Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137332e3130382e302f32332d3234203d3e203437353833.roa
File: 3138352e3137332e3130382e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: IvMerdrJ7s0Hnu/lsaVd7lF2F3bjRugFm+FHBpl29sU=
Subject key identifier: 7F:A3:29:0D:23:43:A4:5C:A3:73:9C:16:40:41:F6:F0:82:35:F8:09
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 52174A1D4380D9DDD9CD94F9CE8702EBA2F6373B
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137332e3130382e302f32332d3234203d3e203437353833.roa
Signing time: Thu 16 Apr 2026 11:23:40 +0000
ROA not before: Thu 16 Apr 2026 11:18:40 +0000
ROA not after: Thu 15 Apr 2027 11:23:40 +0000
asID: 47583
IP address blocks: 185.173.108.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:17:4a:1d:43:80:d9:dd:d9:cd:94:f9:ce:87:02:eb:a2:f6:37:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Apr 16 11:18:40 2026 GMT
Not After : Apr 15 11:23:40 2027 GMT
Subject: CN=7FA3290D2343A45CA3739C164041F6F08235F809
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:47:a7:5e:eb:90:b6:22:46:a7:35:e7:3c:5f:
f3:e0:86:50:ba:b8:87:13:90:eb:68:42:fb:75:c8:
68:98:c3:4a:f9:80:68:72:83:1d:4c:df:cf:55:55:
3b:d3:7f:5a:dc:d4:a3:3c:11:c3:46:82:d9:ab:11:
98:af:c3:8a:dc:53:37:a1:09:88:0c:cb:71:cd:a9:
1b:9a:90:74:32:15:7f:ad:bd:00:4b:51:7f:d0:05:
26:40:bf:23:68:39:d6:3f:22:62:26:40:4f:f9:9b:
0e:80:20:88:26:17:fa:fd:99:f7:38:97:54:7d:c1:
ef:95:c7:07:98:51:4b:6f:41:7c:cc:fe:e6:e1:71:
75:0a:04:6b:86:2d:26:97:9f:5b:cf:bc:f0:4f:9c:
ed:47:75:03:9b:54:17:d6:43:8f:ae:46:fa:4c:85:
c1:5e:5d:83:b9:6b:20:10:ba:11:5a:14:1f:83:23:
1a:3e:90:98:41:03:9c:10:db:12:97:f3:e2:54:ed:
c9:a5:92:c9:1a:42:18:13:b9:0a:05:1c:1a:b6:3e:
28:e0:43:67:34:68:33:25:d1:0c:10:7d:03:4a:8b:
63:4b:f5:cb:45:10:bb:f7:ad:e0:1f:6d:e5:a9:a1:
06:7b:dc:fa:45:9f:c9:f6:7d:17:33:16:80:8c:73:
34:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:A3:29:0D:23:43:A4:5C:A3:73:9C:16:40:41:F6:F0:82:35:F8:09
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137332e3130382e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.108.0/23
Signature Algorithm: sha256WithRSAEncryption
94:fb:ad:da:ac:20:ee:42:aa:87:79:13:2e:c1:0d:34:6d:6f:
d7:05:b3:05:ad:c7:b8:56:75:28:84:95:7f:c9:1f:69:68:ec:
f3:d5:65:09:03:1c:74:ff:36:dc:24:76:84:2f:c7:91:5d:83:
c6:27:18:5c:2b:41:bf:cd:e1:e8:04:38:d0:3b:8d:8a:01:f2:
b9:1c:de:23:08:bb:17:d9:a3:2e:b5:63:d0:f6:35:64:fe:70:
78:54:52:66:eb:f4:2b:9c:89:e2:0b:14:54:40:5d:63:c2:a4:
fc:5f:7b:78:de:a7:6c:c4:78:aa:0c:b5:ac:e2:02:23:44:33:
e4:12:08:88:7e:c8:0b:f6:fb:fe:0c:f4:14:ec:0f:37:f8:d4:
56:ea:d3:54:72:c1:4b:bb:a1:78:fb:b2:50:59:7f:ff:e2:6a:
7d:3a:6f:8b:81:4b:b4:47:ce:e0:4d:d5:1d:e1:11:3e:51:3d:
99:e7:77:0b:e4:6c:d1:34:6e:91:55:d5:d4:72:d9:d0:63:fc:
5e:35:61:38:1e:22:05:0a:11:71:da:25:56:24:50:a8:5d:3f:
b4:c3:4f:56:79:8d:23:5f:a9:0c:0a:25:a2:18:61:e3:28:76:
15:0a:c4:de:13:f1:14:28:43:e0:c0:e3:24:aa:64:21:4c:b1:
35:5a:f1:50
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUUhdKHUOA2d3ZzZT5zocC66L2NzswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjA0MTYxMTE4NDBaFw0yNzA0MTUxMTIzNDBaMDMxMTAvBgNV
BAMTKDdGQTMyOTBEMjM0M0E0NUNBMzczOUMxNjQwNDFGNkYwODIzNUY4MDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTR6de65C2IkanNec8X/PghlC6
uIcTkOtoQvt1yGiYw0r5gGhygx1M389VVTvTf1rc1KM8EcNGgtmrEZivw4rcUzeh
CYgMy3HNqRuakHQyFX+tvQBLUX/QBSZAvyNoOdY/ImImQE/5mw6AIIgmF/r9mfc4
l1R9we+VxweYUUtvQXzM/ubhcXUKBGuGLSaXn1vPvPBPnO1HdQObVBfWQ4+uRvpM
hcFeXYO5ayAQuhFaFB+DIxo+kJhBA5wQ2xKX8+JU7cmlkskaQhgTuQoFHBq2Pijg
Q2c0aDMl0QwQfQNKi2NL9ctFELv3reAfbeWpoQZ73PpFn8n2fRczFoCMczTHAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUf6MpDSNDpFyjc5wWQEH28II1+AkwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzcz
MzJlMzEzMDM4MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzQzNzM1MzgzMy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAbmtbDANBgkqhkiG9w0BAQsFAAOCAQEAlPut2qwg7kKqh3kTLsENNG1v
1wWzBa3HuFZ1KISVf8kfaWjs89VlCQMcdP823CR2hC/HkV2DxicYXCtBv83h6AQ4
0DuNigHyuRzeIwi7F9mjLrVj0PY1ZP5weFRSZuv0K5yJ4gsUVEBdY8Kk/F97eN6n
bMR4qgy1rOICI0Qz5BIIiH7IC/b7/gz0FOwPN/jUVurTVHLBS7uhePuyUFl//+Jq
fTpvi4FLtEfO4E3VHeERPlE9med3C+Rs0TRukVXV1HLZ0GP8XjVhOB4iBQoRcdol
ViRQqF0/tMNPVnmNI1+pDAolohhh4yh2FQrE3hPxFChD4MDjJKpkIUyxNVrxUA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:49:01 2026 by rpki-client