Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130392e3233362e36312e302f32342d3234203d3e20323133343338.roa
File: 3130392e3233362e36312e302f32342d3234203d3e20323133343338.roa (raw, json)
Hash identifier: mHHH5RoqkZ1bMcnO03uZkqSYcJZdq19NDfrVhTfizrI=
Subject key identifier: A6:61:F5:0E:C6:F3:BA:FA:76:27:E8:89:C5:9F:2E:C1:BB:70:B0:91
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 59B2BD474ECF2C17C0EFE97D9AB353CB7047F414
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130392e3233362e36312e302f32342d3234203d3e20323133343338.roa
Signing time: Mon 06 Apr 2026 07:35:03 +0000
ROA not before: Mon 06 Apr 2026 07:30:03 +0000
ROA not after: Mon 05 Apr 2027 07:35:03 +0000
asID: 213438
IP address blocks: 109.236.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:b2:bd:47:4e:cf:2c:17:c0:ef:e9:7d:9a:b3:53:cb:70:47:f4:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Apr 6 07:30:03 2026 GMT
Not After : Apr 5 07:35:03 2027 GMT
Subject: CN=A661F50EC6F3BAFA7627E889C59F2EC1BB70B091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:21:75:9b:ca:0d:49:db:c8:50:75:16:04:b0:
df:93:42:2b:93:de:f2:7b:91:1c:49:aa:e7:48:db:
5d:f5:9a:dc:96:82:ae:a2:67:b9:2b:73:07:3b:55:
bd:60:f4:5a:9a:aa:bc:88:3d:a0:85:22:56:f0:89:
07:27:47:23:5d:21:5f:3f:62:95:4e:bf:06:a9:3e:
11:71:08:93:11:25:9b:d8:97:da:1d:4f:3e:72:84:
f1:dd:7a:8b:f1:0b:68:3e:ed:f8:b5:e0:47:8e:2a:
33:5a:84:a9:bc:df:0a:c8:90:72:82:5c:7d:af:2e:
13:8e:eb:d3:2f:8a:93:83:a2:27:47:1b:a2:70:53:
e2:d0:da:18:37:f1:96:ba:0e:a8:12:16:23:f6:ff:
26:d7:91:c4:52:09:4c:63:ce:30:6b:df:f3:93:51:
ab:79:0a:47:25:24:f5:77:4c:c9:8a:27:89:5a:d3:
01:3d:49:c2:ef:36:c2:07:d1:58:b5:8a:bd:06:ba:
3c:83:fe:42:8e:f9:c4:0b:2b:d9:a4:bc:4e:7a:dc:
07:62:5a:72:2c:af:71:7b:0e:77:51:c4:d7:d7:f4:
55:8c:99:9c:00:e4:b5:f2:92:35:55:01:28:d3:f0:
92:fd:da:34:be:d3:b5:d0:57:09:d3:75:21:c1:37:
08:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:61:F5:0E:C6:F3:BA:FA:76:27:E8:89:C5:9F:2E:C1:BB:70:B0:91
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130392e3233362e36312e302f32342d3234203d3e20323133343338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.61.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:c9:98:0e:f4:6b:34:32:bf:24:9a:32:39:50:2f:7f:a6:40:
37:01:7d:f8:70:03:13:82:a6:87:14:da:6a:32:58:02:94:69:
ee:45:5c:2c:13:2a:7b:cf:55:27:a1:28:55:a9:c8:2a:c9:c7:
1b:d5:30:6c:98:a7:0c:53:bd:6d:ad:b0:db:2b:44:eb:2d:4a:
0c:d1:b9:3c:f3:bd:ed:7c:ba:b5:ff:9b:3e:1e:02:50:26:43:
90:04:91:da:ec:49:92:7d:4a:16:4c:c6:4f:ba:c5:57:00:87:
55:84:bb:26:8a:39:9b:24:00:2c:5b:3d:df:c2:10:9d:bc:46:
ab:6c:83:51:d6:5c:02:02:82:3d:38:03:a1:c0:8d:3f:12:31:
de:6f:38:42:0a:d5:e6:82:7c:56:f6:0f:1f:93:29:bd:36:89:
e0:2d:e6:b2:3c:ca:64:57:c9:96:cb:48:7c:45:35:20:6e:d8:
45:4a:20:bc:73:bf:f7:fa:a5:20:94:12:47:5b:50:01:c9:f6:
4c:77:d4:20:fd:db:35:ad:14:52:fb:36:81:a9:19:e8:5e:be:
e8:47:97:81:4d:bd:8c:89:cc:8f:78:84:57:13:b8:95:6e:51:
6a:5a:8b:62:e1:d4:e3:c9:cb:af:15:61:e4:4c:fe:7b:c3:57:
dd:d5:9c:32
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUWbK9R07PLBfA7+l9mrNTy3BH9BQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjA0MDYwNzMwMDNaFw0yNzA0MDUwNzM1MDNaMDMxMTAvBgNV
BAMTKEE2NjFGNTBFQzZGM0JBRkE3NjI3RTg4OUM1OUYyRUMxQkI3MEIwOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsIXWbyg1J28hQdRYEsN+TQiuT
3vJ7kRxJqudI2131mtyWgq6iZ7krcwc7Vb1g9FqaqryIPaCFIlbwiQcnRyNdIV8/
YpVOvwapPhFxCJMRJZvYl9odTz5yhPHdeovxC2g+7fi14EeOKjNahKm83wrIkHKC
XH2vLhOO69MvipODoidHG6JwU+LQ2hg38Za6DqgSFiP2/ybXkcRSCUxjzjBr3/OT
Uat5CkclJPV3TMmKJ4la0wE9ScLvNsIH0Vi1ir0GujyD/kKO+cQLK9mkvE563Adi
WnIsr3F7DndRxNfX9FWMmZwA5LXykjVVASjT8JL92jS+07XQVwnTdSHBNwgbAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUpmH1Dsbzuvp2J+iJxZ8uwbtwsJEwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTMwMzkyZTMyMzMz
NjJlMzYzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMzM0MzMzOC5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAG3sPTANBgkqhkiG9w0BAQsFAAOCAQEAb8mYDvRrNDK/JJoyOVAvf6ZA
NwF9+HADE4KmhxTaajJYApRp7kVcLBMqe89VJ6EoVanIKsnHG9UwbJinDFO9ba2w
2ytE6y1KDNG5PPO97Xy6tf+bPh4CUCZDkASR2uxJkn1KFkzGT7rFVwCHVYS7Joo5
myQALFs938IQnbxGq2yDUdZcAgKCPTgDocCNPxIx3m84QgrV5oJ8VvYPH5MpvTaJ
4C3msjzKZFfJlstIfEU1IG7YRUogvHO/9/qlIJQSR1tQAcn2THfUIP3bNa0UUvs2
gakZ6F6+6EeXgU29jInMj3iEVxO4lW5RalqLYuHU48nLrxVh5Ez+e8NX3dWcMg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:18:32 2026 by rpki-client