Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3230332e31322e302f32342d3234203d3e20323132323338.roa
File: 3139332e3230332e31322e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: Ay/j4ycWuq7a+AA7gvqt4yJTkF7nM6/+v8ZOd0BJ7GQ=
Subject key identifier: B2:CE:D7:8E:A8:A9:86:27:5D:EA:9C:9F:A5:2A:46:9A:62:54:82:1E
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 10DEE84FD06367A8278EB44CEA4D06E678AA079B
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3230332e31322e302f32342d3234203d3e20323132323338.roa
Signing time: Fri 29 May 2026 12:24:41 +0000
ROA not before: Fri 29 May 2026 12:19:41 +0000
ROA not after: Fri 28 May 2027 12:24:41 +0000
asID: 212238
IP address blocks: 193.203.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 22:57:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:de:e8:4f:d0:63:67:a8:27:8e:b4:4c:ea:4d:06:e6:78:aa:07:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: May 29 12:19:41 2026 GMT
Not After : May 28 12:24:41 2027 GMT
Subject: CN=B2CED78EA8A986275DEA9C9FA52A469A6254821E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:eb:30:d8:fd:28:42:6e:bc:08:f7:45:2f:e8:
3b:1c:f2:96:ff:96:d3:ac:f5:19:ec:3c:39:81:0c:
5e:ab:b0:68:fb:c2:2b:91:b0:0f:1e:0e:02:25:cf:
5a:16:08:3a:b0:bb:a4:4a:e2:d6:ee:c0:13:9a:cd:
79:36:45:7e:b1:47:ee:05:1f:cb:16:0c:74:b1:24:
68:20:71:c9:1b:fb:1e:de:e8:95:64:56:bb:a0:b5:
d2:ba:1a:da:f0:20:26:6f:6c:13:75:91:a7:b5:1a:
f8:c5:a0:a2:1b:0e:33:cb:d3:2f:bc:a4:14:75:0f:
4e:12:ba:0e:a8:56:ac:05:a9:5f:52:e9:4d:04:dc:
5e:4b:7c:4d:c2:cd:5a:e3:88:7f:9e:59:9a:c6:63:
a9:c2:47:50:31:87:89:85:92:c9:87:b4:d4:58:da:
96:5a:57:ba:51:6d:d4:56:8e:a6:b5:ff:44:2c:48:
ed:a8:6a:cd:34:50:23:f4:f2:be:a7:4e:c1:44:f4:
ed:88:6b:2a:c9:72:3f:6a:db:04:05:97:4a:66:83:
70:2e:df:73:d2:2e:75:09:6c:16:b4:7d:4e:76:a0:
9e:f8:ea:43:d2:26:db:ba:0c:6e:18:99:9b:c6:68:
2a:43:d9:be:d2:02:b6:72:3b:69:b0:be:39:7e:04:
18:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:CE:D7:8E:A8:A9:86:27:5D:EA:9C:9F:A5:2A:46:9A:62:54:82:1E
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3230332e31322e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.12.0/24
Signature Algorithm: sha256WithRSAEncryption
82:02:d0:24:89:7e:c7:e5:cb:2e:3c:44:b1:9c:9a:4a:67:f8:
24:7c:fa:59:46:c2:af:d9:38:81:b5:3a:07:00:4e:82:65:14:
b1:84:62:77:9c:b8:1f:3f:d6:71:e9:c9:88:62:3e:d4:a0:35:
0e:66:5f:67:98:c3:15:39:f4:a9:30:96:c1:5d:2c:b8:f0:b9:
10:e1:d3:59:19:b1:7a:d2:d5:8b:1a:93:04:13:bc:11:36:cb:
a2:1a:ce:01:ee:28:0b:25:af:35:b8:b2:39:60:db:7f:aa:57:
5e:02:a6:c6:f7:53:a4:a7:da:2f:c2:f3:ea:83:48:fc:b2:63:
c7:34:d5:d3:18:3b:44:88:05:eb:6d:a7:9a:f8:72:af:32:26:
38:cc:ad:7f:78:3d:bf:11:13:16:48:38:4e:cd:80:fd:1b:69:
fe:21:49:d8:2a:16:c8:52:23:f9:22:56:0a:bc:a7:77:f3:1c:
2e:9b:ca:ac:69:0e:d4:8f:df:94:22:55:4c:6e:cb:d2:e7:c1:
9b:17:fa:7e:b0:3b:66:df:11:31:73:48:d3:0c:a1:c6:3e:6a:
07:47:b5:92:9e:07:97:ff:88:c4:79:fc:b6:d0:0f:1d:ed:07:
b8:eb:41:84:9c:f7:69:f8:3b:56:f9:b9:51:84:a6:75:8d:e6:
be:8d:81:f2
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUEN7oT9BjZ6gnjrRM6k0G5niqB5swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjA1MjkxMjE5NDFaFw0yNzA1MjgxMjI0NDFaMDMxMTAvBgNV
BAMTKEIyQ0VENzhFQThBOTg2Mjc1REVBOUM5RkE1MkE0NjlBNjI1NDgyMUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCT6zDY/ShCbrwI90Uv6Dsc8pb/
ltOs9RnsPDmBDF6rsGj7wiuRsA8eDgIlz1oWCDqwu6RK4tbuwBOazXk2RX6xR+4F
H8sWDHSxJGggcckb+x7e6JVkVrugtdK6GtrwICZvbBN1kae1GvjFoKIbDjPL0y+8
pBR1D04Sug6oVqwFqV9S6U0E3F5LfE3CzVrjiH+eWZrGY6nCR1Axh4mFksmHtNRY
2pZaV7pRbdRWjqa1/0QsSO2oas00UCP08r6nTsFE9O2IayrJcj9q2wQFl0pmg3Au
33PSLnUJbBa0fU52oJ746kPSJtu6DG4YmZvGaCpD2b7SArZyO2mwvjl+BBiZAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUss7Xjqiphidd6pyfpSpGmmJUgh4wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzMyZTMyMzAz
MzJlMzEzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMHLDDANBgkqhkiG9w0BAQsFAAOCAQEAggLQJIl+x+XLLjxEsZyaSmf4
JHz6WUbCr9k4gbU6BwBOgmUUsYRid5y4Hz/WcenJiGI+1KA1DmZfZ5jDFTn0qTCW
wV0suPC5EOHTWRmxetLVixqTBBO8ETbLohrOAe4oCyWvNbiyOWDbf6pXXgKmxvdT
pKfaL8Lz6oNI/LJjxzTV0xg7RIgF622nmvhyrzImOMytf3g9vxETFkg4Ts2A/Rtp
/iFJ2CoWyFIj+SJWCrynd/McLpvKrGkO1I/flCJVTG7L0ufBmxf6frA7Zt8RMXNI
0wyhxj5qB0e1kp4Hl/+IxHn8ttAPHe0HuOtBhJz3afg7Vvm5UYSmdY3mvo2B8g==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:24:53 2026 by rpki-client