Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3138372e3132382e302f32342d3234203d3e20323132323338.roa
File: 3139332e3138372e3132382e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: icPuerogIHgVCdM+VqlVZZDxlS8pUXzsLbwgF0XgizA=
Subject key identifier: 19:8A:C9:C2:BF:11:DC:B7:53:65:87:26:70:44:4B:CE:85:E3:60:98
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 3963908F85FB7817A4C0DAF2EDA55A42CFF8228C
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3138372e3132382e302f32342d3234203d3e20323132323338.roa
Signing time: Tue 21 Oct 2025 13:22:55 +0000
ROA not before: Tue 21 Oct 2025 13:17:55 +0000
ROA not after: Tue 20 Oct 2026 13:22:55 +0000
asID: 212238
IP address blocks: 193.187.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:63:90:8f:85:fb:78:17:a4:c0:da:f2:ed:a5:5a:42:cf:f8:22:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Oct 21 13:17:55 2025 GMT
Not After : Oct 20 13:22:55 2026 GMT
Subject: CN=198AC9C2BF11DCB75365872670444BCE85E36098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d8:ea:cd:83:9f:05:f8:a9:42:69:3b:b5:96:
8e:5e:00:c9:56:52:0b:19:d4:85:df:eb:c0:f5:fc:
b3:09:7d:4d:f6:43:66:1d:87:eb:ad:e2:8e:c2:bc:
ec:ca:54:ac:a8:48:6b:06:09:f3:a1:e8:8d:3a:11:
1d:1d:75:0a:27:74:7a:76:06:83:2c:fe:14:a5:ba:
6e:d1:dc:3d:57:23:d2:cf:53:aa:1c:c7:61:27:a2:
b2:0a:15:bf:13:83:75:23:a5:2c:6e:e5:b1:41:20:
35:b2:ea:43:6a:20:f7:42:02:34:7f:72:1d:d6:d4:
c1:d4:9a:6e:5f:7a:42:8a:b7:b8:6b:62:39:4d:bf:
21:8b:51:e6:9d:89:b4:bd:66:5b:2c:fc:02:25:01:
ec:c3:ad:34:0f:68:ab:ec:82:cc:ca:37:fe:03:3c:
db:1b:c3:dc:5c:30:31:54:c4:4d:6b:6f:dd:24:0c:
05:41:04:76:db:0b:d1:60:bc:97:2a:ce:84:3b:b8:
41:19:39:d3:be:fb:4a:79:de:b0:dd:5e:8d:28:d0:
13:31:d4:ed:1c:84:95:86:3d:63:26:73:e5:0c:7d:
24:87:46:4f:51:ad:80:8e:db:59:31:09:04:32:bc:
56:38:9b:19:1d:69:9a:84:9e:6b:ef:ea:16:66:fe:
35:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:8A:C9:C2:BF:11:DC:B7:53:65:87:26:70:44:4B:CE:85:E3:60:98
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3138372e3132382e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.187.128.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:02:bf:42:33:ca:60:b0:31:c2:f7:1f:4e:81:1c:c9:1a:ae:
30:7e:a9:28:bf:f1:0a:cc:5c:f6:aa:a6:f4:d0:74:4b:e7:91:
25:33:6c:6b:57:e1:3d:62:fe:e6:c7:c5:fc:82:59:aa:d2:43:
21:2d:7e:d0:e5:b3:01:b8:e2:f1:05:e9:29:3f:75:71:c9:b4:
8f:1e:fd:8e:e3:08:a5:e1:84:26:b3:f9:1a:49:a5:8b:78:be:
e6:92:6f:82:c5:2b:74:04:da:da:51:9b:55:f2:26:1d:ad:7f:
4c:69:80:a8:78:62:40:26:73:cd:95:56:2a:fa:b5:5b:0d:4e:
cd:99:9c:f5:d9:29:8f:98:24:06:94:06:9b:46:90:8f:7a:ae:
73:63:42:86:b0:67:5b:99:cc:f0:ca:84:8b:25:a5:3b:3e:bf:
b2:5a:26:a9:a9:f9:1d:1c:35:9d:19:47:2a:e7:77:2f:a1:64:
25:ea:57:f8:dd:94:b3:1d:fb:16:d2:f9:8f:7e:97:4e:53:d3:
18:ba:b8:c9:4f:4a:00:78:4b:85:53:b8:78:9a:3d:7e:a1:5b:
bc:ef:66:aa:ba:f2:ff:10:31:77:58:7d:14:93:ba:1c:38:ea:
14:68:77:ef:2c:6d:92:96:af:a6:f8:39:15:1b:b6:28:f2:5c:
81:e4:01:e2
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUOWOQj4X7eBekwNry7aVaQs/4IowwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTEwMjExMzE3NTVaFw0yNjEwMjAxMzIyNTVaMDMxMTAvBgNV
BAMTKDE5OEFDOUMyQkYxMURDQjc1MzY1ODcyNjcwNDQ0QkNFODVFMzYwOTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCm2OrNg58F+KlCaTu1lo5eAMlW
UgsZ1IXf68D1/LMJfU32Q2Ydh+ut4o7CvOzKVKyoSGsGCfOh6I06ER0ddQondHp2
BoMs/hSlum7R3D1XI9LPU6ocx2EnorIKFb8Tg3UjpSxu5bFBIDWy6kNqIPdCAjR/
ch3W1MHUmm5fekKKt7hrYjlNvyGLUeadibS9Zlss/AIlAezDrTQPaKvsgszKN/4D
PNsbw9xcMDFUxE1rb90kDAVBBHbbC9FgvJcqzoQ7uEEZOdO++0p53rDdXo0o0BMx
1O0chJWGPWMmc+UMfSSHRk9RrYCO21kxCQQyvFY4mxkdaZqEnmvv6hZm/jVdAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUGYrJwr8R3LdTZYcmcERLzoXjYJgwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzMyZTMxMzgz
NzJlMzEzMjM4MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAwbuAMA0GCSqGSIb3DQEBCwUAA4IBAQC4Ar9CM8pgsDHC9x9OgRzJ
Gq4wfqkov/EKzFz2qqb00HRL55ElM2xrV+E9Yv7mx8X8glmq0kMhLX7Q5bMBuOLx
BekpP3VxybSPHv2O4wil4YQms/kaSaWLeL7mkm+CxSt0BNraUZtV8iYdrX9MaYCo
eGJAJnPNlVYq+rVbDU7NmZz12SmPmCQGlAabRpCPeq5zY0KGsGdbmczwyoSLJaU7
Pr+yWiapqfkdHDWdGUcq53cvoWQl6lf43ZSzHfsW0vmPfpdOU9MYurjJT0oAeEuF
U7h4mj1+oVu872aquvL/EDF3WH0Uk7ocOOoUaHfvLG2Slq+m+DkVG7Yo8lyB5AHi
-----END CERTIFICATE-----
Generated at Tue Nov 4 19:39:52 2025 by rpki-client