Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130352e302f32342d3234203d3e203539343332.roa
File: 33312e3138352e3130352e302f32342d3234203d3e203539343332.roa (raw, json)
Hash identifier: 2mW6+LY9N9n7Wo6R3JiZl5gpMQP421EpKKaQNdMN8SQ=
Subject key identifier: 85:E7:77:42:B9:21:9E:F0:7E:78:08:08:E6:A5:84:5E:88:E4:1E:2E
Certificate issuer: /CN=38a93c81ecd308e6a7632717045b3d35150120f8
Certificate serial: 3FE34EBCC729BB82A3B415EF8ABADB046D35134A
Authority key identifier: 38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130352e302f32342d3234203d3e203539343332.roa
Signing time: Mon 21 Apr 2025 06:27:33 +0000
ROA not before: Mon 21 Apr 2025 06:22:33 +0000
ROA not after: Mon 20 Apr 2026 06:27:33 +0000
asID: 59432
IP address blocks: 31.185.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:30:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:e3:4e:bc:c7:29:bb:82:a3:b4:15:ef:8a:ba:db:04:6d:35:13:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a93c81ecd308e6a7632717045b3d35150120f8
Validity
Not Before: Apr 21 06:22:33 2025 GMT
Not After : Apr 20 06:27:33 2026 GMT
Subject: CN=85E77742B9219EF07E780808E6A5845E88E41E2E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:96:4b:a6:2c:3d:62:da:f8:10:29:19:6f:c9:
e0:f6:6e:c5:f6:00:f8:f2:88:4d:55:9a:b4:bb:39:
11:41:c0:75:df:27:b4:11:e2:2a:4b:60:79:cb:72:
2d:db:61:ba:24:9a:15:62:7f:0c:2a:c7:58:6d:0b:
b9:d2:8b:38:ac:48:f2:e2:bc:78:23:7d:eb:65:99:
8f:25:13:e5:05:7c:23:05:55:fc:dc:41:ee:21:ab:
48:20:c7:57:7a:e0:0a:5e:e5:68:ce:d8:e8:ae:55:
08:f9:5e:13:6d:bf:05:89:96:99:09:6e:17:b9:cf:
75:d0:1b:0e:12:9e:d8:0f:8b:1d:98:f1:57:36:a3:
a1:4a:e7:e4:68:52:7c:42:50:e6:87:30:19:32:c2:
da:31:5f:22:dd:31:a2:32:89:5a:b0:c7:33:da:7f:
86:f2:46:1b:c4:18:52:f9:fe:48:c4:fc:0f:17:9d:
b4:42:62:e4:df:b2:c6:51:1d:ac:e7:1f:c8:2b:1f:
b4:f3:e4:14:46:bd:ab:dc:51:23:e0:49:9a:b7:be:
a8:09:d6:89:58:4f:32:31:e6:2e:1b:91:67:2e:24:
7a:64:26:c1:35:da:ff:bf:b2:2a:e4:70:f4:39:d0:
84:d0:13:69:4a:67:d3:e7:14:ad:a6:b6:fe:9c:cf:
30:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E7:77:42:B9:21:9E:F0:7E:78:08:08:E6:A5:84:5E:88:E4:1E:2E
X509v3 Authority Key Identifier:
keyid:38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130352e302f32342d3234203d3e203539343332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.105.0/24
Signature Algorithm: sha256WithRSAEncryption
87:04:70:4f:b6:6d:5a:6a:f7:e1:ed:71:d2:68:53:ac:ce:03:
72:ef:71:1f:d0:85:eb:84:1a:a4:7e:17:2b:4e:fa:b5:f6:77:
1b:d5:a1:ad:e5:ab:4e:1c:9b:ec:9f:98:7c:05:36:a6:b2:38:
