Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3134372e35342e302f32342d3234203d3e20313336373837.roa
File: 3138352e3134372e35342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: TKN8RPXEtCYL9qqgQfbwt2FZwoTwVFkGIg4aeM2Udk0=
Subject key identifier: EF:89:43:2E:1E:55:E0:A7:61:DA:5D:FA:5B:1C:F9:E4:9B:55:94:1B
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 7D76382620B7341FAD79980CD42A9A72AB547501
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3134372e35342e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 23 Oct 2025 14:47:57 +0000
ROA not before: Thu 23 Oct 2025 14:42:57 +0000
ROA not after: Thu 22 Oct 2026 14:47:57 +0000
asID: 136787
IP address blocks: 185.147.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:76:38:26:20:b7:34:1f:ad:79:98:0c:d4:2a:9a:72:ab:54:75:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Oct 23 14:42:57 2025 GMT
Not After : Oct 22 14:47:57 2026 GMT
Subject: CN=EF89432E1E55E0A761DA5DFA5B1CF9E49B55941B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f5:17:f6:b8:d2:e8:9a:c6:a9:a5:75:2c:c8:
94:2b:c5:4a:ac:b2:07:41:37:b6:f6:40:22:aa:c8:
f0:78:d9:ee:0e:9e:b4:4f:45:99:2f:e7:79:9d:ab:
58:92:6a:50:3a:db:d5:5b:a3:99:82:8b:53:ba:58:
c5:e9:e1:d1:34:c8:cc:ba:e1:f5:4f:3e:08:6a:24:
f0:9b:65:1d:ac:65:94:2f:f6:cd:33:c4:89:fb:05:
b8:07:f4:97:9a:cf:5d:95:c7:c3:af:2d:8b:28:72:
1c:e3:a2:a9:ea:a0:11:71:2a:e8:04:05:04:a9:4f:
ba:9e:b4:4a:00:25:4d:63:fe:d3:32:04:e8:60:0b:
02:0c:60:05:83:62:cf:95:bc:ff:49:60:a7:38:19:
f4:9a:21:86:c0:22:eb:e4:7b:d6:80:cc:69:62:89:
3f:85:75:c4:3c:7d:0d:08:2b:2f:5c:0f:e0:3f:06:
e1:4a:0b:9a:a2:5d:86:58:cb:8f:2a:c8:f5:c8:2d:
85:83:a4:62:2d:59:21:a4:73:b8:32:b8:fa:7c:02:
b2:4a:be:3b:ad:34:c9:31:b3:d6:8c:a6:6a:8b:14:
9a:a8:37:4c:88:99:f0:15:98:6f:21:fa:23:26:83:
0b:bd:ac:da:e4:da:e1:aa:81:e4:8c:fe:02:c5:a7:
81:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:89:43:2E:1E:55:E0:A7:61:DA:5D:FA:5B:1C:F9:E4:9B:55:94:1B
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3134372e35342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.54.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:3b:98:68:2f:fa:37:85:59:0e:91:d4:25:ff:49:5e:60:0e:
36:d7:3e:db:21:e7:f8:6a:16:04:c8:7c:3a:d8:3f:ff:07:c8:
62:93:06:bd:94:85:a2:63:07:d7:bd:a5:5e:34:83:7c:96:ee:
76:1b:5b:5d:8f:47:d0:f3:f5:9c:0d:01:af:bd:de:80:02:56:
05:cf:9a:2e:07:d5:f9:cd:51:1b:7a:79:79:b4:da:ee:e4:a7:
74:c4:89:e9:c6:be:42:10:e0:67:d1:50:59:44:e3:f8:eb:6d:
9e:28:78:b1:18:74:6d:40:d1:5b:35:10:ee:c0:7e:18:2c:79:
b0:4b:bd:20:81:97:d4:31:b3:68:71:15:dc:91:85:e9:a1:74:
68:5d:ac:fc:fa:35:5e:90:e7:a5:78:d8:e4:39:cb:8f:2d:9c:
77:2d:e4:1b:a5:41:88:9f:93:2a:74:a2:24:27:21:f1:79:67:
32:0c:2b:ff:7f:d7:86:3e:ef:ae:ad:09:ac:50:04:cc:9a:73:
6c:46:6e:c7:be:2b:8f:71:0c:4d:0f:66:70:1a:1f:11:a0:c7:
c8:a0:9a:c2:d8:77:6b:a6:67:8b:48:7b:d8:26:c4:18:fb:c8:
f7:db:4d:17:b6:6d:ba:fb:26:f4:30:1b:99:92:87:17:98:33:
a3:8a:a0:75
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUfXY4JiC3NB+teZgM1CqacqtUdQEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTEwMjMxNDQyNTdaFw0yNjEwMjIxNDQ3NTdaMDMxMTAvBgNV
BAMTKEVGODk0MzJFMUU1NUUwQTc2MURBNURGQTVCMUNGOUU0OUI1NTk0MUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF9Rf2uNLomsappXUsyJQrxUqs
sgdBN7b2QCKqyPB42e4OnrRPRZkv53mdq1iSalA629Vbo5mCi1O6WMXp4dE0yMy6
4fVPPghqJPCbZR2sZZQv9s0zxIn7BbgH9Jeaz12Vx8OvLYsochzjoqnqoBFxKugE
BQSpT7qetEoAJU1j/tMyBOhgCwIMYAWDYs+VvP9JYKc4GfSaIYbAIuvke9aAzGli
iT+FdcQ8fQ0IKy9cD+A/BuFKC5qiXYZYy48qyPXILYWDpGItWSGkc7gyuPp8ArJK
vjutNMkxs9aMpmqLFJqoN0yImfAVmG8h+iMmgwu9rNrk2uGqgeSM/gLFp4ElAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU74lDLh5V4Kdh2l36Wxz55JtVlBswHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzQz
NzJlMzUzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmTNjANBgkqhkiG9w0BAQsFAAOCAQEAszuYaC/6N4VZDpHUJf9JXmAO
Ntc+2yHn+GoWBMh8Otg//wfIYpMGvZSFomMH172lXjSDfJbudhtbXY9H0PP1nA0B
r73egAJWBc+aLgfV+c1RG3p5ebTa7uSndMSJ6ca+QhDgZ9FQWUTj+Ottnih4sRh0
bUDRWzUQ7sB+GCx5sEu9IIGX1DGzaHEV3JGF6aF0aF2s/Po1XpDnpXjY5DnLjy2c
dy3kG6VBiJ+TKnSiJCch8XlnMgwr/3/Xhj7vrq0JrFAEzJpzbEZux74rj3EMTQ9m
cBofEaDHyKCawth3a6Zni0h72CbEGPvI99tNF7Ztuvsm9DAbmZKHF5gzo4qgdQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 19:43:08 2025 by rpki-client