Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137322e35322e302f32342d3234203d3e20313437303439.roa
File: 3138352e3137322e35322e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: c+E1cZFnWuhPv2bQ0NCv8xFzVmwVpE0hswhLy2Hqqgc=
Subject key identifier: 5A:52:E6:53:40:45:F0:9A:2D:E8:65:BD:B3:6D:93:56:69:0B:6D:F4
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 2BEAF86417FB9B035794F5938E3F6EFDDCC457EE
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137322e35322e302f32342d3234203d3e20313437303439.roa
Signing time: Mon 23 Mar 2026 12:23:28 +0000
ROA not before: Mon 23 Mar 2026 12:18:28 +0000
ROA not after: Mon 22 Mar 2027 12:23:28 +0000
asID: 147049
IP address blocks: 185.172.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:ea:f8:64:17:fb:9b:03:57:94:f5:93:8e:3f:6e:fd:dc:c4:57:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Mar 23 12:18:28 2026 GMT
Not After : Mar 22 12:23:28 2027 GMT
Subject: CN=5A52E6534045F09A2DE865BDB36D9356690B6DF4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d8:3b:8e:ec:d6:cc:21:74:e5:3e:36:e5:ce:
25:19:7b:f7:cd:1f:a2:d6:9a:ff:1b:f6:14:b2:69:
d2:c9:3d:5a:d8:00:8d:bd:73:d9:14:02:29:ac:f6:
57:e5:48:9d:68:da:63:6d:68:b4:30:75:60:5a:bd:
9b:67:11:d0:25:70:f7:ca:5a:34:8a:f9:66:cd:eb:
91:0c:6f:72:7d:d2:1a:a7:c9:de:6a:1f:9c:0a:ba:
a4:6c:e1:f4:2a:08:39:e1:a7:5b:14:64:2b:a7:7c:
91:ba:18:f9:4e:33:59:69:dd:e6:a4:e9:fa:df:b1:
b6:38:93:4c:66:5d:b1:c7:90:02:83:f2:66:07:f4:
7f:18:b3:44:d9:ab:15:d3:f5:4e:b2:d5:84:3b:a2:
56:2b:7a:bb:7d:25:d5:65:29:48:16:4c:0a:4f:c8:
9c:a9:e2:17:5f:2e:06:f7:1c:1e:02:40:82:7e:69:
1b:4c:9b:69:64:8e:5b:4c:43:96:77:5d:1f:7a:46:
b8:68:c4:83:1c:98:0e:a7:7a:f0:52:82:d6:cb:43:
39:95:35:7e:dc:67:1f:92:74:3e:40:58:54:ee:49:
e3:d9:80:d6:0a:af:13:42:fa:12:eb:62:c9:c6:08:
ac:0a:d6:17:bd:5a:04:55:93:e0:bf:05:e8:0e:e7:
db:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:52:E6:53:40:45:F0:9A:2D:E8:65:BD:B3:6D:93:56:69:0B:6D:F4
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137322e35322e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.52.0/24
Signature Algorithm: sha256WithRSAEncryption
55:ca:a4:e8:26:b1:ea:92:88:b9:3c:e0:7b:89:74:76:75:03:
44:e2:98:02:ed:f5:6b:a1:5c:7c:93:72:e5:61:d5:8f:31:ef:
28:bd:07:36:d6:b3:f2:26:79:ba:29:aa:4e:27:1d:4d:1b:f2:
26:af:2c:bc:5e:2d:9f:d4:db:81:ef:3e:bb:3a:6b:e8:52:68:
0f:02:2b:53:15:fb:96:1a:a8:9d:97:e7:32:57:9b:4e:ec:08:
89:f9:7e:9c:48:53:9b:05:57:dc:8b:35:77:d4:be:f5:ba:b4:
01:f0:f1:52:82:3d:4e:70:70:79:0a:3c:68:51:56:e0:20:7d:
f0:6e:81:3d:f2:2e:18:8e:50:bd:89:38:4c:4a:03:6f:3f:aa:
5a:34:39:e1:d3:14:d3:95:28:79:66:6f:3d:50:1e:d9:1d:99:
42:33:4d:f5:39:4c:47:22:49:7d:b1:e7:ac:58:91:60:26:b8:
02:a7:bb:e2:38:74:ee:d6:fa:6f:e9:96:84:d1:99:09:68:aa:
f9:c4:2a:17:3c:3f:53:a8:d8:bb:fe:04:65:f8:69:73:b4:fe:
13:86:06:1c:f8:e5:a8:d3:b4:49:a6:d4:7d:c0:21:28:cf:11:
25:35:87:61:9d:f0:90:39:53:26:40:dd:e2:4f:de:50:3d:8e:
c1:d3:cc:8c
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUK+r4ZBf7mwNXlPWTjj9u/dzEV+4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjAzMjMxMjE4MjhaFw0yNzAzMjIxMjIzMjhaMDMxMTAvBgNV
BAMTKDVBNTJFNjUzNDA0NUYwOUEyREU4NjVCREIzNkQ5MzU2NjkwQjZERjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+2DuO7NbMIXTlPjblziUZe/fN
H6LWmv8b9hSyadLJPVrYAI29c9kUAims9lflSJ1o2mNtaLQwdWBavZtnEdAlcPfK
WjSK+WbN65EMb3J90hqnyd5qH5wKuqRs4fQqCDnhp1sUZCunfJG6GPlOM1lp3eak
6frfsbY4k0xmXbHHkAKD8mYH9H8Ys0TZqxXT9U6y1YQ7olYrert9JdVlKUgWTApP
yJyp4hdfLgb3HB4CQIJ+aRtMm2lkjltMQ5Z3XR96RrhoxIMcmA6nevBSgtbLQzmV
NX7cZx+SdD5AWFTuSePZgNYKrxNC+hLrYsnGCKwK1he9WgRVk+C/BegO59uDAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUWlLmU0BF8Jot6GW9s22TVmkLbfQwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzcz
MjJlMzUzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNzMwMzQzOS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmsNDANBgkqhkiG9w0BAQsFAAOCAQEAVcqk6Cax6pKIuTzge4l0dnUD
ROKYAu31a6FcfJNy5WHVjzHvKL0HNtaz8iZ5uimqTicdTRvyJq8svF4tn9Tbge8+
uzpr6FJoDwIrUxX7lhqonZfnMlebTuwIifl+nEhTmwVX3Is1d9S+9bq0AfDxUoI9
TnBweQo8aFFW4CB98G6BPfIuGI5QvYk4TEoDbz+qWjQ54dMU05UoeWZvPVAe2R2Z
QjNN9TlMRyJJfbHnrFiRYCa4Aqe74jh07tb6b+mWhNGZCWiq+cQqFzw/U6jYu/4E
Zfhpc7T+E4YGHPjlqNO0SabUfcAhKM8RJTWHYZ3wkDlTJkDd4k/eUD2OwdPMjA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:20:17 2026 by rpki-client