Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3134372e35362e302f32342d3234203d3e20323035343839.roa
File: 3139342e3134372e35362e302f32342d3234203d3e20323035343839.roa (raw, json)
Hash identifier: La0L6nJUNvknv0lyqmwC6M0VvXu1LLHJSDwIaQaZ5kM=
Subject key identifier: 1C:0F:B4:71:26:34:06:12:2E:6C:BA:16:82:65:78:31:4E:86:69:C8
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 7C5B87A5F40EEECA36FBB0E0CF850D0F14F1195F
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3134372e35362e302f32342d3234203d3e20323035343839.roa
Signing time: Tue 17 Mar 2026 13:28:08 +0000
ROA not before: Tue 17 Mar 2026 13:23:08 +0000
ROA not after: Tue 16 Mar 2027 13:28:08 +0000
asID: 205489
IP address blocks: 194.147.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 15:20:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:5b:87:a5:f4:0e:ee:ca:36:fb:b0:e0:cf:85:0d:0f:14:f1:19:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Mar 17 13:23:08 2026 GMT
Not After : Mar 16 13:28:08 2027 GMT
Subject: CN=1C0FB471263406122E6CBA16826578314E8669C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f4:c3:e9:91:f7:53:26:e2:24:24:77:45:c6:
cc:8d:3d:0b:f0:af:8f:f5:e8:87:88:0d:13:c9:15:
38:a4:4b:a2:26:11:68:41:c5:7a:a8:62:d3:8b:08:
51:1b:05:66:bf:be:b5:89:69:06:36:d8:44:87:30:
d3:44:d3:a6:6f:9a:7f:f7:5c:98:c2:55:cc:f4:29:
72:69:3e:47:82:43:2a:e0:dc:90:7c:93:ff:01:18:
90:c6:68:df:03:a3:c1:60:d3:49:b7:1e:5e:c6:9c:
23:93:de:25:c5:23:6d:bf:f9:e6:95:39:98:38:20:
2f:d2:b9:f1:f7:77:24:8d:9e:e4:fd:b9:f6:80:c7:
73:8a:06:b2:c2:95:41:1b:2f:b4:2e:02:1d:8e:fa:
dd:53:b8:8f:fb:0d:a0:20:a5:31:91:41:33:77:96:
58:5b:98:42:41:b8:dc:f4:aa:ac:8f:ac:61:ca:17:
a6:00:1e:c8:73:ec:c5:68:f5:08:3a:1d:77:ce:eb:
c3:33:c3:70:4a:98:97:ce:a9:4b:2b:0c:43:d0:80:
6f:de:b0:4d:82:d2:43:1f:a7:2b:22:95:e9:a0:57:
3e:73:7c:23:e5:7d:39:5d:60:ae:4c:a3:47:a3:a9:
54:93:fb:ce:90:46:0c:a3:14:13:61:53:2a:b5:fd:
2e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:0F:B4:71:26:34:06:12:2E:6C:BA:16:82:65:78:31:4E:86:69:C8
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3134372e35362e302f32342d3234203d3e20323035343839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.56.0/24
Signature Algorithm: sha256WithRSAEncryption
df:af:70:8d:35:cc:e6:20:f4:f2:8e:37:d6:49:6f:5b:05:c3:
2a:b3:9e:5b:88:3e:90:1a:0f:97:4b:27:d1:00:b4:9d:aa:29:
bc:39:3c:9e:cc:b6:dd:6d:6c:a6:66:d4:06:aa:95:ac:e6:9a:
81:50:93:52:c4:8a:03:ec:c5:aa:7e:f9:a8:34:14:35:4a:94:
fd:da:14:05:fb:36:14:2d:65:b5:e0:0e:f3:03:be:17:f2:46:
85:57:bb:32:f3:7b:ed:97:ba:bd:77:ad:d8:d4:a3:73:e6:2d:
15:8b:3a:02:46:71:f8:f0:fa:73:a7:52:9a:db:43:d0:eb:bc:
e8:17:0a:05:17:c8:5f:d8:cb:53:33:f8:f9:65:4d:63:89:3d:
36:d9:84:93:c2:bb:0a:da:ba:53:c4:40:cd:e0:04:32:67:d7:
85:f4:fc:4f:17:ff:e2:c7:ee:3b:b1:0d:05:0f:cd:fe:af:ec:
14:82:08:8f:a3:ec:d6:a0:03:14:e0:dc:22:7e:bc:73:10:16:
25:4f:69:c0:f4:b0:8b:6d:a4:71:c7:04:a4:ae:3f:fa:c6:95:
ab:67:17:c3:d4:23:24:9a:08:50:d8:40:25:4a:1e:7c:11:a1:
96:70:aa:8f:46:42:a5:f7:90:27:17:c4:54:b0:a5:ec:a6:6b:
fb:cf:0e:18
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUfFuHpfQO7so2+7Dgz4UNDxTxGV8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjAzMTcxMzIzMDhaFw0yNzAzMTYxMzI4MDhaMDMxMTAvBgNV
BAMTKDFDMEZCNDcxMjYzNDA2MTIyRTZDQkExNjgyNjU3ODMxNEU4NjY5QzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC99MPpkfdTJuIkJHdFxsyNPQvw
r4/16IeIDRPJFTikS6ImEWhBxXqoYtOLCFEbBWa/vrWJaQY22ESHMNNE06Zvmn/3
XJjCVcz0KXJpPkeCQyrg3JB8k/8BGJDGaN8Do8Fg00m3Hl7GnCOT3iXFI22/+eaV
OZg4IC/SufH3dySNnuT9ufaAx3OKBrLClUEbL7QuAh2O+t1TuI/7DaAgpTGRQTN3
llhbmEJBuNz0qqyPrGHKF6YAHshz7MVo9Qg6HXfO68Mzw3BKmJfOqUsrDEPQgG/e
sE2C0kMfpysilemgVz5zfCPlfTldYK5Mo0ejqVST+86QRgyjFBNhUyq1/S4nAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUHA+0cSY0BhIubLoWgmV4MU6GacgwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTMxMzQz
NzJlMzUzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNTM0MzgzOS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMKTODANBgkqhkiG9w0BAQsFAAOCAQEA369wjTXM5iD08o431klvWwXD
KrOeW4g+kBoPl0sn0QC0naopvDk8nsy23W1spmbUBqqVrOaagVCTUsSKA+zFqn75
qDQUNUqU/doUBfs2FC1lteAO8wO+F/JGhVe7MvN77Ze6vXet2NSjc+YtFYs6AkZx
+PD6c6dSmttD0Ou86BcKBRfIX9jLUzP4+WVNY4k9NtmEk8K7Ctq6U8RAzeAEMmfX
hfT8Txf/4sfuO7ENBQ/N/q/sFIIIj6Ps1qADFODcIn68cxAWJU9pwPSwi22kcccE
pK4/+saVq2cXw9QjJJoIUNhAJUoefBGhlnCqj0ZCpfeQJxfEVLCl7KZr+88OGA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 23:33:54 2026 by rpki-client