Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130302e34322e3137362e302f32312d3332203d3e203531313637.roa
File: 3130302e34322e3137362e302f32312d3332203d3e203531313637.roa (raw, json)
Hash identifier: FJaVpQ5RZBUmSmk+6E8S4BnqACdtxPEVJYSdKo/WjBI=
Subject key identifier: 41:0B:1C:11:77:73:E5:35:60:9B:40:06:97:9E:BA:11:F8:A8:00:DF
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 68E0C2D4E41B2BEA19F95BD427A0E6CF128472D0
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130302e34322e3137362e302f32312d3332203d3e203531313637.roa
Signing time: Mon 13 Apr 2026 11:23:35 +0000
ROA not before: Mon 13 Apr 2026 11:18:35 +0000
ROA not after: Mon 12 Apr 2027 11:23:35 +0000
asID: 51167
IP address blocks: 100.42.176.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:e0:c2:d4:e4:1b:2b:ea:19:f9:5b:d4:27:a0:e6:cf:12:84:72:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Apr 13 11:18:35 2026 GMT
Not After : Apr 12 11:23:35 2027 GMT
Subject: CN=410B1C117773E535609B4006979EBA11F8A800DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:0d:04:a4:5c:6e:7d:5c:92:62:44:c1:84:75:
3d:d3:0f:30:08:7c:dc:97:3c:c3:76:8f:8a:36:ae:
dc:9b:cb:8f:0f:45:53:6e:b9:88:28:f9:71:43:22:
3b:47:d7:0e:03:00:61:79:4a:3b:e9:49:37:d0:53:
2d:5b:ff:85:66:86:cc:d5:3f:45:86:80:cc:1b:f7:
e5:15:04:a6:b4:2a:0d:bf:ed:85:a9:6f:18:c0:3b:
a6:b3:59:ff:a0:f1:28:ec:9d:a5:1b:ea:ce:00:b8:
08:5a:05:49:ac:d1:da:c5:59:6b:58:9c:f3:31:e1:
15:e2:10:5c:08:93:c4:20:21:21:7b:69:a6:a0:21:
4d:d1:72:2d:03:cf:91:16:68:39:f8:7c:b4:4f:f3:
31:2d:c9:03:6d:42:e4:70:31:2c:56:3c:65:8c:4e:
90:d8:24:c8:18:d8:8f:f7:a7:92:60:5c:ec:c8:aa:
75:7e:c7:66:f1:86:59:a5:94:91:0d:5f:e7:a8:b0:
7a:ee:51:3a:89:f0:66:ab:65:c2:ee:d7:72:4b:d1:
bf:32:1f:e8:f8:e4:f2:98:47:5d:b1:b6:3e:91:f2:
f2:e8:2e:33:cd:02:6d:92:21:f1:12:28:f3:d1:f5:
ca:d0:89:6a:d7:7f:3e:ba:e2:80:6b:3a:02:5b:58:
e1:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:0B:1C:11:77:73:E5:35:60:9B:40:06:97:9E:BA:11:F8:A8:00:DF
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130302e34322e3137362e302f32312d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
100.42.176.0/21
Signature Algorithm: sha256WithRSAEncryption
a7:d5:64:d8:1e:a4:06:ed:d4:b6:a4:8d:47:21:26:42:61:41:
a3:b5:56:5a:d3:9d:92:34:0f:39:63:41:ee:8e:c3:32:7a:e7:
94:b4:79:2e:e8:2d:fd:60:25:f0:6e:af:ed:c5:fc:a8:8c:31:
30:28:a1:29:5b:cd:88:7d:80:5a:eb:ec:90:9f:43:eb:87:fc:
c8:08:2b:5b:08:f7:e5:e3:17:8f:79:21:d2:3f:f8:cd:d4:78:
96:eb:47:a8:d5:c9:03:dc:59:be:57:65:4b:99:dd:87:46:68:
73:f8:63:40:14:10:23:f6:a8:10:84:e5:6f:28:04:ae:73:f1:
16:7e:a8:c0:41:96:b2:0b:cf:4c:49:da:a1:ca:c3:3f:21:82:
2b:82:09:15:9b:23:cc:4b:1c:a1:0f:22:6c:07:68:78:37:c7:
cc:f6:b6:83:59:50:46:51:a3:3f:e8:11:eb:0a:b0:28:bc:84:
9a:48:fc:35:c1:84:ef:41:ae:1e:4b:83:90:06:aa:f5:d1:a9:
1f:a4:50:8d:65:80:fe:d7:c5:8d:04:d2:51:ad:44:1c:44:e6:
0e:36:e1:42:91:8f:19:e0:00:e6:41:ad:38:23:fe:60:3f:2d:
d7:31:9d:39:08:30:f0:30:8c:9d:91:c9:06:be:0b:7a:2c:10:
26:de:f9:98
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUaODC1OQbK+oZ+VvUJ6DmzxKEctAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjA0MTMxMTE4MzVaFw0yNzA0MTIxMTIzMzVaMDMxMTAvBgNV
BAMTKDQxMEIxQzExNzc3M0U1MzU2MDlCNDAwNjk3OUVCQTExRjhBODAwREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDODQSkXG59XJJiRMGEdT3TDzAI
fNyXPMN2j4o2rtyby48PRVNuuYgo+XFDIjtH1w4DAGF5SjvpSTfQUy1b/4VmhszV
P0WGgMwb9+UVBKa0Kg2/7YWpbxjAO6azWf+g8SjsnaUb6s4AuAhaBUms0drFWWtY
nPMx4RXiEFwIk8QgISF7aaagIU3Rci0Dz5EWaDn4fLRP8zEtyQNtQuRwMSxWPGWM
TpDYJMgY2I/3p5JgXOzIqnV+x2bxhlmllJENX+eosHruUTqJ8GarZcLu13JL0b8y
H+j45PKYR12xtj6R8vLoLjPNAm2SIfESKPPR9crQiWrXfz664oBrOgJbWOGfAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUQQscEXdz5TVgm0AGl566EfioAN8wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTMwMzAyZTM0MzIy
ZTMxMzczNjJlMzAyZjMyMzEyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANkKrAwDQYJKoZIhvcNAQELBQADggEBAKfVZNgepAbt1LakjUchJkJhQaO1
VlrTnZI0DzljQe6OwzJ655S0eS7oLf1gJfBur+3F/KiMMTAooSlbzYh9gFrr7JCf
Q+uH/MgIK1sI9+XjF495IdI/+M3UeJbrR6jVyQPcWb5XZUuZ3YdGaHP4Y0AUECP2
qBCE5W8oBK5z8RZ+qMBBlrILz0xJ2qHKwz8hgiuCCRWbI8xLHKEPImwHaHg3x8z2
toNZUEZRoz/oEesKsCi8hJpI/DXBhO9Brh5Lg5AGqvXRqR+kUI1lgP7XxY0E0lGt
RBxE5g424UKRjxngAOZBrTgj/mA/LdcxnTkIMPAwjJ2RyQa+C3osECbe+Zg=
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:46:23 2026 by rpki-client