Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3135372e39372e3133332e302f32342d3234203d3e20323034313730.roa
File: 3135372e39372e3133332e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: VZNUNdMOYXtkpcsnN9JYonhicPzccnToGSiCKQYCwzk=
Subject key identifier: 98:95:DB:35:B2:1D:CF:39:89:F9:B1:D4:52:04:CD:99:C1:48:9F:A8
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 746BCD97628F728B9DEE32236068731FFAA5CC2E
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3135372e39372e3133332e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 28 Apr 2026 23:23:55 +0000
ROA not before: Tue 28 Apr 2026 23:18:55 +0000
ROA not after: Tue 27 Apr 2027 23:23:55 +0000
asID: 204170
IP address blocks: 157.97.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:6b:cd:97:62:8f:72:8b:9d:ee:32:23:60:68:73:1f:fa:a5:cc:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Apr 28 23:18:55 2026 GMT
Not After : Apr 27 23:23:55 2027 GMT
Subject: CN=9895DB35B21DCF3989F9B1D45204CD99C1489FA8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:cb:d8:36:29:30:9a:36:4a:f8:78:45:20:ad:
78:2c:78:c2:bb:a3:8c:d5:83:7f:8a:4c:b1:7f:6a:
42:3c:67:56:ba:62:1d:20:0b:30:86:b9:9d:2b:13:
ae:64:be:c4:5f:b8:0d:37:e6:33:da:32:17:e3:75:
53:0c:e9:2f:77:59:84:0c:7e:9f:c9:7c:f0:19:a6:
89:a9:3e:cf:44:9c:5c:e6:7c:c0:5d:91:b1:f5:bf:
8c:f3:38:3a:d2:84:99:ac:8c:10:4d:91:ee:0b:e4:
5e:db:5d:dc:68:99:c2:23:10:ba:91:57:9f:5d:be:
4d:29:75:7a:fb:17:0e:da:05:4f:84:68:22:82:be:
34:94:ae:74:ce:90:33:26:d0:54:02:88:7b:d6:f5:
c1:ed:4c:bd:9a:eb:b9:93:6d:33:d4:b8:40:a9:f7:
20:ff:71:03:e6:35:f5:ce:c0:44:76:84:21:b7:cc:
66:29:5f:67:11:4e:ec:52:93:01:58:f6:07:7a:32:
5b:00:21:d3:0f:b0:64:4a:99:dc:5e:12:4a:8d:e7:
65:82:71:af:04:75:4a:a6:b9:ed:3d:2f:de:ea:79:
80:31:fd:ad:79:e9:f0:d0:f0:ce:36:41:37:e5:dd:
9c:b8:96:f2:c3:d5:90:3e:7a:65:27:0c:c3:4b:5b:
27:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:95:DB:35:B2:1D:CF:39:89:F9:B1:D4:52:04:CD:99:C1:48:9F:A8
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3135372e39372e3133332e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.133.0/24
Signature Algorithm: sha256WithRSAEncryption
51:d7:ca:10:e0:28:c5:72:8e:96:d9:e0:4e:a2:6b:bc:5c:15:
b1:72:8a:5a:7c:13:33:68:57:d5:de:5d:46:db:9c:cf:e1:74:
78:e5:36:db:8d:b4:f8:37:d9:59:30:a4:ab:4f:f4:4a:19:c1:
3b:1f:f6:d8:f8:6b:63:43:7c:2d:14:b1:af:c6:73:be:1c:1a:
c1:db:98:81:35:87:02:37:8c:1a:2c:61:1e:5d:dd:2f:79:90:
ed:72:d9:80:f7:ab:18:80:ce:26:5c:22:f8:42:5b:b5:2c:4c:
c9:22:c4:de:18:7e:25:42:8f:d6:4b:b3:2c:82:d9:f3:82:6b:
68:fb:b2:24:ba:b5:12:75:21:93:b4:9a:e4:a1:54:e2:b1:04:
03:ab:a6:b7:01:3d:cc:b3:20:e1:99:c6:c3:84:27:b7:db:c3:
54:fe:65:69:13:8e:9a:8c:e9:d5:85:8c:82:b4:2b:ea:fe:f8:
70:a7:6f:e9:d2:ed:a4:31:a5:e4:7a:c6:41:f8:c9:11:5c:a5:
e6:2e:22:ab:ec:13:4b:58:3c:86:c4:2d:ca:a5:a7:0a:d1:45:
cd:b6:8b:62:fb:f4:d2:4d:c4:ae:0b:89:49:b8:9f:a6:97:5d:
e8:90:2c:23:92:e5:b2:5e:53:c6:1a:0c:98:41:d9:f5:59:3b:
f2:ac:c5:b9
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUdGvNl2KPcoud7jIjYGhzH/qlzC4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjA0MjgyMzE4NTVaFw0yNzA0MjcyMzIzNTVaMDMxMTAvBgNV
BAMTKDk4OTVEQjM1QjIxRENGMzk4OUY5QjFENDUyMDRDRDk5QzE0ODlGQTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLy9g2KTCaNkr4eEUgrXgseMK7
o4zVg3+KTLF/akI8Z1a6Yh0gCzCGuZ0rE65kvsRfuA035jPaMhfjdVMM6S93WYQM
fp/JfPAZpompPs9EnFzmfMBdkbH1v4zzODrShJmsjBBNke4L5F7bXdxomcIjELqR
V59dvk0pdXr7Fw7aBU+EaCKCvjSUrnTOkDMm0FQCiHvW9cHtTL2a67mTbTPUuECp
9yD/cQPmNfXOwER2hCG3zGYpX2cRTuxSkwFY9gd6MlsAIdMPsGRKmdxeEkqN52WC
ca8EdUqmue09L97qeYAx/a156fDQ8M42QTfl3Zy4lvLD1ZA+emUnDMNLWyenAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUmJXbNbIdzzmJ+bHUUgTNmcFIn6gwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM1MzcyZTM5Mzcy
ZTMxMzMzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAJ1hhTANBgkqhkiG9w0BAQsFAAOCAQEAUdfKEOAoxXKOltngTqJrvFwV
sXKKWnwTM2hX1d5dRtucz+F0eOU22420+DfZWTCkq0/0ShnBOx/22PhrY0N8LRSx
r8ZzvhwawduYgTWHAjeMGixhHl3dL3mQ7XLZgPerGIDOJlwi+EJbtSxMySLE3hh+
JUKP1kuzLILZ84JraPuyJLq1EnUhk7Sa5KFU4rEEA6umtwE9zLMg4ZnGw4Qnt9vD
VP5laROOmozp1YWMgrQr6v74cKdv6dLtpDGl5HrGQfjJEVyl5i4iq+wTS1g8hsQt
yqWnCtFFzbaLYvv00k3ErguJSbifppdd6JAsI5Llsl5TxhoMmEHZ9Vk78qzFuQ==
-----END CERTIFICATE-----
Generated at Tue May 12 21:30:50 2026 by rpki-client