Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130352e302f32342d3234203d3e20343031373736.roa
File: 33312e3138352e3130352e302f32342d3234203d3e20343031373736.roa (raw, json)
Hash identifier: Wd2EFVccIS+53JZc9dBxMvZJP/AX4kzECnJdx5FY1Nk=
Subject key identifier: C0:79:0C:6E:48:FE:5C:7E:92:C8:86:3B:5D:63:45:47:6F:46:7B:64
Certificate issuer: /CN=38a93c81ecd308e6a7632717045b3d35150120f8
Certificate serial: 4F9219FC016A148860AC76C5F8D26ECD1E44F9E4
Authority key identifier: 38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130352e302f32342d3234203d3e20343031373736.roa
Signing time: Tue 28 Oct 2025 09:06:38 +0000
ROA not before: Tue 28 Oct 2025 09:01:38 +0000
ROA not after: Tue 27 Oct 2026 09:06:38 +0000
asID: 401776
IP address blocks: 31.185.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:55:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:92:19:fc:01:6a:14:88:60:ac:76:c5:f8:d2:6e:cd:1e:44:f9:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a93c81ecd308e6a7632717045b3d35150120f8
Validity
Not Before: Oct 28 09:01:38 2025 GMT
Not After : Oct 27 09:06:38 2026 GMT
Subject: CN=C0790C6E48FE5C7E92C8863B5D6345476F467B64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:cb:03:5a:c4:7a:37:89:c1:4f:a1:61:cb:be:
19:fc:a4:1a:e8:e6:92:e6:d2:34:6d:c3:3f:ed:56:
06:ab:b7:c0:7c:a8:a0:7f:9c:ab:58:c0:5a:e6:df:
20:4a:05:d7:c9:96:64:d8:66:62:1f:3e:51:24:97:
e2:24:6b:99:a6:55:be:4f:10:67:00:15:ee:55:82:
fa:ab:3d:bc:25:af:5c:70:36:85:30:1d:54:cf:cb:
49:0d:fa:a5:c2:f5:50:7b:dd:c1:71:06:91:24:bb:
27:85:65:38:bf:9d:82:c6:5e:81:5f:ba:22:e8:02:
35:36:1c:6f:99:21:29:29:2c:99:d1:4c:fa:16:b8:
88:de:c4:80:83:9b:9b:85:ba:10:b2:61:74:7b:87:
41:93:a6:4e:97:22:d6:78:95:78:bc:5d:45:fa:4e:
04:b7:fa:cf:e7:55:69:0d:7a:27:8e:77:a8:aa:49:
c0:80:11:ba:ca:5e:c7:2e:0f:bd:07:f3:f7:1f:47:
a7:b9:a9:bd:34:8f:f6:64:f5:51:7a:62:4e:88:87:
30:f7:4e:eb:00:2a:ca:cd:c9:51:71:9e:68:f3:02:
cb:27:25:ef:29:28:03:b1:af:b3:ea:5e:05:cd:5d:
43:48:d3:70:49:28:8c:86:cb:a6:7c:68:cd:b5:62:
ce:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:79:0C:6E:48:FE:5C:7E:92:C8:86:3B:5D:63:45:47:6F:46:7B:64
X509v3 Authority Key Identifier:
keyid:38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130352e302f32342d3234203d3e20343031373736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.105.0/24
Signature Algorithm: sha256WithRSAEncryption
03:91:73:33:01:47:ef:57:f3:63:ae:48:48:30:1e:02:76:96:
9e:b2:ab:15:4d:f0:c0:64:98:35:44:59:f3:2e:81:1d:b3:5c:
