Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3135362e3232372e302f32342d3234203d3e203136323736.roa
File: 3139342e3135362e3232372e302f32342d3234203d3e203136323736.roa (raw, json)
Hash identifier: sZJp0XMXXLl+8lSzI1Toqn8v5uuMHenxdQw0SVmSjFs=
Subject key identifier: 36:D9:A5:8E:41:A1:55:09:6B:AF:CB:04:D2:24:9F:B4:F2:FB:13:4C
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 270B533B1473C09189A78E288B912317F80926E5
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3135362e3232372e302f32342d3234203d3e203136323736.roa
Signing time: Fri 24 Apr 2026 11:23:54 +0000
ROA not before: Fri 24 Apr 2026 11:18:54 +0000
ROA not after: Fri 23 Apr 2027 11:23:54 +0000
asID: 16276
IP address blocks: 194.156.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:0b:53:3b:14:73:c0:91:89:a7:8e:28:8b:91:23:17:f8:09:26:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Apr 24 11:18:54 2026 GMT
Not After : Apr 23 11:23:54 2027 GMT
Subject: CN=36D9A58E41A155096BAFCB04D2249FB4F2FB134C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:86:0d:5a:60:3a:6b:90:0a:46:15:38:35:2e:
fb:ef:11:3e:ef:e4:8a:7a:fd:38:57:9e:51:90:e5:
fc:e3:e4:f3:09:8f:a4:04:54:70:06:13:2f:fb:e6:
fa:ec:12:b6:04:eb:3f:09:93:a2:00:02:61:c9:a1:
f4:d8:34:8d:7e:6c:54:cd:9f:18:9e:b4:49:d8:23:
44:d3:eb:df:8b:2d:b1:f8:33:c3:ad:ac:d0:e2:09:
3b:4f:1e:c0:63:d5:23:eb:65:b4:42:df:be:9c:d8:
65:71:16:52:7b:05:42:0c:9b:e1:73:de:8d:fa:2d:
4e:b3:a1:d4:01:77:82:17:22:37:06:d4:40:88:0f:
3e:d8:d5:94:86:63:89:cd:12:d8:25:92:57:0e:1e:
1c:25:f5:6c:a8:fd:f5:87:c3:53:6d:4b:63:fe:3a:
b9:71:fb:66:22:07:cd:a7:3e:c0:6e:09:3c:ec:b9:
8c:e8:92:84:52:7a:2f:78:9d:4f:3b:d3:96:a8:d9:
b7:46:20:3a:d7:3a:a8:40:ad:d1:6a:9e:b5:e6:aa:
48:71:34:ca:23:3e:30:55:a8:11:64:c0:41:40:06:
91:40:be:1c:c3:53:59:1b:94:25:6c:1d:c6:ac:06:
fb:67:63:31:2e:f2:48:21:53:30:b8:10:3b:38:f2:
bc:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D9:A5:8E:41:A1:55:09:6B:AF:CB:04:D2:24:9F:B4:F2:FB:13:4C
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3135362e3232372e302f32342d3234203d3e203136323736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.227.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:62:ce:94:7d:20:01:84:8e:00:16:ab:bd:aa:1d:43:2f:df:
34:a8:ad:22:0e:16:c2:ee:2b:6f:a2:c7:44:86:c6:f8:3b:74:
09:a9:4c:e3:a9:b3:4b:f9:c3:3c:01:26:97:7e:cc:cd:c3:2b:
c4:29:6c:eb:58:12:d5:0c:75:75:54:86:49:70:a2:75:3b:ef:
de:c3:3f:59:96:3e:93:81:99:cd:f9:5f:38:23:79:b8:a6:f1:
74:0b:49:b0:55:15:e5:b3:29:4d:97:70:72:72:d0:9b:ea:d2:
b2:d0:04:6b:f8:bc:8e:76:2e:7a:f0:20:d4:58:ce:6b:bd:29:
2b:50:91:6f:b8:d8:c7:4a:06:10:3e:9e:e0:58:1b:dd:d5:80:
74:64:82:09:18:fc:d1:14:ba:65:be:5a:23:be:3e:a7:1d:81:
5e:98:46:e6:07:51:77:64:de:d2:5c:36:ea:ac:5b:f7:a1:e6:
5f:ac:a1:e0:f6:1b:e9:28:e5:69:1a:69:82:38:dc:f0:ca:a0:
cf:82:82:e0:b8:e0:29:71:6b:f6:59:f8:61:9b:97:bd:94:32:
8d:0f:fa:16:d8:6d:9f:11:8e:1b:42:b7:ad:f4:fc:ac:85:72:
8b:b9:45:ef:70:7f:d3:14:07:f2:55:b6:c2:c3:21:fa:88:ab:
53:20:f5:8c
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUJwtTOxRzwJGJp44oi5EjF/gJJuUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjA0MjQxMTE4NTRaFw0yNzA0MjMxMTIzNTRaMDMxMTAvBgNV
BAMTKDM2RDlBNThFNDFBMTU1MDk2QkFGQ0IwNEQyMjQ5RkI0RjJGQjEzNEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBhg1aYDprkApGFTg1LvvvET7v
5Ip6/ThXnlGQ5fzj5PMJj6QEVHAGEy/75vrsErYE6z8Jk6IAAmHJofTYNI1+bFTN
nxietEnYI0TT69+LLbH4M8OtrNDiCTtPHsBj1SPrZbRC376c2GVxFlJ7BUIMm+Fz
3o36LU6zodQBd4IXIjcG1ECIDz7Y1ZSGY4nNEtglklcOHhwl9Wyo/fWHw1NtS2P+
Orlx+2YiB82nPsBuCTzsuYzokoRSei94nU8705ao2bdGIDrXOqhArdFqnrXmqkhx
NMojPjBVqBFkwEFABpFAvhzDU1kblCVsHcasBvtnYzEu8kghUzC4EDs48rz7AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUNtmljkGhVQlrr8sE0iSftPL7E0wwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTMxMzUz
NjJlMzIzMjM3MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNjMyMzczNi5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMKc4zANBgkqhkiG9w0BAQsFAAOCAQEAxWLOlH0gAYSOABarvaodQy/f
NKitIg4Wwu4rb6LHRIbG+Dt0CalM46mzS/nDPAEml37MzcMrxCls61gS1Qx1dVSG
SXCidTvv3sM/WZY+k4GZzflfOCN5uKbxdAtJsFUV5bMpTZdwcnLQm+rSstAEa/i8
jnYuevAg1FjOa70pK1CRb7jYx0oGED6e4Fgb3dWAdGSCCRj80RS6Zb5aI74+px2B
XphG5gdRd2Te0lw26qxb96HmX6yh4PYb6SjlaRppgjjc8Mqgz4KC4LjgKXFr9ln4
YZuXvZQyjQ/6FthtnxGOG0K3rfT8rIVyi7lF73B/0xQH8lW2wsMh+oirUyD1jA==
-----END CERTIFICATE-----
Generated at Tue May 12 21:30:54 2026 by rpki-client