Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3134362e31392e3135362e302f32342d3234203d3e20313336373837.roa
File: 3134362e31392e3135362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: bAyTAAM0Eb3y00HCVtbk0m0Iy9Jsk2oYZ6Y76N8TXP4=
Subject key identifier: 6D:70:45:B8:52:2C:BC:95:BD:0A:8F:37:B1:3C:25:4D:F6:9E:29:A9
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 5FCBBBB31164D18792B8F6B695489DBF9515E7B1
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3134362e31392e3135362e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 24 Oct 2025 07:47:59 +0000
ROA not before: Fri 24 Oct 2025 07:42:59 +0000
ROA not after: Fri 23 Oct 2026 07:47:59 +0000
asID: 136787
IP address blocks: 146.19.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:cb:bb:b3:11:64:d1:87:92:b8:f6:b6:95:48:9d:bf:95:15:e7:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Oct 24 07:42:59 2025 GMT
Not After : Oct 23 07:47:59 2026 GMT
Subject: CN=6D7045B8522CBC95BD0A8F37B13C254DF69E29A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c3:40:4c:0f:c6:68:ec:f2:e5:ee:6e:f3:6c:
5c:7a:cb:81:79:1a:4b:12:2f:5d:32:fe:1a:1c:27:
23:67:4c:56:30:3c:f8:ff:f1:d5:ea:64:49:6f:55:
29:31:18:1d:6a:e9:4f:40:44:23:68:27:1e:8e:2d:
f5:82:1d:5e:76:13:2b:6f:61:8d:e4:75:89:ad:ab:
fb:89:e9:db:d5:81:f5:30:6a:4c:1a:19:d8:a9:83:
86:6f:e5:24:09:1e:b0:44:d0:5b:35:ab:d8:14:8a:
0c:39:5c:6f:26:1a:5f:e2:8f:e1:c5:73:bf:e8:11:
6c:89:a0:fd:f0:30:65:60:bc:81:b9:63:cd:12:28:
06:22:bc:f1:6c:b5:8c:33:8d:6a:f1:ef:9d:d4:8b:
d3:34:c7:c8:2b:6f:d1:0d:9a:57:ee:3d:be:ca:05:
bf:82:f6:40:26:93:1d:ea:0d:a6:13:aa:ed:33:f5:
a2:85:2b:72:e0:f2:76:e2:b9:e9:fa:91:59:2d:ac:
f9:5d:12:ed:e7:e8:e6:0b:e7:91:a9:60:f3:ce:ab:
cb:b5:65:4d:0e:8e:3e:12:1c:0f:01:37:fb:d9:5d:
31:8a:8d:61:38:09:2c:b0:6e:c8:73:03:f2:a5:a0:
e4:2e:44:64:09:bc:5d:88:34:bd:f9:eb:0b:04:29:
1a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:70:45:B8:52:2C:BC:95:BD:0A:8F:37:B1:3C:25:4D:F6:9E:29:A9
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3134362e31392e3135362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.156.0/24
Signature Algorithm: sha256WithRSAEncryption
26:53:0e:47:bb:ce:92:81:95:5b:aa:67:7d:a0:85:b9:e1:b8:
94:d8:f5:fe:0b:1d:90:99:f0:4d:88:ee:9b:72:b7:a4:a4:72:
f5:ad:1b:bd:7a:b2:69:17:be:e2:6d:94:c2:b5:b5:0e:bb:aa:
36:a6:23:a6:3e:ea:0b:07:4d:c0:9c:51:07:64:e6:f3:51:02:
ec:9b:64:6a:8d:6a:9a:79:5f:af:84:e4:bb:59:3b:9c:92:74:
16:ae:4b:90:09:e2:67:25:6d:b0:4a:04:60:e4:18:9d:38:21:
ea:4d:cf:4c:17:79:9d:d1:c7:64:bb:52:a9:95:71:37:26:7d:
35:a3:83:63:2c:5d:16:d8:b8:93:9f:3a:9e:4a:6e:d2:64:9a:
63:a5:81:70:b0:ca:20:ee:ea:10:b9:75:e4:c3:b3:9a:cb:a7:
d6:00:76:ee:0e:36:46:fc:97:f0:04:7e:b6:91:db:7b:4e:31:
4a:ea:ea:a6:25:ea:d7:10:d0:33:20:99:ae:56:44:85:de:b4:
a7:f6:79:97:8f:0b:77:55:d7:6a:80:e2:87:67:dc:10:1a:01:
01:bc:06:e6:7e:43:0f:ad:29:36:89:dd:13:96:4e:49:56:3e:
52:26:39:74:7e:69:52:d7:ee:9a:24:e4:a6:d9:24:51:4f:50:
2f:c9:47:8a
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUX8u7sxFk0YeSuPa2lUidv5UV57EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTEwMjQwNzQyNTlaFw0yNjEwMjMwNzQ3NTlaMDMxMTAvBgNV
BAMTKDZENzA0NUI4NTIyQ0JDOTVCRDBBOEYzN0IxM0MyNTRERjY5RTI5QTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjw0BMD8Zo7PLl7m7zbFx6y4F5
GksSL10y/hocJyNnTFYwPPj/8dXqZElvVSkxGB1q6U9ARCNoJx6OLfWCHV52Eytv
YY3kdYmtq/uJ6dvVgfUwakwaGdipg4Zv5SQJHrBE0Fs1q9gUigw5XG8mGl/ij+HF
c7/oEWyJoP3wMGVgvIG5Y80SKAYivPFstYwzjWrx753Ui9M0x8grb9ENmlfuPb7K
Bb+C9kAmkx3qDaYTqu0z9aKFK3Lg8nbiuen6kVktrPldEu3n6OYL55GpYPPOq8u1
ZU0Ojj4SHA8BN/vZXTGKjWE4CSywbshzA/KloOQuRGQJvF2INL356wsEKRrTAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUbXBFuFIsvJW9Co83sTwlTfaeKakwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM0MzYyZTMxMzky
ZTMxMzUzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAJITnDANBgkqhkiG9w0BAQsFAAOCAQEAJlMOR7vOkoGVW6pnfaCFueG4
lNj1/gsdkJnwTYjum3K3pKRy9a0bvXqyaRe+4m2UwrW1DruqNqYjpj7qCwdNwJxR
B2Tm81EC7Jtkao1qmnlfr4Tku1k7nJJ0Fq5LkAniZyVtsEoEYOQYnTgh6k3PTBd5
ndHHZLtSqZVxNyZ9NaODYyxdFti4k586nkpu0mSaY6WBcLDKIO7qELl15MOzmsun
1gB27g42RvyX8AR+tpHbe04xSurqpiXq1xDQMyCZrlZEhd60p/Z5l48Ld1XXaoDi
h2fcEBoBAbwG5n5DD60pNondE5ZOSVY+UiY5dH5pUtfumiTkptkkUU9QL8lHig==
-----END CERTIFICATE-----
Generated at Tue Nov 4 19:45:30 2025 by rpki-client