Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137302e3139382e302f32332d3234203d3e203437353833.roa
File: 3138352e3137302e3139382e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: nD83kER8Y5fPcg1CgXBcvl7CJuUgJiqTyeGr0DYuZio=
Subject key identifier: 48:D1:44:D1:0D:6E:D0:A2:DC:E9:DE:7A:64:57:D0:EE:0D:EB:71:7C
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 72E1DBBAE0B60F2BB23701EBEBD924D61AC1437F
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137302e3139382e302f32332d3234203d3e203437353833.roa
Signing time: Thu 16 Apr 2026 11:23:40 +0000
ROA not before: Thu 16 Apr 2026 11:18:40 +0000
ROA not after: Thu 15 Apr 2027 11:23:40 +0000
asID: 47583
IP address blocks: 185.170.198.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:e1:db:ba:e0:b6:0f:2b:b2:37:01:eb:eb:d9:24:d6:1a:c1:43:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Apr 16 11:18:40 2026 GMT
Not After : Apr 15 11:23:40 2027 GMT
Subject: CN=48D144D10D6ED0A2DCE9DE7A6457D0EE0DEB717C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:be:b1:e9:fe:11:5e:2b:95:34:dd:b7:82:44:
ee:1f:31:37:c8:49:c1:e8:51:52:17:32:6d:6d:eb:
14:7e:0d:54:ab:7f:d1:3d:4d:4c:9c:0b:f7:8e:21:
0a:54:b8:de:45:a5:72:a7:b0:1c:48:a8:35:5c:b5:
1a:42:f9:5f:a6:30:97:af:6d:51:7b:ad:fc:34:e7:
3f:6d:44:01:00:0a:fa:c3:49:dd:d2:97:40:fc:84:
cd:e9:a2:33:96:54:9a:1d:a2:c5:03:bf:5f:dd:33:
17:9d:67:4e:39:8d:7a:61:d2:2c:c5:4f:6d:c7:ad:
3d:64:68:c0:01:51:96:22:06:e4:d1:9d:05:e4:89:
7c:f7:54:57:23:31:55:5b:c5:54:d9:6a:f0:84:99:
b4:56:d1:fd:dd:97:36:fa:a2:6a:22:ba:c9:35:70:
d6:55:dc:ab:69:76:96:0c:0b:73:c3:c2:66:e3:7f:
8a:3f:90:25:f6:f3:4e:f6:02:77:d0:ad:a7:c5:78:
a3:c5:d4:71:9e:20:82:02:95:aa:fc:92:32:68:a0:
2c:af:24:68:bd:ba:95:57:51:cc:da:05:b9:6e:a7:
b3:86:94:93:30:44:c9:d6:dc:ab:99:ed:eb:17:0f:
b7:53:4d:3c:6c:66:a3:68:58:d9:fd:c4:01:1f:7a:
78:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:D1:44:D1:0D:6E:D0:A2:DC:E9:DE:7A:64:57:D0:EE:0D:EB:71:7C
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137302e3139382e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.198.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:df:5e:44:d3:94:08:63:ba:d3:8e:af:65:68:b4:52:54:5b:
81:09:3b:11:19:d7:58:76:82:7a:2b:a1:f0:e9:dc:fa:f7:94:
3b:09:06:a8:8c:0c:dc:a4:50:b4:36:a6:1b:ca:30:1e:cb:ed:
86:e1:a0:c6:83:5e:e7:95:9b:80:9d:78:d5:6a:02:a3:e3:ff:
20:ec:c5:48:85:52:0d:0d:30:c2:31:bc:29:27:1a:21:38:db:
24:60:45:16:05:c6:a1:d3:7d:10:0b:ea:c4:60:bd:d0:b4:7b:
58:57:1e:21:32:f5:52:86:22:79:64:42:68:e6:bb:95:aa:d5:
78:59:f6:8a:0a:fb:6c:75:8e:87:f0:82:53:cf:a2:98:69:16:
42:e2:ef:08:b5:dc:ef:1e:50:87:e0:a2:88:f2:bc:94:02:ab:
b7:83:76:d7:9d:6f:de:b9:33:89:b5:68:10:5c:26:e4:dd:c7:
f9:aa:2a:79:00:15:06:9a:f5:b4:ce:38:e1:4c:30:a4:aa:5b:
da:0f:9d:3c:32:26:93:18:bb:03:14:9d:85:25:99:34:2d:60:
1a:a2:a6:88:f6:81:11:d1:7d:88:69:67:ba:4b:2d:89:7b:1f:
de:4c:64:b2:f3:41:d0:15:d2:a2:88:50:e6:43:56:0c:f9:ab:
43:d4:72:39
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUcuHbuuC2DyuyNwHr69kk1hrBQ38wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjA0MTYxMTE4NDBaFw0yNzA0MTUxMTIzNDBaMDMxMTAvBgNV
BAMTKDQ4RDE0NEQxMEQ2RUQwQTJEQ0U5REU3QTY0NTdEMEVFMERFQjcxN0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+vrHp/hFeK5U03beCRO4fMTfI
ScHoUVIXMm1t6xR+DVSrf9E9TUycC/eOIQpUuN5FpXKnsBxIqDVctRpC+V+mMJev
bVF7rfw05z9tRAEACvrDSd3Sl0D8hM3pojOWVJodosUDv1/dMxedZ045jXph0izF
T23HrT1kaMABUZYiBuTRnQXkiXz3VFcjMVVbxVTZavCEmbRW0f3dlzb6omoiusk1
cNZV3KtpdpYMC3PDwmbjf4o/kCX28072AnfQrafFeKPF1HGeIIIClar8kjJooCyv
JGi9upVXUczaBblup7OGlJMwRMnW3KuZ7esXD7dTTTxsZqNoWNn9xAEfenh1AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUSNFE0Q1u0KLc6d56ZFfQ7g3rcXwwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzcz
MDJlMzEzOTM4MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzQzNzM1MzgzMy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAbmqxjANBgkqhkiG9w0BAQsFAAOCAQEAjt9eRNOUCGO6046vZWi0UlRb
gQk7ERnXWHaCeiuh8Onc+veUOwkGqIwM3KRQtDamG8owHsvthuGgxoNe55WbgJ14
1WoCo+P/IOzFSIVSDQ0wwjG8KScaITjbJGBFFgXGodN9EAvqxGC90LR7WFceITL1
UoYieWRCaOa7larVeFn2igr7bHWOh/CCU8+imGkWQuLvCLXc7x5Qh+CiiPK8lAKr
t4N2151v3rkzibVoEFwm5N3H+aoqeQAVBpr1tM444UwwpKpb2g+dPDImkxi7AxSd
hSWZNC1gGqKmiPaBEdF9iGlnukstiXsf3kxksvNB0BXSoohQ5kNWDPmrQ9RyOQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:41:15 2026 by rpki-client