Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38362e302f32342d3234203d3e20313336373837.roa
File: 3138352e3136352e38362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: YVz0xIW/7Y4tVnLdaxysmf1JvlBm77s6gisiTxVIDl0=
Subject key identifier: E2:BF:F6:02:98:84:5B:E2:8B:1C:60:88:EE:70:38:FD:52:5F:4E:A1
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 33CDD3CF6B9B9AE2A4BA3C7B9C952FCEE511C069
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38362e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 15 Mar 2026 12:23:25 +0000
ROA not before: Sun 15 Mar 2026 12:18:25 +0000
ROA not after: Sun 14 Mar 2027 12:23:25 +0000
asID: 136787
IP address blocks: 185.165.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:cd:d3:cf:6b:9b:9a:e2:a4:ba:3c:7b:9c:95:2f:ce:e5:11:c0:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Mar 15 12:18:25 2026 GMT
Not After : Mar 14 12:23:25 2027 GMT
Subject: CN=E2BFF60298845BE28B1C6088EE7038FD525F4EA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b8:14:ef:48:cf:b1:10:43:d3:93:68:c4:dc:
0f:4a:16:f0:8d:be:32:3c:0d:0f:89:e4:30:95:0d:
49:53:20:83:1e:eb:47:18:da:0f:40:2e:5f:df:06:
a8:96:c0:17:4c:61:dd:db:78:76:5d:c5:0c:3e:9c:
21:04:3a:e3:47:90:13:95:3a:7d:7f:9e:ce:f9:30:
ef:e8:cb:43:c2:e6:51:3b:4d:a8:a0:79:b4:6f:7b:
c6:e3:6d:4f:54:1e:78:3f:46:7e:44:4b:7c:aa:ff:
6e:bc:5c:8b:2a:e7:06:6f:92:20:4d:97:a1:fb:b7:
de:2a:e7:1d:db:33:26:73:be:34:33:7b:01:3c:44:
e9:4e:d0:58:10:63:d7:17:d4:22:c5:22:fe:5e:99:
e9:e9:05:5f:af:fc:3d:58:55:35:00:dc:b1:2e:b2:
45:aa:19:dc:8e:be:9a:41:b1:c9:33:87:19:f7:ae:
87:de:80:c2:60:7c:f5:d7:1d:76:7f:a7:2c:8a:aa:
64:a7:82:12:b3:15:fc:e0:12:78:50:83:f5:b1:2b:
57:9b:fb:2f:32:99:c5:e1:dd:0c:7d:23:84:43:fa:
1e:2f:2c:9c:b4:93:4e:66:5a:6c:4e:e9:e3:02:f2:
2e:0d:03:03:c3:ef:7d:9e:63:ce:b9:7e:d7:8d:4c:
a6:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:BF:F6:02:98:84:5B:E2:8B:1C:60:88:EE:70:38:FD:52:5F:4E:A1
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.86.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:d1:ef:6f:a1:80:33:f6:5e:db:25:93:bc:a3:ea:02:ca:4f:
65:dd:44:ea:0f:e3:bc:92:5b:1d:cf:b3:72:7e:08:30:30:b1:
f2:71:9f:ff:eb:d8:23:4b:f9:0f:19:cd:8d:16:90:f2:1a:be:
68:2c:87:38:e1:27:f9:7a:61:f7:4e:62:44:93:ae:6f:bb:00:
ef:57:6b:8a:e3:a7:75:e1:44:47:9b:66:1f:33:d0:a2:b6:e9:
28:d1:13:29:bf:7a:97:b1:49:a4:fb:57:88:a8:38:94:a6:9d:
a0:9e:5d:7f:87:c8:84:5b:76:f5:c5:23:f6:3a:89:93:7a:f2:
35:ee:3f:2d:92:67:41:bf:79:af:0a:9c:57:de:e1:d7:34:8f:
34:4c:64:78:5b:cb:fc:c6:74:c0:38:a7:d2:bd:f5:ec:15:9b:
85:6b:b3:d4:83:73:63:37:be:7d:76:c6:ba:c3:03:79:b6:ab:
a9:aa:ca:74:36:76:66:30:59:0e:83:31:3f:88:6f:d2:f8:61:
28:b8:96:a4:e0:e0:c2:11:6b:93:dc:cc:ab:94:09:2f:a3:ef:
67:5b:00:b9:73:71:c8:03:6a:3b:b3:f1:03:01:83:f3:d2:55:
a3:ce:6c:4d:b1:6b:1c:e1:da:46:92:c6:31:dd:bf:42:8e:e2:
0c:32:7d:ce
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUM83Tz2ubmuKkujx7nJUvzuURwGkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjAzMTUxMjE4MjVaFw0yNzAzMTQxMjIzMjVaMDMxMTAvBgNV
BAMTKEUyQkZGNjAyOTg4NDVCRTI4QjFDNjA4OEVFNzAzOEZENTI1RjRFQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCuBTvSM+xEEPTk2jE3A9KFvCN
vjI8DQ+J5DCVDUlTIIMe60cY2g9ALl/fBqiWwBdMYd3beHZdxQw+nCEEOuNHkBOV
On1/ns75MO/oy0PC5lE7TaigebRve8bjbU9UHng/Rn5ES3yq/268XIsq5wZvkiBN
l6H7t94q5x3bMyZzvjQzewE8ROlO0FgQY9cX1CLFIv5emenpBV+v/D1YVTUA3LEu
skWqGdyOvppBsckzhxn3rofegMJgfPXXHXZ/pyyKqmSnghKzFfzgEnhQg/WxK1eb
+y8ymcXh3Qx9I4RD+h4vLJy0k05mWmxO6eMC8i4NAwPD732eY865fteNTKYdAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU4r/2ApiEW+KLHGCI7nA4/VJfTqEwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
NTJlMzgzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmlVjANBgkqhkiG9w0BAQsFAAOCAQEACtHvb6GAM/Ze2yWTvKPqAspP
Zd1E6g/jvJJbHc+zcn4IMDCx8nGf/+vYI0v5DxnNjRaQ8hq+aCyHOOEn+Xph905i
RJOub7sA71driuOndeFER5tmHzPQorbpKNETKb96l7FJpPtXiKg4lKadoJ5df4fI
hFt29cUj9jqJk3ryNe4/LZJnQb95rwqcV97h1zSPNExkeFvL/MZ0wDin0r317BWb
hWuz1INzYze+fXbGusMDebarqarKdDZ2ZjBZDoMxP4hv0vhhKLiWpODgwhFrk9zM
q5QJL6PvZ1sAuXNxyANqO7PxAwGD89JVo85sTbFrHOHaRpLGMd2/Qo7iDDJ9zg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:18:18 2026 by rpki-client