Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3139332e31362e302f32342d3234203d3e20333933343036.roa
File: 3138352e3139332e31362e302f32342d3234203d3e20333933343036.roa (raw, json)
Hash identifier: qoMwuotG96bmw8L6BdhI0e8zWtYoXwNllhAmJFjeY0k=
Subject key identifier: C0:4C:FA:99:B2:EA:C6:BF:5A:09:A5:2B:8F:7C:AF:49:D5:A3:34:92
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 414310B7457D80D6E90E2CD0AC601FFD0741FE6B
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3139332e31362e302f32342d3234203d3e20333933343036.roa
Signing time: Sat 14 Feb 2026 12:47:38 +0000
ROA not before: Sat 14 Feb 2026 12:42:38 +0000
ROA not after: Sat 13 Feb 2027 12:47:38 +0000
asID: 393406
IP address blocks: 185.193.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:43:10:b7:45:7d:80:d6:e9:0e:2c:d0:ac:60:1f:fd:07:41:fe:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Feb 14 12:42:38 2026 GMT
Not After : Feb 13 12:47:38 2027 GMT
Subject: CN=C04CFA99B2EAC6BF5A09A52B8F7CAF49D5A33492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1b:a8:38:19:49:af:fe:10:ef:dc:08:94:1c:
f9:d0:54:99:56:3f:cd:5f:e9:43:ff:12:63:dc:0f:
78:56:7a:96:9c:83:84:2a:4b:0b:5e:a4:da:e1:da:
a2:ae:02:47:62:3d:b9:b0:7b:e1:e0:c4:01:75:6b:
02:bb:c4:8f:16:96:1e:09:1a:c7:c1:2e:58:57:d1:
f7:3b:d8:de:50:a8:ad:a9:de:59:79:17:f4:1c:a4:
33:d0:fc:0f:2a:83:46:9c:55:ff:ca:5c:6c:58:70:
0b:52:ee:92:90:d1:3c:32:ac:7e:66:87:fa:3c:b5:
5b:12:62:28:b6:4e:7d:55:33:e0:c2:b9:25:d6:9b:
e4:d2:98:76:64:88:3c:c6:ea:8b:e7:b3:e5:fb:80:
37:0e:b2:c1:44:cc:a4:26:1c:87:0b:8f:87:e1:ee:
9c:3f:f8:b3:f4:29:c8:61:5e:61:79:bf:fb:31:a7:
99:98:01:6a:5d:7f:f5:f6:e3:c8:45:fb:c0:cb:55:
71:23:fa:73:5b:69:4d:1d:15:3f:1c:f4:3a:39:b0:
62:ed:a8:bc:1b:7c:4a:48:c9:01:9c:6d:22:f3:39:
d7:c8:46:1c:a5:5d:0c:de:10:28:e9:a5:5c:3c:f3:
1e:fb:ae:6c:68:12:a6:43:88:3e:f6:9f:5e:c8:91:
b8:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:4C:FA:99:B2:EA:C6:BF:5A:09:A5:2B:8F:7C:AF:49:D5:A3:34:92
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3139332e31362e302f32342d3234203d3e20333933343036.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.16.0/24
Signature Algorithm: sha256WithRSAEncryption
de:91:f5:65:b2:e9:b9:38:66:b2:5f:cb:b2:55:0a:1b:e0:27:
47:e9:45:ce:b6:e9:02:c8:93:aa:e4:f1:36:81:52:e4:7c:8f:
07:89:e4:bc:de:d4:c3:2a:51:83:97:15:2b:1a:b6:cb:67:2e:
6c:81:39:5d:9f:f1:f1:62:8e:dc:e2:d8:45:3d:24:75:39:0f:
d7:c8:84:54:f2:1a:af:84:18:0a:3c:6e:3f:04:54:54:3d:e3:
15:be:7e:32:16:40:59:bd:88:e8:03:f4:ca:ca:0b:eb:d5:bf:
e2:2c:29:7a:c6:1b:04:3e:14:2f:5b:1b:d4:6a:5d:22:a8:26:
97:17:3e:3f:84:9b:b2:32:52:6b:0f:ca:79:00:b4:3d:79:c9:
6c:f1:ff:1c:f1:56:68:6a:99:29:a9:eb:0b:0b:7a:8f:98:ce:
45:93:9c:dc:e2:20:b3:eb:b8:ec:d5:ce:9f:12:64:ae:2c:04:
af:4b:3c:ff:24:d9:a4:e2:8b:27:16:33:53:3f:02:db:28:9f:
60:a9:5c:f1:96:0b:9a:44:72:c5:49:4d:d8:86:aa:61:33:bf:
37:bc:97:b5:2d:31:db:a6:99:10:2b:fa:60:fa:08:e5:32:1e:
d4:15:51:5d:cb:2b:14:1e:09:0a:08:53:65:87:33:c9:0a:de:
7c:a5:f8:df
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUQUMQt0V9gNbpDizQrGAf/QdB/mswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjAyMTQxMjQyMzhaFw0yNzAyMTMxMjQ3MzhaMDMxMTAvBgNV
BAMTKEMwNENGQTk5QjJFQUM2QkY1QTA5QTUyQjhGN0NBRjQ5RDVBMzM0OTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsG6g4GUmv/hDv3AiUHPnQVJlW
P81f6UP/EmPcD3hWepacg4QqSwtepNrh2qKuAkdiPbmwe+HgxAF1awK7xI8Wlh4J
GsfBLlhX0fc72N5QqK2p3ll5F/QcpDPQ/A8qg0acVf/KXGxYcAtS7pKQ0TwyrH5m
h/o8tVsSYii2Tn1VM+DCuSXWm+TSmHZkiDzG6ovns+X7gDcOssFEzKQmHIcLj4fh
7pw/+LP0KchhXmF5v/sxp5mYAWpdf/X248hF+8DLVXEj+nNbaU0dFT8c9Do5sGLt
qLwbfEpIyQGcbSLzOdfIRhylXQzeECjppVw88x77rmxoEqZDiD72n17IkbgtAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUwEz6mbLqxr9aCaUrj3yvSdWjNJIwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzkz
MzJlMzEzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzMzM0MzAzNi5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALnBEDANBgkqhkiG9w0BAQsFAAOCAQEA3pH1ZbLpuThmsl/LslUKG+An
R+lFzrbpAsiTquTxNoFS5HyPB4nkvN7UwypRg5cVKxq2y2cubIE5XZ/x8WKO3OLY
RT0kdTkP18iEVPIar4QYCjxuPwRUVD3jFb5+MhZAWb2I6AP0ysoL69W/4iwpesYb
BD4UL1sb1GpdIqgmlxc+P4SbsjJSaw/KeQC0PXnJbPH/HPFWaGqZKanrCwt6j5jO
RZOc3OIgs+u47NXOnxJkriwEr0s8/yTZpOKLJxYzUz8C2yifYKlc8ZYLmkRyxUlN
2IaqYTO/N7yXtS0x26aZECv6YPoI5TIe1BVRXcsrFB4JCghTZYczyQrefKX43w==
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:53:39 2026 by rpki-client