ec:79:3b:ec:fc:47:61:57:69:8c:3f:02:8b:f8:4c:79:77:5d:
59:54:ad:cb:6f:55:ac:f7:95:07:dd:02:8a:29:59:85:08:ff:
4b:20:4f:71:bb:01:2a:fd:a7:4f:03:e1:32:c2:b6:25:7a:4c:
f5:cc:ba:7f:d9:3c:86:c8:f4:81:9d:81:23:23:d6:89:2e:c7:
8b:c8:49:29:c2:cb:fc:b2:b7:b7:26:43:d2:bf:16:35:a2:08:
c5:d3:88:b7:07:80:42:e4:49:f0:d6:31:4c:72:d1:94:4d:54:
48:db:11:e1:12:b1:71:88:a4:44:ed:3f:2b:ee:c6:61:e9:ee:
84:43:68:4d:10:6d:d7:c9:bb:6e:68:dd:81:8f:77:c3:bb:a0:
96:c9:d4:d6:af:f3:a5:94:f1:9e:6c:5e:80:ae:e6:a7:85:56:
79:6e:f6:65:1e:09:31:ca:f4:a4:51:3b:5b:04:7d:3c:01:a8:
9a:1a:0f:af:8d:57:20:53:2e:b5:4f:3e:16:6d:6f:65:5a:2d:
d0:a6:a2:1e:2e:a8:d2:80:d9:5c:61:fb:50:82:3e:91:19:86:
f4:d0:88:88
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUT5IZ/AFqFIhgrHbF+NJuzR5E+eQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzhhOTNjODFlY2QzMDhlNmE3NjMyNzE3MDQ1YjNkMzUx
NTAxMjBmODAeFw0yNTEwMjgwOTAxMzhaFw0yNjEwMjcwOTA2MzhaMDMxMTAvBgNV
BAMTKEMwNzkwQzZFNDhGRTVDN0U5MkM4ODYzQjVENjM0NTQ3NkY0NjdCNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeywNaxHo3icFPoWHLvhn8pBro
5pLm0jRtwz/tVgart8B8qKB/nKtYwFrm3yBKBdfJlmTYZmIfPlEkl+Ika5mmVb5P
EGcAFe5VgvqrPbwlr1xwNoUwHVTPy0kN+qXC9VB73cFxBpEkuyeFZTi/nYLGXoFf
uiLoAjU2HG+ZISkpLJnRTPoWuIjexICDm5uFuhCyYXR7h0GTpk6XItZ4lXi8XUX6
TgS3+s/nVWkNeieOd6iqScCAEbrKXscuD70H8/cfR6e5qb00j/Zk9VF6Yk6IhzD3
TusAKsrNyVFxnmjzAssnJe8pKAOxr7PqXgXNXUNI03BJKIyGy6Z8aM21Ys4dAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUwHkMbkj+XH6SyIY7XWNFR29Ge2QwHwYDVR0j
BBgwFoAUOKk8gezTCOanYycXBFs9NRUBIPgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTgyYzY1YjktNzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZm
OWI4LzAvMzhBOTNDODFFQ0QzMDhFNkE3NjMyNzE3MDQ1QjNEMzUxNTAxMjBGOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09LazhnZXpUQ09hbll5Y1hCRnM5TlJV
QklQZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTgyYzY1Yjkt
NzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZmOWI4LzAvMzMzMTJlMzEzODM1MmUzMTMw
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzEzNzM3MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAfuWkwDQYJKoZIhvcNAQELBQADggEBAAORczMBR+9X82OuSEgwHgJ2lp6yqxVN
8MBkmDVEWfMugR2zXOx5O+z8R2FXaYw/Aov4THl3XVlUrctvVaz3lQfdAoopWYUI
/0sgT3G7ASr9p08D4TLCtiV6TPXMun/ZPIbI9IGdgSMj1okux4vISSnCy/yyt7cm
Q9K/FjWiCMXTiLcHgELkSfDWMUxy0ZRNVEjbEeESsXGIpETtPyvuxmHp7oRDaE0Q
bdfJu25o3YGPd8O7oJbJ1Nav86WU8Z5sXoCu5qeFVnlu9mUeCTHK9KRRO1sEfTwB
qJoaD6+NVyBTLrVPPhZtb2VaLdCmoh4uqNKA2Vxh+1CCPpEZhvTQiIg=
-----END CERTIFICATE-----
Generated at Tue Nov 4 23:01:02 2025 by rpki-client