Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3230332e31332e302f32342d3234203d3e20323132323338.roa
File: 3139332e3230332e31332e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: cRn+sFoxl3vMy4+MybHDsh3reohr4+rQqjzW2UwPUBo=
Subject key identifier: D7:E9:FC:F7:FC:09:A6:3F:1C:1E:51:05:80:82:FA:DC:8D:72:AE:63
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 0FA8F4653835809B13C626B37F0E1297AB6ADAFC
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3230332e31332e302f32342d3234203d3e20323132323338.roa
Signing time: Mon 01 Jun 2026 22:24:48 +0000
ROA not before: Mon 01 Jun 2026 22:19:48 +0000
ROA not after: Mon 31 May 2027 22:24:48 +0000
asID: 212238
IP address blocks: 193.203.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 22:57:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:a8:f4:65:38:35:80:9b:13:c6:26:b3:7f:0e:12:97:ab:6a:da:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 1 22:19:48 2026 GMT
Not After : May 31 22:24:48 2027 GMT
Subject: CN=D7E9FCF7FC09A63F1C1E51058082FADC8D72AE63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:52:45:67:24:ee:b7:96:f9:7e:38:94:1e:dc:
d9:f7:69:a8:82:af:fb:3c:c5:a7:6c:96:ac:99:55:
b3:c4:20:8e:7c:fd:2b:96:99:b6:95:d8:88:a8:d2:
01:ba:93:57:da:9e:0a:71:34:f5:20:a9:b6:1f:28:
3d:16:df:8e:62:e8:ca:60:1f:7b:f5:31:d6:30:a3:
72:d9:61:09:d3:49:ff:a9:63:50:c0:ae:4d:f5:27:
b2:eb:11:b4:c5:46:ee:82:b9:d8:2f:df:51:39:d5:
f7:b7:b6:7e:d6:80:96:7f:c3:e5:de:26:22:da:f3:
f7:24:b3:a1:a4:84:ca:72:72:e0:d5:7d:05:b7:3b:
69:a3:a8:71:89:4d:be:ce:58:00:79:60:27:ec:eb:
7d:f7:ca:ec:6c:be:b4:5b:e1:d3:ae:cc:f4:27:fe:
13:64:7f:34:23:0c:bc:0b:4e:fd:54:68:d1:53:21:
a7:38:74:6c:fd:be:15:68:41:44:3e:ab:b9:07:56:
60:26:99:08:83:82:5d:06:2d:5d:e3:7d:99:4d:36:
42:d0:ff:1b:ae:a8:43:7f:c8:8a:0c:7f:e7:37:73:
75:d0:d2:8b:5a:35:19:af:6d:6b:19:59:c1:4b:23:
16:07:f5:22:6c:c1:e9:3b:9f:7b:c2:02:87:fe:9f:
28:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E9:FC:F7:FC:09:A6:3F:1C:1E:51:05:80:82:FA:DC:8D:72:AE:63
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3230332e31332e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.13.0/24
Signature Algorithm: sha256WithRSAEncryption
56:df:c3:f0:a3:0e:10:d4:1d:19:61:2a:35:97:b6:d7:4a:4f:
2e:67:39:c9:8e:51:77:dc:71:a6:25:05:3b:0a:f0:9c:a1:3c:
22:97:a1:39:33:40:4b:a4:7a:b0:ab:15:a4:00:f8:b5:a7:1e:
35:4d:9b:67:61:37:33:51:82:c6:7d:a8:ce:79:dd:7b:27:6f:
3a:82:0f:b8:37:85:11:ec:d4:d7:3b:96:24:e1:63:28:b6:76:
25:da:af:3a:17:73:48:41:e3:15:67:3a:e9:8d:33:60:ab:af:
7b:1b:e7:df:c7:4e:0e:67:3f:c3:6f:93:6f:66:c7:2c:da:8c:
10:da:36:bd:6b:91:b5:d6:08:0f:48:4d:fa:b9:9e:4c:52:f7:
f4:7b:63:90:be:54:39:be:fe:d0:ae:46:78:2f:af:a6:a0:e4:
91:a7:46:ab:e4:20:f5:ef:00:00:2a:0b:80:2c:92:be:18:57:
13:2c:fc:6d:e1:3c:d4:29:22:4a:e7:c7:5e:d5:fc:f3:ac:d2:
32:9b:f2:c4:5e:ee:f7:24:58:38:dc:af:ff:f0:96:7c:60:11:
f4:95:50:c2:d9:f5:69:6c:30:31:e4:ae:e4:a1:e8:91:c1:47:
7d:25:fd:09:e2:14:1b:c1:97:0b:a1:e1:84:73:02:ee:0b:bd:
4c:3c:94:e5
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUD6j0ZTg1gJsTxiazfw4Sl6tq2vwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjA2MDEyMjE5NDhaFw0yNzA1MzEyMjI0NDhaMDMxMTAvBgNV
BAMTKEQ3RTlGQ0Y3RkMwOUE2M0YxQzFFNTEwNTgwODJGQURDOEQ3MkFFNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPUkVnJO63lvl+OJQe3Nn3aaiC
r/s8xadslqyZVbPEII58/SuWmbaV2Iio0gG6k1fangpxNPUgqbYfKD0W345i6Mpg
H3v1MdYwo3LZYQnTSf+pY1DArk31J7LrEbTFRu6Cudgv31E51fe3tn7WgJZ/w+Xe
JiLa8/cks6GkhMpycuDVfQW3O2mjqHGJTb7OWAB5YCfs6333yuxsvrRb4dOuzPQn
/hNkfzQjDLwLTv1UaNFTIac4dGz9vhVoQUQ+q7kHVmAmmQiDgl0GLV3jfZlNNkLQ
/xuuqEN/yIoMf+c3c3XQ0otaNRmvbWsZWcFLIxYH9SJswek7n3vCAof+nyjJAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU1+n89/wJpj8cHlEFgIL63I1yrmMwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzMyZTMyMzAz
MzJlMzEzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMHLDTANBgkqhkiG9w0BAQsFAAOCAQEAVt/D8KMOENQdGWEqNZe210pP
Lmc5yY5Rd9xxpiUFOwrwnKE8IpehOTNAS6R6sKsVpAD4taceNU2bZ2E3M1GCxn2o
znndeydvOoIPuDeFEezU1zuWJOFjKLZ2JdqvOhdzSEHjFWc66Y0zYKuvexvn38dO
Dmc/w2+Tb2bHLNqMENo2vWuRtdYID0hN+rmeTFL39HtjkL5UOb7+0K5GeC+vpqDk
kadGq+Qg9e8AACoLgCySvhhXEyz8beE81CkiSufHXtX886zSMpvyxF7u9yRYONyv
//CWfGAR9JVQwtn1aWwwMeSu5KHokcFHfSX9CeIUG8GXC6HhhHMC7gu9TDyU5Q==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:24:17 2026 by rpki-client