Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130382e302f32342d3234203d3e203133333335.roa
File: 33312e3138352e3130382e302f32342d3234203d3e203133333335.roa (raw, json)
Hash identifier: 26dymixRUGGYjsbH8YaqhXyRXEQ3TQKBfTk9MxYv13g=
Subject key identifier: 97:21:15:9E:E2:C3:EB:ED:09:29:72:2F:53:FE:4B:96:65:2C:E9:3A
Certificate issuer: /CN=38a93c81ecd308e6a7632717045b3d35150120f8
Certificate serial: 6B90200CEEDACC6FB2D1B124F8F06E07BCFABF0C
Authority key identifier: 38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130382e302f32342d3234203d3e203133333335.roa
Signing time: Wed 04 Feb 2026 11:55:36 +0000
ROA not before: Wed 04 Feb 2026 11:50:36 +0000
ROA not after: Wed 03 Feb 2027 11:55:36 +0000
asID: 13335
IP address blocks: 31.185.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:90:20:0c:ee:da:cc:6f:b2:d1:b1:24:f8:f0:6e:07:bc:fa:bf:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a93c81ecd308e6a7632717045b3d35150120f8
Validity
Not Before: Feb 4 11:50:36 2026 GMT
Not After : Feb 3 11:55:36 2027 GMT
Subject: CN=9721159EE2C3EBED0929722F53FE4B96652CE93A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:97:b5:3a:97:59:45:72:fd:14:9a:8d:64:bc:
87:c9:1b:70:6a:bf:63:d7:82:bc:df:20:d4:8f:0d:
e3:3f:0d:36:32:df:4a:ae:2d:d3:20:f1:e4:8c:f0:
7d:12:18:3d:7c:fe:9d:77:4c:9b:f7:24:44:dd:4b:
59:7a:8e:f2:ac:23:c8:e9:bf:41:43:bf:c5:ca:f5:
7f:70:c1:cb:93:a9:ee:ba:94:da:18:51:56:f3:03:
8d:54:db:f7:d5:bf:7b:f9:f1:c5:e8:48:c4:2c:57:
31:8b:a4:4f:a4:f9:f8:f1:1f:07:56:c2:bc:4c:2c:
26:2b:b0:99:d8:4b:12:eb:a2:0f:2d:43:fb:3e:15:
38:44:79:4d:68:d3:59:7c:3d:5a:15:31:c9:61:9a:
70:08:35:c7:0a:40:28:00:17:3a:50:4f:1e:44:8e:
a9:c4:4f:89:23:29:d2:cd:da:c6:bd:85:49:88:3b:
08:4b:8d:1e:7a:d5:c0:56:8b:55:a2:63:1e:f6:67:
0c:a0:11:e8:a8:de:6f:ab:7b:40:bb:52:3a:50:06:
57:1e:7a:0f:e5:c7:9f:56:9e:4b:d8:01:0a:e7:65:
c2:17:18:1f:e8:bf:1e:5b:a4:73:ea:73:5e:a5:d9:
99:f5:52:69:6b:c5:15:f3:3d:cc:4f:1a:ef:f4:38:
69:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:21:15:9E:E2:C3:EB:ED:09:29:72:2F:53:FE:4B:96:65:2C:E9:3A
X509v3 Authority Key Identifier:
keyid:38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/33312e3138352e3130382e302f32342d3234203d3e203133333335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.108.0/24
Signature Algorithm: sha256WithRSAEncryption
08:18:0b:3a:42:92:70:0d:90:67:1a:de:59:10:aa:15:94:10:
68:f4:75:1b:c9:2d:21:25:75:2c:ec:1b:2d:67:05:1e:ca:e8:
d3:32:e7:99:55:d3:84:fc:0e:cc:3a:aa:91:20:cc:06:2b:a3:
