Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3134362e31392e38382e302f32342d3234203d3e20313336373837.roa
File: 3134362e31392e38382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 4ElvCQPfmwPZlOQpjnXEROi2/ByCZ2UHYNUuKI3ermw=
Subject key identifier: 5A:D8:F7:DF:BF:FA:32:57:30:61:B8:53:CF:2A:74:AA:09:D3:CC:DE
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 2E13D3C75F4CAB49C5B3FDB51427AE7470900F89
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3134362e31392e38382e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 24 Oct 2025 07:47:59 +0000
ROA not before: Fri 24 Oct 2025 07:42:59 +0000
ROA not after: Fri 23 Oct 2026 07:47:59 +0000
asID: 136787
IP address blocks: 146.19.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:13:d3:c7:5f:4c:ab:49:c5:b3:fd:b5:14:27:ae:74:70:90:0f:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Oct 24 07:42:59 2025 GMT
Not After : Oct 23 07:47:59 2026 GMT
Subject: CN=5AD8F7DFBFFA32573061B853CF2A74AA09D3CCDE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:04:45:ab:ff:9d:e0:bb:43:a8:53:09:60:6c:
ca:af:7d:db:3c:37:f2:d3:10:fc:16:dc:05:b7:18:
fe:7f:df:ef:de:54:3a:ac:69:3f:72:81:3f:ce:54:
e2:03:50:8b:bc:f5:97:65:a7:ef:1a:e2:9b:4b:26:
4f:36:ab:c2:6c:33:e9:90:d2:57:aa:36:c6:dc:d3:
68:3a:a7:e1:c8:17:70:2e:30:41:09:14:dd:67:7c:
a1:5b:1f:1a:b0:c5:05:08:02:39:cc:a9:1c:60:4c:
0f:35:bf:05:af:8d:01:e7:b5:60:dd:3a:c5:50:a6:
fc:c0:46:d4:0f:10:e7:ad:9c:8b:3e:7f:e3:2f:eb:
31:95:68:63:26:bf:f4:45:bf:7e:c5:6c:ae:c0:d0:
57:5e:17:5b:6b:36:e8:3a:40:03:bc:08:79:44:30:
3c:59:a9:d4:49:7f:25:f9:2e:72:44:a8:e9:1e:8e:
87:7b:60:fd:af:09:30:e9:8e:20:f7:bb:bb:05:c1:
1f:02:20:7b:5e:fa:21:2f:e5:65:a3:47:93:3e:57:
2c:6c:91:1a:48:02:2b:63:2f:ab:f9:47:b7:b7:12:
51:d3:2f:15:33:19:2a:d7:d5:fe:d4:a0:e0:d7:65:
3b:af:43:56:bd:c5:83:35:58:d3:03:3e:2a:f6:a5:
2c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:D8:F7:DF:BF:FA:32:57:30:61:B8:53:CF:2A:74:AA:09:D3:CC:DE
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3134362e31392e38382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.88.0/24
Signature Algorithm: sha256WithRSAEncryption
10:80:0d:b8:a7:f9:c4:93:0f:9e:7d:5b:97:12:9f:10:84:a9:
c0:02:5c:b8:8f:36:97:2c:ee:66:04:36:b4:3a:42:a1:3f:89:
70:ff:31:97:78:7f:e8:ec:a6:65:4d:2a:21:e2:bd:4c:fc:95:
f0:33:26:af:ea:30:fd:5f:de:03:1c:33:c5:e2:c5:18:eb:5c:
fc:d7:e0:d5:12:25:23:37:65:c6:0d:37:7c:f9:c3:68:67:2f:
ae:54:b4:02:09:93:bd:75:47:c4:bd:5c:8f:5b:52:98:f7:7f:
ff:97:69:db:1d:2d:a8:bb:01:b1:c4:c9:f9:8d:88:83:83:11:
4d:55:75:9c:7a:2d:98:05:63:90:90:cd:e7:d8:9b:c2:b2:ed:
bc:e2:f5:41:65:03:46:ca:8c:4b:60:d5:18:82:86:b0:24:de:
b8:ee:b1:c1:e6:ae:9d:20:f1:6d:7c:f4:11:c0:0d:2f:05:46:
9d:89:72:ae:f7:b9:ca:cf:aa:50:12:0e:3b:75:a3:bf:42:54:
e9:9a:e5:59:ea:99:be:21:97:97:ec:24:ca:13:43:59:73:f0:
ee:73:59:8a:80:4e:97:fa:ac:74:d7:f1:34:e1:9f:5c:28:ad:
2e:72:8a:aa:3c:24:30:22:d3:ce:86:19:e7:7d:2b:50:f8:d0:
b9:6b:cc:2e
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIULhPTx19Mq0nFs/21FCeudHCQD4kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTEwMjQwNzQyNTlaFw0yNjEwMjMwNzQ3NTlaMDMxMTAvBgNV
BAMTKDVBRDhGN0RGQkZGQTMyNTczMDYxQjg1M0NGMkE3NEFBMDlEM0NDREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQBEWr/53gu0OoUwlgbMqvfds8
N/LTEPwW3AW3GP5/3+/eVDqsaT9ygT/OVOIDUIu89Zdlp+8a4ptLJk82q8JsM+mQ
0leqNsbc02g6p+HIF3AuMEEJFN1nfKFbHxqwxQUIAjnMqRxgTA81vwWvjQHntWDd
OsVQpvzARtQPEOetnIs+f+Mv6zGVaGMmv/RFv37FbK7A0FdeF1trNug6QAO8CHlE
MDxZqdRJfyX5LnJEqOkejod7YP2vCTDpjiD3u7sFwR8CIHte+iEv5WWjR5M+Vyxs
kRpIAitjL6v5R7e3ElHTLxUzGSrX1f7UoODXZTuvQ1a9xYM1WNMDPir2pSzpAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUWtj337/6MlcwYbhTzyp0qgnTzN4wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM0MzYyZTMxMzky
ZTM4MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACSE1gwDQYJKoZIhvcNAQELBQADggEBABCADbin+cSTD559W5cSnxCEqcAC
XLiPNpcs7mYENrQ6QqE/iXD/MZd4f+jspmVNKiHivUz8lfAzJq/qMP1f3gMcM8Xi
xRjrXPzX4NUSJSM3ZcYNN3z5w2hnL65UtAIJk711R8S9XI9bUpj3f/+XadsdLai7
AbHEyfmNiIODEU1VdZx6LZgFY5CQzefYm8Ky7bzi9UFlA0bKjEtg1RiChrAk3rju
scHmrp0g8W189BHADS8FRp2Jcq73ucrPqlASDjt1o79CVOma5Vnqmb4hl5fsJMoT
Q1lz8O5zWYqATpf6rHTX8TThn1worS5yiqo8JDAi086GGed9K1D40LlrzC4=
-----END CERTIFICATE-----
Generated at Tue Nov 4 19:45:28 2025 by rpki-client