Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130302e34322e3138342e302f32312d3332203d3e203531313637.roa
File: 3130302e34322e3138342e302f32312d3332203d3e203531313637.roa (raw, json)
Hash identifier: WTwspSEYuhB1lw7q0Yp51p4peYNsPCQssudmYevECZs=
Subject key identifier: C9:4A:31:CF:A0:CB:98:DA:72:57:AC:2F:AD:5D:78:14:CE:76:F5:22
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 36E1EB1BAB291DC5EA0EA7F19B025B2D8C68B82D
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130302e34322e3138342e302f32312d3332203d3e203531313637.roa
Signing time: Mon 13 Apr 2026 11:23:35 +0000
ROA not before: Mon 13 Apr 2026 11:18:35 +0000
ROA not after: Mon 12 Apr 2027 11:23:35 +0000
asID: 51167
IP address blocks: 100.42.184.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:e1:eb:1b:ab:29:1d:c5:ea:0e:a7:f1:9b:02:5b:2d:8c:68:b8:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Apr 13 11:18:35 2026 GMT
Not After : Apr 12 11:23:35 2027 GMT
Subject: CN=C94A31CFA0CB98DA7257AC2FAD5D7814CE76F522
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2f:0f:4b:a4:44:c7:e3:1a:f1:88:db:58:f2:
62:3d:06:19:22:e5:3f:50:0a:4a:9e:0a:80:6f:69:
9c:49:23:73:7a:cc:95:9b:c0:78:bb:cd:b2:6d:b3:
7c:66:dd:07:6a:19:69:9c:2a:5b:08:fc:7d:c0:73:
97:67:82:d1:14:f3:b8:02:11:8c:f3:4f:44:35:1f:
2c:cf:9f:c4:91:8f:6d:83:1a:23:13:eb:5c:69:e3:
73:12:fd:9e:51:13:19:85:22:ec:39:83:c2:0a:ef:
90:f4:0f:e3:b6:20:fc:f0:b8:4e:1a:40:73:89:f2:
65:aa:a0:08:c3:55:1b:22:be:39:de:34:42:d5:0a:
cd:b0:b1:96:92:d6:ae:e5:49:be:32:58:0d:1f:87:
2e:d9:43:98:36:41:9e:14:e2:b3:68:49:79:55:8a:
80:0d:8c:11:d6:c0:c7:eb:25:4d:ad:12:4e:92:78:
39:3c:50:bb:31:b0:e5:c3:ee:e9:ce:eb:1f:bc:98:
f2:30:2a:46:82:48:fa:58:ab:6f:a0:c4:31:80:02:
0b:e6:89:8b:82:81:c3:b5:9f:44:67:ef:20:ce:9b:
46:87:a9:b4:d2:c8:7e:7f:39:90:d6:2d:58:fe:85:
43:d3:ad:d5:06:d8:14:8d:0b:d6:cb:a0:30:00:e4:
c3:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:4A:31:CF:A0:CB:98:DA:72:57:AC:2F:AD:5D:78:14:CE:76:F5:22
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130302e34322e3138342e302f32312d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
100.42.184.0/21
Signature Algorithm: sha256WithRSAEncryption
a2:28:de:bf:cf:a0:0d:19:ae:c3:f5:ac:55:71:cb:6b:9b:6a:
0f:db:95:fa:da:97:c5:b2:a2:6f:c2:ba:93:88:7e:9e:c9:b7:
73:f5:4c:29:2d:5a:07:5a:37:0b:18:5b:fd:e3:56:f3:47:cc:
c8:fc:12:77:6a:dc:30:f5:2f:df:23:1e:76:89:5e:a8:d3:08:
f6:9a:ff:e7:b6:73:f1:32:55:02:0c:14:18:72:cf:66:66:61:
b9:4a:ab:4c:ab:9a:26:09:d5:5e:7d:df:9d:54:88:34:53:54:
fd:5c:4e:93:cb:a3:6a:47:e7:2a:b4:01:18:e1:1b:8a:4c:55:
a3:97:e3:4c:7c:37:fd:e6:1c:a2:73:6f:95:49:45:d8:7e:ac:
97:e0:ae:3c:2f:79:7b:fd:15:67:1d:f1:e0:e5:b6:de:33:81:
31:3b:7f:2a:7c:f9:18:86:b9:1a:8c:12:27:f8:41:d8:b9:8a:
ef:fd:e6:7b:80:9d:86:1e:51:30:01:a0:d1:5c:fe:d3:e8:20:
ff:84:2c:da:66:c7:3b:c6:40:bd:a0:39:fc:94:a2:2f:7b:7e:
46:8d:0f:31:c3:9d:00:af:88:af:98:a4:f4:43:8c:a8:d7:ca:
05:bf:79:99:7d:63:58:6c:68:55:b1:ce:3e:d5:aa:54:fb:fe:
9e:05:5d:53
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUNuHrG6spHcXqDqfxmwJbLYxouC0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjA0MTMxMTE4MzVaFw0yNzA0MTIxMTIzMzVaMDMxMTAvBgNV
BAMTKEM5NEEzMUNGQTBDQjk4REE3MjU3QUMyRkFENUQ3ODE0Q0U3NkY1MjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDLw9LpETH4xrxiNtY8mI9Bhki
5T9QCkqeCoBvaZxJI3N6zJWbwHi7zbJts3xm3QdqGWmcKlsI/H3Ac5dngtEU87gC
EYzzT0Q1HyzPn8SRj22DGiMT61xp43MS/Z5RExmFIuw5g8IK75D0D+O2IPzwuE4a
QHOJ8mWqoAjDVRsivjneNELVCs2wsZaS1q7lSb4yWA0fhy7ZQ5g2QZ4U4rNoSXlV
ioANjBHWwMfrJU2tEk6SeDk8ULsxsOXD7unO6x+8mPIwKkaCSPpYq2+gxDGAAgvm
iYuCgcO1n0Rn7yDOm0aHqbTSyH5/OZDWLVj+hUPTrdUG2BSNC9bLoDAA5MPlAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUyUoxz6DLmNpyV6wvrV14FM529SIwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTMwMzAyZTM0MzIy
ZTMxMzgzNDJlMzAyZjMyMzEyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANkKrgwDQYJKoZIhvcNAQELBQADggEBAKIo3r/PoA0ZrsP1rFVxy2ubag/b
lfral8Wyom/CupOIfp7Jt3P1TCktWgdaNwsYW/3jVvNHzMj8Endq3DD1L98jHnaJ
XqjTCPaa/+e2c/EyVQIMFBhyz2ZmYblKq0yrmiYJ1V59351UiDRTVP1cTpPLo2pH
5yq0ARjhG4pMVaOX40x8N/3mHKJzb5VJRdh+rJfgrjwveXv9FWcd8eDltt4zgTE7
fyp8+RiGuRqMEif4Qdi5iu/95nuAnYYeUTABoNFc/tPoIP+ELNpmxzvGQL2gOfyU
oi97fkaNDzHDnQCviK+YpPRDjKjXygW/eZl9Y1hsaFWxzj7VqlT7/p4FXVM=
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:36:37 2026 by rpki-client