9c:88:ba:d7:95:fa:a4:aa:c0:80:de:15:87:4e:09:12:fc:83:
7a:e0:7f:07:64:62:32:53:6c:15:a2:1a:f5:53:39:d4:98:68:
21:19:c1:7b:9d:de:13:b7:d4:2d:89:0b:d9:c3:75:4f:d7:55:
ea:56:c1:6b:f6:59:bd:52:6b:f1:a0:ba:74:14:2b:c8:85:ed:
13:54:ec:3e:5a:e6:f8:19:82:de:93:f2:7d:67:54:90:ac:27:
da:f5:f2:9d:8f:f2:8a:c0:74:01:df:a8:1c:bd:58:bc:cb:10:
f9:98:d1:e4:96:df:35:1a:4c:87:db:0f:37:55:9f:92:23:bd:
be:df:d5:0c:1d:1b:5b:fa:03:3d:4f:c1:d4:d1:cc:af:28:ca:
bc:d9:5d:61:e3:e0:03:8f:17:31:b9:ac:43:41:f1:c2:58:7c:
e4:33:06:6e:7f:a5:44:ec:51:fa:d5:c0:7c:5c:e2:e7:86:30:
ae:8c:98:7c:1d:38:b4:4e:e9:7c:c1:3c:84:87:95:86:14:de:
ae:3a:5f:6a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUa5AgDO7azG+y0bEk+PBuB7z6vwwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzhhOTNjODFlY2QzMDhlNmE3NjMyNzE3MDQ1YjNkMzUx
NTAxMjBmODAeFw0yNjAyMDQxMTUwMzZaFw0yNzAyMDMxMTU1MzZaMDMxMTAvBgNV
BAMTKDk3MjExNTlFRTJDM0VCRUQwOTI5NzIyRjUzRkU0Qjk2NjUyQ0U5M0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0l7U6l1lFcv0Umo1kvIfJG3Bq
v2PXgrzfINSPDeM/DTYy30quLdMg8eSM8H0SGD18/p13TJv3JETdS1l6jvKsI8jp
v0FDv8XK9X9wwcuTqe66lNoYUVbzA41U2/fVv3v58cXoSMQsVzGLpE+k+fjxHwdW
wrxMLCYrsJnYSxLrog8tQ/s+FThEeU1o01l8PVoVMclhmnAINccKQCgAFzpQTx5E
jqnET4kjKdLN2sa9hUmIOwhLjR561cBWi1WiYx72ZwygEeio3m+re0C7UjpQBlce
eg/lx59WnkvYAQrnZcIXGB/ovx5bpHPqc16l2Zn1UmlrxRXzPcxPGu/0OGkfAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUlyEVnuLD6+0JKXIvU/5LlmUs6TowHwYDVR0j
BBgwFoAUOKk8gezTCOanYycXBFs9NRUBIPgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTgyYzY1YjktNzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZm
OWI4LzAvMzhBOTNDODFFQ0QzMDhFNkE3NjMyNzE3MDQ1QjNEMzUxNTAxMjBGOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09LazhnZXpUQ09hbll5Y1hCRnM5TlJV
QklQZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTgyYzY1Yjkt
NzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZmOWI4LzAvMzMzMTJlMzEzODM1MmUzMTMw
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzMzMzM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H7lsMA0GCSqGSIb3DQEBCwUAA4IBAQAIGAs6QpJwDZBnGt5ZEKoVlBBo9HUbyS0h
JXUs7BstZwUeyujTMueZVdOE/A7MOqqRIMwGK6OciLrXlfqkqsCA3hWHTgkS/IN6
4H8HZGIyU2wVohr1UznUmGghGcF7nd4Tt9QtiQvZw3VP11XqVsFr9lm9UmvxoLp0
FCvIhe0TVOw+Wub4GYLek/J9Z1SQrCfa9fKdj/KKwHQB36gcvVi8yxD5mNHklt81
GkyH2w83VZ+SI72+39UMHRtb+gM9T8HU0cyvKMq82V1h4+ADjxcxuaxDQfHCWHzk
MwZuf6VE7FH61cB8XOLnhjCujJh8HTi0Tul8wTyEh5WGFN6uOl9q
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:44:02 2026 by rpki-client