Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3136372e38382e34302e302f32312d3234203d3e203437353833.roa
File: 3136372e38382e34302e302f32312d3234203d3e203437353833.roa (raw, json)
Hash identifier: HZLo/PMDBP+yNVy8wgn1n+v3ag3L2wWPAPIBOBRwIu0=
Subject key identifier: F6:A3:A6:EE:BE:AE:1D:9A:7D:E0:DE:B6:F0:30:D5:DF:12:CE:8D:15
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 55AAA965571AADD110BD2863D49265EF4AE703B4
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3136372e38382e34302e302f32312d3234203d3e203437353833.roa
Signing time: Wed 29 Oct 2025 14:48:47 +0000
ROA not before: Wed 29 Oct 2025 14:43:47 +0000
ROA not after: Wed 28 Oct 2026 14:48:47 +0000
asID: 47583
IP address blocks: 167.88.40.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:aa:a9:65:57:1a:ad:d1:10:bd:28:63:d4:92:65:ef:4a:e7:03:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Oct 29 14:43:47 2025 GMT
Not After : Oct 28 14:48:47 2026 GMT
Subject: CN=F6A3A6EEBEAE1D9A7DE0DEB6F030D5DF12CE8D15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a1:cc:7e:fb:87:ff:b8:21:3c:b9:21:49:40:
ac:38:7e:02:16:fb:6b:19:74:65:3b:11:42:d1:ba:
02:6d:70:01:81:52:59:f0:d1:a0:0d:9b:a8:1e:16:
ee:48:fe:62:a2:5f:8f:14:35:56:f8:05:96:b4:27:
bd:f0:87:8b:f6:0e:db:de:9e:ae:83:88:91:f0:02:
c8:15:40:93:74:9e:e5:3c:f6:cd:a5:df:c0:64:06:
5d:cf:91:cd:52:a5:84:0b:1a:75:0e:7a:93:a7:0c:
13:16:02:10:d8:b5:18:0d:9c:ec:f5:fb:60:50:23:
c0:bc:d5:64:61:17:64:1f:a0:b0:79:0c:36:73:31:
8e:3e:ec:72:55:a6:30:0f:aa:05:83:62:d9:65:60:
dd:03:e3:39:e7:fd:f1:f7:df:7c:bf:8f:9b:e8:94:
04:5f:cb:65:e4:83:3d:41:8c:a8:3e:7f:63:30:f1:
e2:c6:5c:c8:87:0c:2d:e6:f5:df:97:69:af:61:08:
ac:fa:ec:af:4a:9b:a5:9e:d0:c0:f9:79:6f:f9:88:
ee:7c:27:bc:79:d2:03:d5:6a:18:eb:1e:7e:3b:83:
de:ff:af:2b:a1:7e:15:be:eb:fa:0f:b0:e3:d5:a4:
c9:fc:fc:aa:c9:12:ea:66:8d:1f:97:1e:b3:1e:d7:
b0:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:A3:A6:EE:BE:AE:1D:9A:7D:E0:DE:B6:F0:30:D5:DF:12:CE:8D:15
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3136372e38382e34302e302f32312d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.88.40.0/21
Signature Algorithm: sha256WithRSAEncryption
9c:8a:49:d5:dc:eb:65:9d:eb:04:14:de:5b:80:4f:47:65:c2:
1f:af:e7:51:ef:a3:32:2d:bf:84:4c:fc:f9:89:51:31:06:91:
bd:8f:9c:eb:4b:4f:11:39:66:80:26:0e:4c:73:f8:57:5f:ee:
1f:37:14:ea:3f:39:2e:91:ff:46:42:49:ae:5c:e7:f3:8c:cf:
6e:71:a1:ce:cb:3a:fb:bb:6f:58:83:e6:8b:de:8e:05:fa:10:
23:8e:0f:36:3a:19:59:40:48:bc:50:10:d0:d4:68:bf:87:fd:
02:f6:ca:69:56:00:09:94:ac:15:a5:24:3e:df:4b:f4:66:08:
e1:63:4c:4c:c3:2b:55:c4:26:6b:02:5b:75:65:7b:ac:1e:85:
26:ab:7b:2f:a1:51:25:9d:33:03:bd:4c:84:c9:27:30:bb:f3:
df:07:c8:59:8a:30:0a:d6:d8:f7:55:6a:82:78:89:a9:9e:de:
eb:79:09:6a:b2:28:c9:01:67:ac:78:dc:76:36:59:5a:43:9a:
80:99:4f:9e:e2:07:91:21:f9:ae:f8:d9:3f:da:7a:73:59:4d:
e9:e6:db:e8:c5:17:f7:e5:49:2e:55:8a:a0:49:dd:87:60:96:
e1:40:41:b7:fa:90:1b:d6:fb:52:22:b1:63:e5:7f:9c:a1:d1:
f9:ca:01:e2
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUVaqpZVcardEQvShj1JJl70rnA7QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTEwMjkxNDQzNDdaFw0yNjEwMjgxNDQ4NDdaMDMxMTAvBgNV
BAMTKEY2QTNBNkVFQkVBRTFEOUE3REUwREVCNkYwMzBENURGMTJDRThEMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLocx++4f/uCE8uSFJQKw4fgIW
+2sZdGU7EULRugJtcAGBUlnw0aANm6geFu5I/mKiX48UNVb4BZa0J73wh4v2Dtve
nq6DiJHwAsgVQJN0nuU89s2l38BkBl3Pkc1SpYQLGnUOepOnDBMWAhDYtRgNnOz1
+2BQI8C81WRhF2QfoLB5DDZzMY4+7HJVpjAPqgWDYtllYN0D4znn/fH333y/j5vo
lARfy2Xkgz1BjKg+f2Mw8eLGXMiHDC3m9d+Xaa9hCKz67K9Km6We0MD5eW/5iO58
J7x50gPVahjrHn47g97/ryuhfhW+6/oPsOPVpMn8/KrJEupmjR+XHrMe17CBAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQU9qOm7r6uHZp94N628DDV3xLOjRUwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM2MzcyZTM4Mzgy
ZTM0MzAyZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDp1goMA0GCSqGSIb3DQEBCwUAA4IBAQCciknV3OtlnesEFN5bgE9HZcIfr+dR
76MyLb+ETPz5iVExBpG9j5zrS08ROWaAJg5Mc/hXX+4fNxTqPzkukf9GQkmuXOfz
jM9ucaHOyzr7u29Yg+aL3o4F+hAjjg82OhlZQEi8UBDQ1Gi/h/0C9sppVgAJlKwV
pSQ+30v0ZgjhY0xMwytVxCZrAlt1ZXusHoUmq3svoVElnTMDvUyEyScwu/PfB8hZ
ijAK1tj3VWqCeImpnt7reQlqsijJAWeseNx2NllaQ5qAmU+e4geRIfmu+Nk/2npz
WU3p5tvoxRf35UkuVYqgSd2HYJbhQEG3+pAb1vtSIrFj5X+codH5ygHi
-----END CERTIFICATE-----
Generated at Tue Nov 4 19:40:02 2025 by rpki-client