Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e3130302e34332e302f32342d3234203d3e20313437303439.roa
File: 3137362e3130302e34332e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: PVUxZCfsN1kuxcwiKuuldRtqDNAW+6pgQejnh+cQ2cQ=
Subject key identifier: A7:67:A1:DD:2E:E2:03:30:10:CB:92:A9:B9:09:8D:C7:38:40:E3:7E
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 5EF3E0B439AE76AED09ABBF1F103B9464608AC44
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e3130302e34332e302f32342d3234203d3e20313437303439.roa
Signing time: Thu 23 Oct 2025 14:47:57 +0000
ROA not before: Thu 23 Oct 2025 14:42:57 +0000
ROA not after: Thu 22 Oct 2026 14:47:57 +0000
asID: 147049
IP address blocks: 176.100.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:f3:e0:b4:39:ae:76:ae:d0:9a:bb:f1:f1:03:b9:46:46:08:ac:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Oct 23 14:42:57 2025 GMT
Not After : Oct 22 14:47:57 2026 GMT
Subject: CN=A767A1DD2EE2033010CB92A9B9098DC73840E37E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:64:49:49:95:8e:55:f9:6a:e9:6c:62:bd:46:
10:00:58:f7:0f:68:4b:7c:e1:5a:cf:80:ab:1e:99:
45:3f:3f:a9:57:7e:f9:c3:df:a4:c7:c8:3e:b4:ee:
fc:95:63:c4:2d:08:76:8d:85:ad:57:87:71:18:c8:
af:ac:01:97:f4:96:29:ac:1c:b3:36:e7:f9:0f:1b:
7a:3e:55:cb:01:00:f8:2e:71:96:d1:52:6a:aa:44:
ef:3a:3c:50:e4:7a:12:1d:a6:0f:73:9b:58:9e:6b:
18:59:7c:8c:a4:43:1c:a4:70:92:bd:a2:d2:43:6d:
c4:f0:d6:7e:df:97:6f:88:3a:37:5f:be:af:88:06:
00:28:94:22:aa:51:bb:a4:95:f3:d2:ab:61:cd:a4:
aa:2f:1e:64:47:df:6f:5e:f5:4b:a4:04:9f:3d:c1:
71:9c:c1:df:e0:53:1a:9c:43:83:fc:77:e6:77:d1:
44:5a:a7:80:3e:aa:d1:cd:68:24:39:52:ad:c2:b3:
fc:99:23:a2:a0:46:04:ca:03:1d:8c:75:d1:f3:c2:
f8:e3:4b:15:86:98:0e:c0:92:80:aa:b0:28:ff:50:
5a:0c:0d:1d:40:46:0e:fb:95:76:e7:89:59:b0:14:
07:2e:22:4f:84:b4:21:81:7f:e5:55:6e:3f:14:85:
ed:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:67:A1:DD:2E:E2:03:30:10:CB:92:A9:B9:09:8D:C7:38:40:E3:7E
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e3130302e34332e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.100.43.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:3c:70:78:53:de:cd:0f:aa:aa:43:fb:5a:b0:b3:e9:df:2c:
86:cd:7e:5b:35:60:7e:25:05:eb:15:9c:d2:90:c6:24:5a:37:
f7:b7:68:17:18:29:75:b4:7a:d8:ec:6e:bc:bd:54:ca:76:43:
30:8f:f1:b8:4e:06:4e:d5:95:27:65:b8:43:94:f1:6f:30:53:
60:96:56:e4:44:87:0a:53:9a:48:bd:86:a1:5d:4c:47:72:ad:
59:9f:27:28:75:03:41:b6:86:15:76:6e:0c:3b:4a:fe:dc:97:
2d:81:9b:7f:a9:13:ec:b9:da:27:7a:bd:1e:9c:c4:8a:5c:1c:
15:59:21:31:01:b0:ef:df:a2:84:0d:4e:1b:6c:ff:2e:36:ac:
6e:52:67:0a:94:d9:b5:26:c2:8e:de:54:4b:7b:b1:3b:39:2f:
cd:83:10:6c:7b:50:46:ee:a5:49:78:7d:c7:e0:3f:35:dc:73:
a1:96:05:56:9b:cd:58:3c:ab:95:c8:7b:88:b4:ff:98:16:35:
8c:16:2e:9c:3f:14:3b:e6:90:21:df:f3:28:fa:94:af:fe:66:
13:b7:35:fc:19:8d:15:c9:31:b9:fe:be:a4:dc:47:57:60:b8:
b7:44:7d:99:10:fb:49:f6:9f:39:e8:14:70:f2:f7:bc:6d:ac:
01:f8:1f:b7
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUXvPgtDmudq7Qmrvx8QO5RkYIrEQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTEwMjMxNDQyNTdaFw0yNjEwMjIxNDQ3NTdaMDMxMTAvBgNV
BAMTKEE3NjdBMUREMkVFMjAzMzAxMENCOTJBOUI5MDk4REM3Mzg0MEUzN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDZElJlY5V+WrpbGK9RhAAWPcP
aEt84VrPgKsemUU/P6lXfvnD36THyD607vyVY8QtCHaNha1Xh3EYyK+sAZf0lims
HLM25/kPG3o+VcsBAPgucZbRUmqqRO86PFDkehIdpg9zm1ieaxhZfIykQxykcJK9
otJDbcTw1n7fl2+IOjdfvq+IBgAolCKqUbuklfPSq2HNpKovHmRH329e9UukBJ89
wXGcwd/gUxqcQ4P8d+Z30URap4A+qtHNaCQ5Uq3Cs/yZI6KgRgTKAx2MddHzwvjj
SxWGmA7AkoCqsCj/UFoMDR1ARg77lXbniVmwFAcuIk+EtCGBf+VVbj8Uhe3PAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUp2eh3S7iAzAQy5KpuQmNxzhA434wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM3MzYyZTMxMzAz
MDJlMzQzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNzMwMzQzOS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALBkKzANBgkqhkiG9w0BAQsFAAOCAQEAbDxweFPezQ+qqkP7WrCz6d8s
hs1+WzVgfiUF6xWc0pDGJFo397doFxgpdbR62OxuvL1UynZDMI/xuE4GTtWVJ2W4
Q5TxbzBTYJZW5ESHClOaSL2GoV1MR3KtWZ8nKHUDQbaGFXZuDDtK/tyXLYGbf6kT
7LnaJ3q9HpzEilwcFVkhMQGw79+ihA1OG2z/LjasblJnCpTZtSbCjt5US3uxOzkv
zYMQbHtQRu6lSXh9x+A/NdxzoZYFVpvNWDyrlch7iLT/mBY1jBYunD8UO+aQId/z
KPqUr/5mE7c1/BmNFckxuf6+pNxHV2C4t0R9mRD7SfafOegUcPL3vG2sAfgftw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 19:43:14 2025 by rpki-client