Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136342e3130382e302f32332d3234203d3e203437353833.roa
File: 3138352e3136342e3130382e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: RratLz3yF5Ou+C6GAGsEw1rbfYTO9BEYeGgo9nzHHpE=
Subject key identifier: 7E:B3:58:3D:05:53:CE:68:C3:CA:1E:B7:0A:95:9C:0E:D6:EF:A4:E1
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 7DC2133AF6EA39ECB79DF3E378A6C3951BF6B1D3
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136342e3130382e302f32332d3234203d3e203437353833.roa
Signing time: Thu 16 Apr 2026 11:23:40 +0000
ROA not before: Thu 16 Apr 2026 11:18:40 +0000
ROA not after: Thu 15 Apr 2027 11:23:40 +0000
asID: 47583
IP address blocks: 185.164.108.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:c2:13:3a:f6:ea:39:ec:b7:9d:f3:e3:78:a6:c3:95:1b:f6:b1:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Apr 16 11:18:40 2026 GMT
Not After : Apr 15 11:23:40 2027 GMT
Subject: CN=7EB3583D0553CE68C3CA1EB70A959C0ED6EFA4E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:de:6f:65:fe:c7:fa:74:98:0d:35:e7:92:22:
52:28:21:11:81:61:8f:02:82:b9:36:b1:a1:2a:62:
78:44:c7:8a:32:27:c8:27:4e:f2:13:85:2d:b4:5c:
c4:8f:fd:d5:3c:9a:bd:d2:9d:1e:a4:0a:c9:3f:9d:
87:ea:84:f2:aa:c6:fd:21:24:2e:48:38:de:9e:65:
0b:02:d6:62:ab:0e:91:d3:d5:54:7c:5d:d5:53:c0:
46:0b:77:8b:c1:dd:46:73:cf:5b:ef:dd:f8:ba:d0:
d6:d3:b2:4c:d8:da:da:92:9d:9e:bc:67:ad:58:ba:
2d:25:07:2a:39:41:c6:c2:9a:b4:e7:26:86:68:8b:
26:8a:e3:0d:ec:ab:27:d1:8f:57:76:6a:69:9f:e3:
7a:25:10:c8:26:10:4b:63:c9:67:7f:87:27:30:6f:
7e:10:85:9f:dc:7e:02:2f:04:df:74:6f:11:51:e3:
a8:45:99:49:bf:b2:8b:1f:f0:c0:12:38:04:72:f9:
e9:a4:1a:94:a6:00:16:e0:f8:c6:fd:7e:12:fb:a6:
5e:b0:69:23:e8:b4:39:00:e0:80:0f:d1:c3:2b:42:
df:c0:41:9f:bb:c4:51:6a:3a:f6:4e:d6:fc:d0:23:
04:7c:6b:07:12:ca:12:d7:1b:0b:19:3e:4f:33:3f:
3e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:B3:58:3D:05:53:CE:68:C3:CA:1E:B7:0A:95:9C:0E:D6:EF:A4:E1
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136342e3130382e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.108.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:38:b7:6d:14:50:5e:9f:67:3a:06:7e:1b:da:af:00:ea:85:
d8:2c:3e:f1:9d:73:ef:da:1b:74:87:66:d1:3f:e0:a9:61:f1:
2f:4d:57:f9:df:4c:a9:58:1a:e7:be:98:1b:a7:50:4c:6a:a9:
b5:25:9e:e9:c3:f7:51:ed:c2:7a:6c:2a:2b:83:78:db:1d:25:
bf:07:8f:2e:ac:46:3a:5a:a7:81:80:87:7d:62:38:34:0a:c1:
66:6f:8f:be:5a:d4:42:3a:83:96:39:5d:5d:58:31:6d:60:20:
64:c0:3e:e8:78:0e:0e:9c:08:23:3c:88:ed:ff:dd:b3:92:21:
8f:de:9b:9b:06:a3:20:2f:50:b7:ac:3e:de:b0:27:7d:c8:c0:
41:dc:70:6a:97:87:76:3a:de:9e:fc:a5:b9:33:55:23:51:65:
00:8f:89:88:8d:c9:c8:2b:bf:29:f9:eb:79:da:34:98:e9:74:
3c:45:5a:34:4d:7a:16:9d:dd:d2:d4:49:5e:10:ea:ba:28:84:
68:2d:f9:4e:bf:5b:7a:dc:62:a1:a4:35:2c:57:01:50:ad:f1:
06:22:79:2e:ee:a8:b3:10:81:3f:37:f6:7b:ba:40:64:b8:fc:
e8:b9:10:ab:76:f7:ac:4c:96:c0:60:99:3c:b1:20:02:63:45:
02:12:52:af
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUfcITOvbqOey3nfPjeKbDlRv2sdMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjA0MTYxMTE4NDBaFw0yNzA0MTUxMTIzNDBaMDMxMTAvBgNV
BAMTKDdFQjM1ODNEMDU1M0NFNjhDM0NBMUVCNzBBOTU5QzBFRDZFRkE0RTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp3m9l/sf6dJgNNeeSIlIoIRGB
YY8Cgrk2saEqYnhEx4oyJ8gnTvIThS20XMSP/dU8mr3SnR6kCsk/nYfqhPKqxv0h
JC5ION6eZQsC1mKrDpHT1VR8XdVTwEYLd4vB3UZzz1vv3fi60NbTskzY2tqSnZ68
Z61Yui0lByo5QcbCmrTnJoZoiyaK4w3sqyfRj1d2ammf43olEMgmEEtjyWd/hycw
b34QhZ/cfgIvBN90bxFR46hFmUm/sosf8MASOARy+emkGpSmABbg+Mb9fhL7pl6w
aSPotDkA4IAP0cMrQt/AQZ+7xFFqOvZO1vzQIwR8awcSyhLXGwsZPk8zPz6NAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUfrNYPQVTzmjDyh63CpWcDtbvpOEwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
NDJlMzEzMDM4MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzQzNzM1MzgzMy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAbmkbDANBgkqhkiG9w0BAQsFAAOCAQEATTi3bRRQXp9nOgZ+G9qvAOqF
2Cw+8Z1z79obdIdm0T/gqWHxL01X+d9MqVga576YG6dQTGqptSWe6cP3Ue3Cemwq
K4N42x0lvwePLqxGOlqngYCHfWI4NArBZm+PvlrUQjqDljldXVgxbWAgZMA+6HgO
DpwIIzyI7f/ds5Ihj96bmwajIC9Qt6w+3rAnfcjAQdxwapeHdjrenvyluTNVI1Fl
AI+JiI3JyCu/Kfnredo0mOl0PEVaNE16Fp3d0tRJXhDquiiEaC35Tr9betxioaQ1
LFcBUK3xBiJ5Lu6osxCBPzf2e7pAZLj86LkQq3b3rEyWwGCZPLEgAmNFAhJSrw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:07:02 2026 by rpki-client