dc:60:72:27:ff:4c:1b:ae:41:91:be:98:0c:ab:d9:64:c7:de:
dc:c0:60:3c:73:94:2b:d2:bf:aa:cb:37:af:96:3c:8c:2a:20:
bc:fa:60:ba:86:0c:71:cd:f7:af:7b:9c:6f:92:85:80:eb:23:
0f:85:61:4f:f3:8f:ed:a0:27:63:5b:79:b3:bd:b1:1e:30:8d:
37:8c:ef:1a:e2:17:c5:20:46:6a:03:3c:65:8f:d9:e1:c0:50:
52:08:55:51:5b:f5:67:5a:28:9e:7b:db:e7:ab:68:22:dc:62:
68:e2:7f:99:b7:83:09:04:79:fd:f6:af:cb:15:fd:cf:5b:3d:
c3:8c:9e:89:8c:bf:66:45:be:cf:5e:93:9a:ac:f4:08:e3:ac:
e3:78:ad:34:4b:20:8e:7f:b6:e1:22:10:41:61:6e:f9:80:32:
e6:b2:c8:cb:11:a3:e2:9e:b5:af:21:78:34:cc:c9:52:d6:28:
6c:e9:f8:24:fd:1c:7c:45:a3:e1:81:57:6b:cf:8e:30:d8:a1:
cf:97:8d:8c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUP+NOvMcpu4KjtBXvirrbBG01E0owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzhhOTNjODFlY2QzMDhlNmE3NjMyNzE3MDQ1YjNkMzUx
NTAxMjBmODAeFw0yNTA0MjEwNjIyMzNaFw0yNjA0MjAwNjI3MzNaMDMxMTAvBgNV
BAMTKDg1RTc3NzQyQjkyMTlFRjA3RTc4MDgwOEU2QTU4NDVFODhFNDFFMkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnlkumLD1i2vgQKRlvyeD2bsX2
APjyiE1VmrS7ORFBwHXfJ7QR4ipLYHnLci3bYbokmhVifwwqx1htC7nSizisSPLi
vHgjfetlmY8lE+UFfCMFVfzcQe4hq0ggx1d64Ape5WjO2OiuVQj5XhNtvwWJlpkJ
bhe5z3XQGw4SntgPix2Y8Vc2o6FK5+RoUnxCUOaHMBkywtoxXyLdMaIyiVqwxzPa
f4byRhvEGFL5/kjE/A8XnbRCYuTfssZRHaznH8grH7Tz5BRGvavcUSPgSZq3vqgJ
1olYTzIx5i4bkWcuJHpkJsE12v+/sirkcPQ50ITQE2lKZ9PnFK2mtv6czzDxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUhed3QrkhnvB+eAgI5qWEXojkHi4wHwYDVR0j
BBgwFoAUOKk8gezTCOanYycXBFs9NRUBIPgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTgyYzY1YjktNzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZm
OWI4LzAvMzhBOTNDODFFQ0QzMDhFNkE3NjMyNzE3MDQ1QjNEMzUxNTAxMjBGOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09LazhnZXpUQ09hbll5Y1hCRnM5TlJV
QklQZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTgyYzY1Yjkt
NzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZmOWI4LzAvMzMzMTJlMzEzODM1MmUzMTMw
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM5MzQzMzMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H7lpMA0GCSqGSIb3DQEBCwUAA4IBAQCHBHBPtm1aavfh7XHSaFOszgNy73Ef0IXr
hBqkfhcrTvq19ncb1aGt5atOHJvsn5h8BTamsjjcYHIn/0wbrkGRvpgMq9lkx97c
wGA8c5Qr0r+qyzevljyMKiC8+mC6hgxxzfeve5xvkoWA6yMPhWFP84/toCdjW3mz
vbEeMI03jO8a4hfFIEZqAzxlj9nhwFBSCFVRW/VnWiiee9vnq2gi3GJo4n+Zt4MJ
BHn99q/LFf3PWz3DjJ6JjL9mRb7PXpOarPQI46zjeK00SyCOf7bhIhBBYW75gDLm
ssjLEaPinrWvIXg0zMlS1ihs6fgk/Rx8RaPhgVdrz44w2KHPl42M
-----END CERTIFICATE-----
Generated at Sun Apr 27 01:03:25 2025 by rpki-client