Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3235352e3132392e302f32342d3234203d3e20323132323338.roa
File: 3138352e3235352e3132392e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: Fp1mp6gHd4ZOVGh5L/9uEsYee5NhMt0QdnP5mhqG0vU=
Subject key identifier: 02:21:48:D4:9A:4D:F0:9C:6C:D0:28:38:F6:A6:3E:45:AF:91:57:1B
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 2100BBAFF476144B7BA68D633D8CAEB60C88EC5D
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3235352e3132392e302f32342d3234203d3e20323132323338.roa
Signing time: Tue 19 May 2026 14:24:17 +0000
ROA not before: Tue 19 May 2026 14:19:17 +0000
ROA not after: Tue 18 May 2027 14:24:17 +0000
asID: 212238
IP address blocks: 185.255.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 14:25:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:00:bb:af:f4:76:14:4b:7b:a6:8d:63:3d:8c:ae:b6:0c:88:ec:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: May 19 14:19:17 2026 GMT
Not After : May 18 14:24:17 2027 GMT
Subject: CN=022148D49A4DF09C6CD02838F6A63E45AF91571B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e0:ac:4a:10:e7:a2:99:be:ce:4a:77:d2:2c:
25:a3:c7:60:93:65:9e:cf:5c:c5:9e:6d:44:6c:6a:
13:01:c0:e9:a1:36:b9:92:76:db:46:52:85:b3:7d:
74:95:be:f3:18:ce:38:c3:44:60:30:3c:3e:4d:b3:
2f:2f:ba:3d:2c:17:ac:61:be:eb:e3:b6:59:37:d8:
cb:8e:b6:23:b8:39:fb:9e:34:23:ae:a4:82:de:fe:
78:96:e6:80:7b:c3:a3:a0:d6:69:b8:cf:77:35:5d:
43:9b:64:d1:8a:34:fd:80:f7:1e:02:b3:d4:43:98:
83:8f:ad:4e:a8:83:4b:bc:f7:90:08:08:66:81:98:
8d:57:45:c7:57:40:bb:ee:4f:1f:f6:cc:b8:08:87:
84:90:dc:68:0a:e5:b4:bb:0f:78:54:34:eb:6e:c1:
ca:18:af:47:0d:77:7c:03:0c:1e:e3:8b:b4:02:0f:
ce:e4:28:af:08:11:dd:6c:6f:0b:9a:4d:07:27:49:
60:66:a2:af:6a:09:60:9e:c6:db:a8:ff:85:a2:11:
1f:d6:92:79:ba:d4:1d:6f:c8:5b:22:76:58:28:bc:
11:56:67:ce:f2:9e:f6:f0:fd:57:a5:3e:32:97:25:
08:ba:dd:e7:d2:8c:4a:22:20:81:ff:fd:82:83:73:
9c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:21:48:D4:9A:4D:F0:9C:6C:D0:28:38:F6:A6:3E:45:AF:91:57:1B
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3235352e3132392e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.129.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:87:f5:be:2d:82:99:15:09:e3:91:26:81:99:4a:90:3a:f3:
b9:1b:f3:c1:ea:23:03:6a:88:54:3d:e5:6e:43:96:d9:ae:6f:
75:f5:1d:51:0f:dd:0b:3f:93:33:49:29:b8:03:b0:aa:22:77:
b2:c1:9e:44:de:fb:48:d3:8a:9b:80:f7:1a:3f:93:c9:6c:2c:
80:1d:5e:cb:9a:f2:d0:ff:61:2d:a8:8b:ec:dc:01:ac:42:fe:
2b:71:59:c0:66:25:36:29:18:11:16:d0:51:13:28:55:b9:17:
aa:28:89:a4:44:11:60:d5:86:f8:43:35:dc:88:5e:40:a4:bb:
88:bf:96:c3:83:f4:39:48:d3:1d:39:bc:18:df:6d:7e:58:aa:
41:a3:b1:1b:1c:72:c2:0d:22:17:9c:1a:4f:aa:b4:d7:98:c3:
d2:7a:f2:50:48:8a:c3:3b:ae:42:ab:5e:da:e8:43:85:c2:d0:
ff:30:44:f6:94:5a:9a:e0:9e:6a:83:2e:40:73:71:f5:82:06:
2e:44:3a:02:66:0f:15:b7:35:45:1b:d9:e9:b0:e6:97:82:34:
fc:b0:a8:f7:30:8e:b1:1b:af:d2:d0:ae:5d:09:73:b8:a0:c5:
85:d6:88:b4:89:49:54:e7:f4:41:4c:aa:4f:e5:d4:84:15:65:
ff:b3:87:78
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUIQC7r/R2FEt7po1jPYyutgyI7F0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjA1MTkxNDE5MTdaFw0yNzA1MTgxNDI0MTdaMDMxMTAvBgNV
BAMTKDAyMjE0OEQ0OUE0REYwOUM2Q0QwMjgzOEY2QTYzRTQ1QUY5MTU3MUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC24KxKEOeimb7OSnfSLCWjx2CT
ZZ7PXMWebURsahMBwOmhNrmSdttGUoWzfXSVvvMYzjjDRGAwPD5Nsy8vuj0sF6xh
vuvjtlk32MuOtiO4OfueNCOupILe/niW5oB7w6Og1mm4z3c1XUObZNGKNP2A9x4C
s9RDmIOPrU6og0u895AICGaBmI1XRcdXQLvuTx/2zLgIh4SQ3GgK5bS7D3hUNOtu
wcoYr0cNd3wDDB7ji7QCD87kKK8IEd1sbwuaTQcnSWBmoq9qCWCextuo/4WiER/W
knm61B1vyFsidlgovBFWZ87ynvbw/VelPjKXJQi63efSjEoiIIH//YKDc5zHAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUAiFI1JpN8Jxs0Cg49qY+Ra+RVxswHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMyMzUz
NTJlMzEzMjM5MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAuf+BMA0GCSqGSIb3DQEBCwUAA4IBAQCch/W+LYKZFQnjkSaBmUqQ
OvO5G/PB6iMDaohUPeVuQ5bZrm919R1RD90LP5MzSSm4A7CqIneywZ5E3vtI04qb
gPcaP5PJbCyAHV7LmvLQ/2EtqIvs3AGsQv4rcVnAZiU2KRgRFtBREyhVuReqKImk
RBFg1Yb4QzXciF5ApLuIv5bDg/Q5SNMdObwY321+WKpBo7EbHHLCDSIXnBpPqrTX
mMPSevJQSIrDO65Cq17a6EOFwtD/MET2lFqa4J5qgy5Ac3H1ggYuRDoCZg8VtzVF
G9npsOaXgjT8sKj3MI6xG6/S0K5dCXO4oMWF1oi0iUlU5/RBTKpP5dSEFWX/s4d4
-----END CERTIFICATE-----
Generated at Sat Jun 13 22:12:04 2026 by rpki-client