Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3135372e39372e3133342e302f32342d3234203d3e20313437303439.roa
File: 3135372e39372e3133342e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: 6bYFEBHaHS4yUJqA2harSjfj1L32/E3Sn23GoiLAs6Y=
Subject key identifier: 0A:9C:C6:C0:36:1C:B1:1B:50:CD:88:93:62:4D:53:44:D8:C9:5B:89
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4FC6ED2F115ABFCC210F8C20694F6F82EE7EE401
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3135372e39372e3133342e302f32342d3234203d3e20313437303439.roa
Signing time: Mon 29 Dec 2025 09:50:33 +0000
ROA not before: Mon 29 Dec 2025 09:45:33 +0000
ROA not after: Mon 28 Dec 2026 09:50:33 +0000
asID: 147049
IP address blocks: 157.97.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:c6:ed:2f:11:5a:bf:cc:21:0f:8c:20:69:4f:6f:82:ee:7e:e4:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 29 09:45:33 2025 GMT
Not After : Dec 28 09:50:33 2026 GMT
Subject: CN=0A9CC6C0361CB11B50CD8893624D5344D8C95B89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:78:88:b3:02:47:ac:27:eb:3e:88:7f:a5:0d:
4c:43:8d:21:a6:5b:fb:2f:6a:9f:86:04:8b:8a:60:
86:6c:4b:f5:e4:e5:3c:f7:2a:f4:fe:91:4d:aa:9d:
e8:16:74:7e:b6:2f:92:e4:79:42:56:52:87:85:76:
73:f8:4e:00:e8:97:57:de:75:61:47:38:ca:b4:a2:
6d:69:95:e3:81:9b:62:b5:33:eb:58:bf:e3:32:59:
fd:f6:5b:7b:cf:a9:a8:f1:40:e6:1a:8f:f3:ee:9d:
71:86:ba:50:98:6f:21:ba:c3:2f:14:b0:8b:22:0d:
a0:3e:f2:de:89:26:e9:90:d3:6b:1f:43:15:a9:7b:
54:67:34:ee:53:a4:6f:ed:17:b1:38:2a:79:a8:c7:
da:a5:f4:f7:b7:67:77:71:d3:05:aa:91:d8:98:5c:
d2:fe:15:02:c5:83:d3:5f:3a:2b:34:73:d4:e5:00:
0a:e4:58:c6:9f:63:f7:c8:4a:13:f7:e0:5b:a1:4d:
cf:12:12:a1:e7:17:b3:1a:64:8f:df:a7:bd:dd:00:
46:12:d8:de:5f:32:a7:d4:28:ce:fa:d7:1d:4e:23:
c6:2f:9d:2f:f2:f5:8f:8a:9b:31:90:69:e1:6c:40:
c5:22:66:e8:d5:62:f8:12:2d:93:43:f1:83:80:17:
ad:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:9C:C6:C0:36:1C:B1:1B:50:CD:88:93:62:4D:53:44:D8:C9:5B:89
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3135372e39372e3133342e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.134.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:5a:47:f9:af:53:2b:a6:c8:3b:a2:6a:29:ec:ac:3c:62:5f:
21:0d:30:dd:f8:a5:47:f5:86:f1:5e:09:4b:56:11:92:68:7f:
1c:e4:16:c2:a3:e1:b2:12:ff:23:76:ea:98:69:28:ac:69:20:
f6:89:ba:d9:07:4d:e3:32:57:0f:d4:2e:78:fd:32:90:82:da:
60:a7:bc:e4:d9:34:54:e8:f4:a0:0b:81:b8:d6:10:2e:c3:04:
9d:02:5d:75:27:8c:52:39:ba:61:f5:e6:0e:1b:aa:75:4d:36:
92:1c:f3:54:89:ec:bb:62:82:d9:f0:67:f2:52:b3:14:0c:13:
06:29:40:c9:1c:b2:c1:0a:27:05:99:19:03:42:59:7f:3f:60:
32:95:6e:96:a2:56:0d:e1:3b:de:ad:1a:88:fd:30:e2:5a:a2:
eb:10:88:9f:6d:7e:69:b1:6c:3c:1b:82:a6:76:47:54:b6:3b:
af:22:31:0e:76:ee:e4:ec:5e:5a:be:0d:61:a8:a9:6e:df:c3:
6d:f9:82:d0:be:15:b0:88:29:42:09:47:3c:08:28:e3:e7:ca:
ea:10:9c:31:d7:03:71:ea:b8:4e:ca:f0:1b:4b:bb:c7:eb:c6:
75:a3:43:8f:9e:bf:77:c9:23:53:a9:da:8a:1d:93:df:56:37:
36:48:c2:3d
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUT8btLxFav8whD4wgaU9vgu5+5AEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTEyMjkwOTQ1MzNaFw0yNjEyMjgwOTUwMzNaMDMxMTAvBgNV
BAMTKDBBOUNDNkMwMzYxQ0IxMUI1MENEODg5MzYyNEQ1MzQ0RDhDOTVCODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmeIizAkesJ+s+iH+lDUxDjSGm
W/svap+GBIuKYIZsS/Xk5Tz3KvT+kU2qnegWdH62L5LkeUJWUoeFdnP4TgDol1fe
dWFHOMq0om1pleOBm2K1M+tYv+MyWf32W3vPqajxQOYaj/PunXGGulCYbyG6wy8U
sIsiDaA+8t6JJumQ02sfQxWpe1RnNO5TpG/tF7E4Knmox9ql9Pe3Z3dx0wWqkdiY
XNL+FQLFg9NfOis0c9TlAArkWMafY/fIShP34FuhTc8SEqHnF7MaZI/fp73dAEYS
2N5fMqfUKM761x1OI8YvnS/y9Y+KmzGQaeFsQMUiZujVYvgSLZND8YOAF62HAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUCpzGwDYcsRtQzYiTYk1TRNjJW4kwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM1MzcyZTM5Mzcy
ZTMxMzMzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNzMwMzQzOS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAJ1hhjANBgkqhkiG9w0BAQsFAAOCAQEAb1pH+a9TK6bIO6JqKeysPGJf
IQ0w3filR/WG8V4JS1YRkmh/HOQWwqPhshL/I3bqmGkorGkg9om62QdN4zJXD9Qu
eP0ykILaYKe85Nk0VOj0oAuBuNYQLsMEnQJddSeMUjm6YfXmDhuqdU02khzzVIns
u2KC2fBn8lKzFAwTBilAyRyywQonBZkZA0JZfz9gMpVulqJWDeE73q0aiP0w4lqi
6xCIn21+abFsPBuCpnZHVLY7ryIxDnbu5OxeWr4NYaipbt/DbfmC0L4VsIgpQglH
PAgo4+fK6hCcMdcDceq4TsrwG0u7x+vGdaNDj56/d8kjU6naih2T31Y3NkjCPQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:47:20 2026 by rpki-client