORAYLw+WUPkSOwRJpVA+6
Ik+Sllv7xx/IqKE8vjnbZArfz6tgF7NXsrnnA9t+NqD4Z/K9rOExmF0MN9EfaTev
4diOYqAjHNeYXlM91/wncktaFf7dqF8EKbyruKeRXSd5TZr5QZOYP/oygJl4ED1e
za+ib0x7y/jS3KCNDmyoG2nEFa3TifJs3s/KNKQWiPgxyoU1SmhCMaPfw19U9OdC
9RLjrUre4pNUWj6/45tR5MKMqFuriPr+XOV0KCGi1BJqrtK/9Ob+85QYStfzAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU4wCnuxx2o8Y4oBibqZ2O9ELCQJ4wHwYDVR0j
BBgwFoAUOKk8gezTCOanYycXBFs9NRUBIPgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTgyYzY1YjktNzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZm
OWI4LzAvMzhBOTNDODFFQ0QzMDhFNkE3NjMyNzE3MDQ1QjNEMzUxNTAxMjBGOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09LazhnZXpUQ09hbll5Y1hCRnM5TlJV
QklQZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTgyYzY1Yjkt
NzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZmOWI4LzAvMzMzMTJlMzEzODM1MmUzMTMx
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMzMzgzNDM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H7luMA0GCSqGSIb3DQEBCwUAA4IBAQBS+dlBLehjvoS2rv2ulp35duUHPG1q9hER
swrZ/nweEQgYTO34FgS4HU+VvXcLzZiANAiPb1KOQ287yKLV/a4eruDuvK5xN/lo
lIDgYo04S6YWJMvWJeftI6fF2+S8rGe1rWGP/dCqh72juil+uu8RRUSs8ZuuPIKO
gKIhqB1zpPjrKG4/+uVxdQvWpOwBB089hSXFcXpcnp3Kt9JRZjeQlmDtbASqSrdo
qhDCb5Hhq+Fv6wjlxAlMV2rKn09ELug9VMhqx9bWL3rwJOkwIu2BCFGaNuu8SJ58
2uZFJfGWmgt4+HpYd0UMm5HZkUlGTR+eZAS/xtpEiSzM1PvMEHtB
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:08:55 2025 by rpki-client