Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38342e302f32342d3234203d3e20313336373837.roa
File: 3138352e3136352e38342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 0gi0RzsbpQHCeN3nfKXDD1tMUvKvZDI18gS7G01yNEE=
Subject key identifier: 7B:32:49:9C:4A:68:FC:85:82:27:A8:FD:9C:1B:CB:0E:6C:FC:EB:C3
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 1D2AAB11A5CB100479854D0AA5C994575CAFDAD3
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38342e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 15 Mar 2026 12:23:25 +0000
ROA not before: Sun 15 Mar 2026 12:18:25 +0000
ROA not after: Sun 14 Mar 2027 12:23:25 +0000
asID: 136787
IP address blocks: 185.165.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:2a:ab:11:a5:cb:10:04:79:85:4d:0a:a5:c9:94:57:5c:af:da:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Mar 15 12:18:25 2026 GMT
Not After : Mar 14 12:23:25 2027 GMT
Subject: CN=7B32499C4A68FC858227A8FD9C1BCB0E6CFCEBC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:60:c8:c8:85:98:7e:18:82:5e:19:7e:90:79:
e9:c0:d7:1c:66:70:cd:e8:eb:48:c2:51:a8:18:42:
87:2a:b0:94:79:fa:0a:d5:6f:4c:7d:ce:16:38:0e:
6c:fb:10:ef:ef:78:9d:03:9c:eb:e2:74:88:fa:76:
da:1c:64:6a:bf:0d:dc:de:10:ce:a5:6f:4b:09:e8:
4f:f5:a7:36:7b:56:ec:53:f3:ff:8c:a4:1a:4f:bd:
7a:c1:12:57:f7:d6:35:44:cf:d6:5d:7c:d8:e0:16:
29:49:f7:c5:af:69:a1:bb:ff:55:f1:de:72:7c:ad:
4f:fb:3f:dc:a7:ec:97:2d:c8:d9:47:4a:e3:a4:f3:
a0:48:b4:2d:06:7f:a9:3c:d3:02:16:5f:6e:b2:a0:
55:28:49:45:ab:ba:92:38:24:4a:69:ee:38:1d:58:
db:3e:0d:23:6c:18:de:55:2b:15:d2:d6:26:e8:a2:
c0:35:fc:cf:d4:52:00:ca:60:3b:76:75:62:14:5a:
80:6a:ad:3a:62:23:c9:0a:ef:f4:8b:a3:7f:84:e5:
8d:08:4a:47:7f:49:b0:39:fa:3c:5b:a0:1a:77:2b:
47:08:16:da:34:de:6e:be:3d:95:93:61:02:86:e9:
14:c1:5b:9f:75:08:d0:da:0a:41:3b:ad:11:17:1e:
5d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:32:49:9C:4A:68:FC:85:82:27:A8:FD:9C:1B:CB:0E:6C:FC:EB:C3
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.84.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:d2:40:1e:47:66:9f:c3:55:ae:26:ee:68:10:f0:d6:e0:c1:
86:13:1b:ef:c7:dd:73:05:b9:2b:9b:47:77:85:04:d0:86:2f:
7c:2d:5b:44:9b:a7:87:df:13:4c:a9:09:4e:a9:da:c6:cf:c9:
d6:ed:aa:71:59:90:47:a1:ec:35:b8:3f:fc:19:50:ee:40:e5:
23:38:99:40:6b:2c:8b:c2:86:36:f7:71:92:89:f3:4e:16:42:
ba:67:90:44:40:4c:00:11:6b:13:d9:ee:41:49:3a:43:53:14:
1b:7e:f9:b9:e6:6e:34:60:11:84:6d:a7:0e:db:1d:69:b1:75:
84:28:c2:f5:27:a6:e7:88:4c:cd:de:9d:d7:df:07:a1:92:6d:
13:88:03:b2:c9:2f:a7:ae:ff:4c:c1:8b:60:4c:98:80:05:24:
7c:1f:12:bd:fc:da:92:d6:f0:8d:3f:fc:a2:19:d6:5e:b1:28:
cf:a0:86:29:8f:71:29:77:d7:bb:73:7c:3a:b3:bf:d1:0b:c0:
7a:fd:e2:6f:7b:2d:98:2e:06:8b:f7:08:96:2f:22:d8:50:86:
54:07:af:0c:20:76:b9:13:9b:85:cd:0a:52:0f:75:7b:47:e4:
61:fc:ff:20:b6:2c:f2:9d:38:7c:58:df:88:37:bf:e4:a4:b2:
12:d4:df:62
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUHSqrEaXLEAR5hU0KpcmUV1yv2tMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjAzMTUxMjE4MjVaFw0yNzAzMTQxMjIzMjVaMDMxMTAvBgNV
BAMTKDdCMzI0OTlDNEE2OEZDODU4MjI3QThGRDlDMUJDQjBFNkNGQ0VCQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcYMjIhZh+GIJeGX6QeenA1xxm
cM3o60jCUagYQocqsJR5+grVb0x9zhY4Dmz7EO/veJ0DnOvidIj6dtocZGq/Ddze
EM6lb0sJ6E/1pzZ7VuxT8/+MpBpPvXrBElf31jVEz9ZdfNjgFilJ98WvaaG7/1Xx
3nJ8rU/7P9yn7JctyNlHSuOk86BItC0Gf6k80wIWX26yoFUoSUWrupI4JEpp7jgd
WNs+DSNsGN5VKxXS1iboosA1/M/UUgDKYDt2dWIUWoBqrTpiI8kK7/SLo3+E5Y0I
Skd/SbA5+jxboBp3K0cIFto03m6+PZWTYQKG6RTBW591CNDaCkE7rREXHl2NAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUezJJnEpo/IWCJ6j9nBvLDmz868MwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
NTJlMzgzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmlVDANBgkqhkiG9w0BAQsFAAOCAQEAWtJAHkdmn8NVribuaBDw1uDB
hhMb78fdcwW5K5tHd4UE0IYvfC1bRJunh98TTKkJTqnaxs/J1u2qcVmQR6HsNbg/
/BlQ7kDlIziZQGssi8KGNvdxkonzThZCumeQREBMABFrE9nuQUk6Q1MUG375ueZu
NGARhG2nDtsdabF1hCjC9Sem54hMzd6d198HoZJtE4gDsskvp67/TMGLYEyYgAUk
fB8SvfzaktbwjT/8ohnWXrEoz6CGKY9xKXfXu3N8OrO/0QvAev3ib3stmC4Gi/cI
li8i2FCGVAevDCB2uRObhc0KUg91e0fkYfz/ILYs8p04fFjfiDe/5KSyEtTfYg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:56:49 2026 by rpki-client