Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137322e35332e302f32342d3234203d3e20313437303439.roa
File: 3138352e3137322e35332e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: uOIKuMFxRYXYSEM58UeAyXB3bQ0dT4KuDmRRJ9wem4c=
Subject key identifier: 90:6B:3E:1A:3C:10:92:61:29:6E:F4:0F:E8:DF:90:DE:9F:BA:61:4C
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 368659DA98D762D3095AE5E6A7ABEE329EC05FF9
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137322e35332e302f32342d3234203d3e20313437303439.roa
Signing time: Mon 23 Mar 2026 12:23:28 +0000
ROA not before: Mon 23 Mar 2026 12:18:28 +0000
ROA not after: Mon 22 Mar 2027 12:23:28 +0000
asID: 147049
IP address blocks: 185.172.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:86:59:da:98:d7:62:d3:09:5a:e5:e6:a7:ab:ee:32:9e:c0:5f:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Mar 23 12:18:28 2026 GMT
Not After : Mar 22 12:23:28 2027 GMT
Subject: CN=906B3E1A3C109261296EF40FE8DF90DE9FBA614C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:04:5d:c4:f0:37:77:35:c5:24:bc:47:58:5d:
bb:01:48:42:83:f2:eb:3e:4f:55:99:a5:a9:90:bf:
a5:b5:88:2f:6f:b9:e5:14:75:15:e1:59:fe:92:84:
3c:70:3c:7e:39:34:09:62:8a:ff:64:61:9c:97:ba:
19:32:95:1c:ce:5c:dc:4d:9c:cd:08:5c:59:c7:1e:
19:f9:35:7f:84:c0:16:fb:46:0d:19:8f:15:62:54:
3e:5f:24:47:05:c9:4b:94:63:c9:18:9d:27:01:71:
59:52:0e:20:c7:71:d2:ac:cf:d3:8d:ad:5a:be:9a:
92:cf:8c:82:1b:eb:ae:8b:13:12:b8:cc:cd:11:b0:
5f:90:b0:88:b4:be:8f:66:64:59:34:51:4f:c6:e9:
e7:1a:b3:83:1d:1e:a1:ec:22:ba:57:e1:b6:3a:40:
2f:85:2f:0b:de:90:5c:8d:ec:71:6e:ac:e5:02:c0:
db:a1:c3:4e:c1:15:c9:a2:f1:8d:7b:02:13:75:85:
58:ec:76:ec:c0:7b:4b:1b:f7:6b:b3:97:5f:60:ae:
0c:40:9f:2c:1a:15:95:62:30:a5:0d:13:96:4c:54:
2c:c0:7a:cb:cc:21:65:86:1f:3f:9d:5d:52:87:7c:
06:fc:86:48:de:01:37:ea:6a:8f:e2:d8:1a:88:f3:
21:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:6B:3E:1A:3C:10:92:61:29:6E:F4:0F:E8:DF:90:DE:9F:BA:61:4C
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137322e35332e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.53.0/24
Signature Algorithm: sha256WithRSAEncryption
10:96:c1:5a:e6:75:ac:ca:f1:af:56:26:d0:7d:3c:d6:d0:a6:
f5:00:5e:f6:29:fd:5b:cd:33:e1:17:3c:13:75:46:e7:61:ff:
6e:f8:ed:e9:ef:51:04:e8:22:dd:01:c8:31:56:f3:5d:d7:dc:
28:2f:a8:b6:e8:fb:53:dc:60:ab:e1:11:35:00:49:1b:17:52:
3f:b7:ca:2a:6a:ca:64:1b:61:53:6c:15:2a:8f:28:c7:ae:ed:
45:0c:78:a5:0c:ff:3d:33:de:7b:09:58:fd:f3:35:18:4a:e7:
a3:3b:62:e1:15:af:4a:ad:ac:95:5c:34:24:0f:0c:6d:e7:ea:
ca:64:c1:93:c8:0d:0c:01:6e:3b:96:e8:b6:b5:40:b7:0e:86:
47:4d:89:50:01:80:cf:d0:56:1d:ef:5e:24:29:63:58:0e:eb:
7c:a8:bc:68:e7:d1:a1:8e:68:e6:5e:b5:4f:56:7d:d9:94:d2:
34:4a:80:f4:a9:38:a1:05:db:58:e0:04:6f:94:1f:d5:45:c7:
82:29:ee:e0:d5:6b:17:34:72:33:33:86:ed:0d:7f:95:37:8b:
02:76:6c:f7:d9:46:90:68:9c:33:08:5d:77:68:b0:5e:d4:4b:
e0:b1:fb:26:5a:de:73:c4:48:9b:0b:35:ef:fe:12:3d:b7:bd:
69:40:d9:cf
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUNoZZ2pjXYtMJWuXmp6vuMp7AX/kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjAzMjMxMjE4MjhaFw0yNzAzMjIxMjIzMjhaMDMxMTAvBgNV
BAMTKDkwNkIzRTFBM0MxMDkyNjEyOTZFRjQwRkU4REY5MERFOUZCQTYxNEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBBF3E8Dd3NcUkvEdYXbsBSEKD
8us+T1WZpamQv6W1iC9vueUUdRXhWf6ShDxwPH45NAliiv9kYZyXuhkylRzOXNxN
nM0IXFnHHhn5NX+EwBb7Rg0ZjxViVD5fJEcFyUuUY8kYnScBcVlSDiDHcdKsz9ON
rVq+mpLPjIIb666LExK4zM0RsF+QsIi0vo9mZFk0UU/G6ecas4MdHqHsIrpX4bY6
QC+FLwvekFyN7HFurOUCwNuhw07BFcmi8Y17AhN1hVjsduzAe0sb92uzl19grgxA
nywaFZViMKUNE5ZMVCzAesvMIWWGHz+dXVKHfAb8hkjeATfqao/i2BqI8yE/AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUkGs+GjwQkmEpbvQP6N+Q3p+6YUwwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzcz
MjJlMzUzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNzMwMzQzOS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmsNTANBgkqhkiG9w0BAQsFAAOCAQEAEJbBWuZ1rMrxr1Ym0H081tCm
9QBe9in9W80z4Rc8E3VG52H/bvjt6e9RBOgi3QHIMVbzXdfcKC+otuj7U9xgq+ER
NQBJGxdSP7fKKmrKZBthU2wVKo8ox67tRQx4pQz/PTPeewlY/fM1GErnozti4RWv
Sq2slVw0JA8MbefqymTBk8gNDAFuO5botrVAtw6GR02JUAGAz9BWHe9eJCljWA7r
fKi8aOfRoY5o5l61T1Z92ZTSNEqA9Kk4oQXbWOAEb5Qf1UXHginu4NVrFzRyMzOG
7Q1/lTeLAnZs99lGkGicMwhdd2iwXtRL4LH7Jlrec8RImws17/4SPbe9aUDZzw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:11:09 2026 by rpki-client