Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130372e302f32342d3234203d3e203231383539.roa
File: 33312e3138352e3130372e302f32342d3234203d3e203231383539.roa (raw, json)
Hash identifier: qnu9sW/eXhzgLqcliqR873WFuo1En8erdPs6TqliSEg=
Subject key identifier: 5E:E9:F3:09:38:6F:CA:36:09:20:F7:1B:79:21:7A:07:BC:85:26:6E
Certificate issuer: /CN=38a93c81ecd308e6a7632717045b3d35150120f8
Certificate serial: 38150A5B8747061F3F24A1B2AB3D305AEB8ADD32
Authority key identifier: 38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130372e302f32342d3234203d3e203231383539.roa
Signing time: Sun 08 Jun 2025 08:48:56 +0000
ROA not before: Sun 08 Jun 2025 08:43:56 +0000
ROA not after: Sun 07 Jun 2026 08:48:56 +0000
asID: 21859
IP address blocks: 31.185.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 20:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:15:0a:5b:87:47:06:1f:3f:24:a1:b2:ab:3d:30:5a:eb:8a:dd:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a93c81ecd308e6a7632717045b3d35150120f8
Validity
Not Before: Jun 8 08:43:56 2025 GMT
Not After : Jun 7 08:48:56 2026 GMT
Subject: CN=5EE9F309386FCA360920F71B79217A07BC85266E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b5:83:70:41:e7:da:72:67:fb:44:d7:1f:15:
43:72:c3:3b:3e:2c:cf:85:61:54:60:15:a6:95:68:
b8:79:9d:8c:b0:bc:c0:b2:4c:2e:58:91:48:42:62:
d9:4c:c9:b3:eb:68:c5:51:50:4c:cc:0a:71:e3:97:
c4:3a:4c:c5:e7:5a:ad:ee:46:8a:2b:4e:97:ed:ba:
d8:e5:d5:bd:da:9f:8b:6f:07:b0:b0:ea:68:02:67:
b0:ae:a6:b3:b1:b3:1a:42:e4:e7:a0:87:a5:e9:f0:
4c:68:05:83:4f:bb:62:72:87:f5:4c:f1:7f:65:ce:
e4:63:00:c9:70:32:9e:6a:31:4d:3a:99:d5:7f:57:
51:fb:30:84:ed:cb:dc:c1:f1:9d:f3:23:82:0c:52:
5c:d4:eb:54:51:16:6e:95:e8:b9:45:56:17:52:53:
0b:50:18:50:9f:da:f4:e3:36:f1:67:fc:71:84:03:
b0:ad:ac:5c:04:ab:51:fb:98:a9:ac:fe:fc:7a:9f:
1c:67:61:b2:63:d2:0b:43:92:a4:a1:d8:8f:05:88:
39:f7:02:15:23:02:66:ad:81:68:4c:47:ac:a2:85:
7d:35:21:ec:36:50:54:29:76:38:a1:9e:33:c0:ed:
ee:41:9c:ec:85:3f:87:b0:63:00:27:07:d6:69:2f:
7e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:E9:F3:09:38:6F:CA:36:09:20:F7:1B:79:21:7A:07:BC:85:26:6E
X509v3 Authority Key Identifier:
keyid:38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130372e302f32342d3234203d3e203231383539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.107.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:fc:ad:e5:33:85:2e:b3:f1:86:ad:32:9d:37:2c:8b:d8:48:
5e:75:4f:bd:f6:c8:df:1a:3d:a8:20:2f:38:b1:11:03:8b:34:
87:ef:c2:e2:5f:78:92:14:19:df:59:d8:42:44:b0:15:64:19:
72:7d:9e:51:2a:6b:59:92:b6:f3:5f:dc:56:0a:30:48:09:55:
a6:c0:d7:70:de:d8:22:99:55:38:83:38:20:9a:dc:5b:3f:7c:
16:13:34:57:5e:50:ee:20:be:76:1d:48:da:42:15:0f:08:7e:
46:9f:96:21:de:56:cb:46:4d:72:03:94:70:0b:ab:c6:5a:6f:
05:d3:a7:ec:52:27:6f:00:d6:b1:9e:fc:7d:8a:e5:3d:50:6b:
f0:ba:c9:79:0d:d4:a5:cb:79:e4:a7:a9:5e:d0:40:e3:7e:ff:
ca:ea:aa:88:de:ea:fb:79:aa:08:02:d4:25:98:bc:82:8b:87:
4f:10:e9:1a:97:05:63:a5:8a:78:98:58:06:6e:2c:b4:76:0e:
6a:f8:82:5a:4d:ff:0c:5a:68:7a:ee:73:65:a9:b6:7c:08:b5:
ff:33:3c:76:99:a1:54:c0:7d:7d:7d:7b:fa:fc:a7:36:cd:91:
1f:e5:21:5a:ca:37:31:ed:ca:56:8a:04:7c:45:4a:ab:f9:33:
8f:46:4d:9f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOBUKW4dHBh8/JKGyqz0wWuuK3TIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzhhOTNjODFlY2QzMDhlNmE3NjMyNzE3MDQ1YjNkMzUx
NTAxMjBmODAeFw0yNTA2MDgwODQzNTZaFw0yNjA2MDcwODQ4NTZaMDMxMTAvBgNV
BAMTKDVFRTlGMzA5Mzg2RkNBMzYwOTIwRjcxQjc5MjE3QTA3QkM4NTI2NkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNtYNwQefacmf7RNcfFUNywzs+
LM+FYVRgFaaVaLh5nYywvMCyTC5YkUhCYtlMybPraMVRUEzMCnHjl8Q6TMXnWq3u
RoorTpftutjl1b3an4tvB7Cw6mgCZ7CuprOxsxpC5Oegh6Xp8ExoBYNPu2Jyh/VM
8X9lzuRjAMlwMp5qMU06mdV/V1H7MITty9zB8Z3zI4IMUlzU61RRFm6V6LlFVhdS
UwtQGFCf2vTjNvFn/HGEA7CtrFwEq1H7mKms/vx6nxxnYbJj0gtDkqSh2I8FiDn3
AhUjAmatgWhMR6yihX01Iew2UFQpdjihnjPA7e5BnOyFP4ewYwAnB9ZpL34FAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUXunzCThvyjYJIPcbeSF6B7yFJm4wHwYDVR0j
BBgwFoAUOKk8gezTCOanYycXBFs9NRUBIPgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTgyYzY1YjktNzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZm
OWI4LzAvMzhBOTNDODFFQ0QzMDhFNkE3NjMyNzE3MDQ1QjNEMzUxNTAxMjBGOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09LazhnZXpUQ09hbll5Y1hCRnM5TlJV
QklQZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTgyYzY1Yjkt
NzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZmOWI4LzAvMzMzMTJlMzEzODM1MmUzMTMw
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzgzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H7lrMA0GCSqGSIb3DQEBCwUAA4IBAQC3/K3lM4Uus/GGrTKdNyyL2EhedU+99sjf
Gj2oIC84sREDizSH78LiX3iSFBnfWdhCRLAVZBlyfZ5RKmtZkrbzX9xWCjBICVWm
wNdw3tgimVU4gzggmtxbP3wWEzRXXlDuIL52HUjaQhUPCH5Gn5Yh3lbLRk1yA5Rw
C6vGWm8F06fsUidvANaxnvx9iuU9UGvwusl5DdSly3nkp6le0EDjfv/K6qqI3ur7
eaoIAtQlmLyCi4dPEOkalwVjpYp4mFgGbiy0dg5q+IJaTf8MWmh67nNlqbZ8CLX/
Mzx2maFUwH19fXv6/Kc2zZEf5SFayjcx7cpWigR8RUqr+TOPRk2f
-----END CERTIFICATE-----
Generated at Mon Jun 16 02:44:32 2025 by rpki-client