Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136392e312e302f32342d3234203d3e20313336373837.roa
File: 3138352e3136392e312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: FwYEtAPf2P7X5K4rkVSs3JfwmIk0jpNBOnCRebCwa98=
Subject key identifier: 06:39:6A:01:F5:94:8A:88:1A:B0:97:F2:89:1E:9E:E3:DA:91:DB:F9
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 5001709DB68D22F31B103A2AD1B56C2C8B7EE275
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136392e312e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 15 Mar 2026 12:23:25 +0000
ROA not before: Sun 15 Mar 2026 12:18:25 +0000
ROA not after: Sun 14 Mar 2027 12:23:25 +0000
asID: 136787
IP address blocks: 185.169.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 14:27:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:01:70:9d:b6:8d:22:f3:1b:10:3a:2a:d1:b5:6c:2c:8b:7e:e2:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Mar 15 12:18:25 2026 GMT
Not After : Mar 14 12:23:25 2027 GMT
Subject: CN=06396A01F5948A881AB097F2891E9EE3DA91DBF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c3:45:e6:a3:dd:0b:9d:93:ba:f4:a6:6e:3a:
0a:76:5f:f6:78:cf:0d:0c:4a:43:23:6a:46:94:7f:
e8:aa:cb:cf:5d:26:d2:6b:76:9b:f0:f3:83:bb:6e:
bb:fa:e7:87:8c:50:6b:9a:37:88:b6:97:63:1c:b9:
73:cf:1f:d7:d4:f1:76:88:4f:5f:57:12:73:82:57:
79:c6:40:6a:d6:15:5d:7b:fd:15:cb:2f:56:bd:94:
72:83:41:d4:30:64:bf:34:79:1b:47:4d:4e:65:58:
24:19:cf:2a:a9:65:5f:cf:9f:ee:35:21:46:eb:f4:
6f:b6:22:5f:46:4f:16:11:41:6d:42:b6:13:27:e8:
1f:96:c8:b1:89:a2:cb:b1:93:15:80:e7:2c:19:25:
ad:43:e6:db:d0:ec:93:97:e6:43:ae:53:a1:77:ec:
91:b7:e3:76:ab:ad:ba:60:9d:c0:da:af:e9:46:e8:
22:3e:b8:5e:ab:09:59:dc:4c:4e:44:6a:55:fe:b7:
dc:90:85:2b:ef:b3:ab:d8:66:77:6a:26:1e:3c:52:
b9:2e:d8:66:86:74:62:78:ed:4e:3a:b3:7f:fa:c8:
7a:40:50:29:ce:6a:e6:a5:dc:33:b8:ae:24:c0:1e:
0f:8a:ef:28:fe:b5:7e:ac:8a:12:46:f8:92:a7:6b:
50:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:39:6A:01:F5:94:8A:88:1A:B0:97:F2:89:1E:9E:E3:DA:91:DB:F9
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136392e312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.1.0/24
Signature Algorithm: sha256WithRSAEncryption
18:c1:67:b1:f0:1b:7f:8d:38:9d:d8:cc:0b:54:bf:47:7c:b1:
9e:b6:c0:bf:ab:40:b7:fa:87:22:b7:07:ac:57:3e:1e:4f:94:
b3:c5:b0:74:0e:9e:3f:4e:85:eb:cc:63:41:8c:a0:49:93:31:
fb:02:84:a5:04:2d:6e:a7:81:87:0e:4f:35:99:4c:9b:77:b9:
18:0f:3e:9f:d9:7f:9b:1e:a6:9d:15:9f:f1:03:e7:6e:07:b2:
b4:bc:9a:1a:8e:26:9d:71:18:b7:ba:ca:70:5e:ed:54:29:75:
11:33:e6:dd:9b:22:91:5b:d0:d0:52:14:cd:b1:ca:24:54:8e:
6b:dd:2f:5c:96:bd:35:e9:2b:5f:b7:38:99:d3:6e:d9:b0:fe:
18:85:a6:c2:58:f3:d1:24:13:6f:43:2b:df:3b:48:2c:1b:ce:
7e:ea:d4:5c:cd:34:a0:ad:a9:40:7a:99:ad:1f:0a:dd:b2:8c:
c4:09:59:7d:38:6b:c0:53:87:57:2a:8e:70:a2:92:1e:f9:e1:
8b:c8:98:02:b0:16:fa:3c:2a:37:a4:3f:e8:b2:fd:2b:9f:dd:
e2:85:29:63:a3:3a:67:0a:96:d7:d8:b3:ad:ca:4b:44:3d:7e:
1d:b5:83:00:40:da:40:d9:55:c4:dc:4c:c3:08:7e:fa:ba:0c:
4e:6c:15:5a
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUUAFwnbaNIvMbEDoq0bVsLIt+4nUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjAzMTUxMjE4MjVaFw0yNzAzMTQxMjIzMjVaMDMxMTAvBgNV
BAMTKDA2Mzk2QTAxRjU5NDhBODgxQUIwOTdGMjg5MUU5RUUzREE5MURCRjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOw0Xmo90LnZO69KZuOgp2X/Z4
zw0MSkMjakaUf+iqy89dJtJrdpvw84O7brv654eMUGuaN4i2l2McuXPPH9fU8XaI
T19XEnOCV3nGQGrWFV17/RXLL1a9lHKDQdQwZL80eRtHTU5lWCQZzyqpZV/Pn+41
IUbr9G+2Il9GTxYRQW1CthMn6B+WyLGJosuxkxWA5ywZJa1D5tvQ7JOX5kOuU6F3
7JG343arrbpgncDar+lG6CI+uF6rCVncTE5EalX+t9yQhSvvs6vYZndqJh48Urku
2GaGdGJ47U46s3/6yHpAUCnOaual3DO4riTAHg+K7yj+tX6sihJG+JKna1DHAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUBjlqAfWUiogasJfyiR6e49qR2/kwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
OTJlMzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAC5qQEwDQYJKoZIhvcNAQELBQADggEBABjBZ7HwG3+NOJ3YzAtUv0d8sZ62
wL+rQLf6hyK3B6xXPh5PlLPFsHQOnj9OhevMY0GMoEmTMfsChKUELW6ngYcOTzWZ
TJt3uRgPPp/Zf5sepp0Vn/ED524HsrS8mhqOJp1xGLe6ynBe7VQpdREz5t2bIpFb
0NBSFM2xyiRUjmvdL1yWvTXpK1+3OJnTbtmw/hiFpsJY89EkE29DK987SCwbzn7q
1FzNNKCtqUB6ma0fCt2yjMQJWX04a8BTh1cqjnCikh754YvImAKwFvo8KjekP+iy
/Suf3eKFKWOjOmcKltfYs63KS0Q9fh21gwBA2kDZVcTcTMMIfvq6DE5sFVo=
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:36:22 2026 by rpki-client