Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e34322e39382e302f32342d3234203d3e20323132323338.roa
File: 3139332e34322e39382e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: wgf2h+TPY11g8RXLf1Q0lQT409Pt+f3tLAlIoatXVkU=
Subject key identifier: D7:95:E2:5A:EF:FD:DD:F3:BF:4F:01:5F:A9:ED:34:EB:4D:A3:CF:63
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4CBC8F3CB5794359DC5B616EDEFA28C9B1D4FB0A
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e34322e39382e302f32342d3234203d3e20323132323338.roa
Signing time: Fri 29 May 2026 12:24:41 +0000
ROA not before: Fri 29 May 2026 12:19:41 +0000
ROA not after: Fri 28 May 2027 12:24:41 +0000
asID: 212238
IP address blocks: 193.42.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:bc:8f:3c:b5:79:43:59:dc:5b:61:6e:de:fa:28:c9:b1:d4:fb:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: May 29 12:19:41 2026 GMT
Not After : May 28 12:24:41 2027 GMT
Subject: CN=D795E25AEFFDDDF3BF4F015FA9ED34EB4DA3CF63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:14:d8:69:d3:c5:88:f8:6d:e7:67:dd:7e:03:
57:2a:51:1b:8d:ae:14:61:32:5b:3c:35:84:d8:a0:
88:5b:83:36:bf:d7:dd:c3:47:31:42:23:dd:47:05:
68:f3:52:f6:2f:b6:ae:30:55:b1:46:82:1a:9d:2d:
00:a9:00:14:34:f7:dc:24:ee:b1:bb:4d:1f:e7:39:
e8:dc:00:79:b1:11:30:6b:31:58:9d:86:d4:fb:9b:
d4:8c:50:b7:bf:d3:97:e8:80:da:02:4b:00:85:dc:
0e:32:02:76:ba:2d:ad:8b:0e:da:0d:91:00:e7:9a:
2d:0c:44:a0:d9:d7:f6:42:cd:38:18:e7:50:11:0e:
08:3c:90:bc:f6:f8:1d:28:16:25:af:86:2a:7e:65:
f4:e9:6e:12:c2:fd:a3:d8:9a:8b:95:c7:d6:c2:0c:
2c:0a:28:9a:4e:a6:30:23:4f:0d:a0:6e:2e:7b:57:
ba:88:cd:35:dc:e0:30:e7:19:e2:2a:7d:97:2e:39:
34:37:c3:0c:df:e7:91:95:17:01:85:b3:f6:07:83:
84:d6:79:63:cb:33:5d:46:e4:db:b4:d6:ce:a0:1b:
96:b9:dd:c1:32:9b:d8:b7:8c:7b:41:54:b1:2d:c6:
64:01:3c:11:3a:97:fc:51:9c:f6:3a:a5:0a:55:45:
90:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:95:E2:5A:EF:FD:DD:F3:BF:4F:01:5F:A9:ED:34:EB:4D:A3:CF:63
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e34322e39382e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.42.98.0/24
Signature Algorithm: sha256WithRSAEncryption
61:b6:df:46:10:ab:bf:0b:b2:d9:ff:4d:e5:36:93:63:5f:64:
54:36:ea:f7:ba:b2:bd:48:5a:60:35:72:b3:f2:4b:34:9d:ff:
c1:af:7a:33:d6:9b:ed:a9:f4:8f:54:e3:33:cd:76:6b:93:59:
9c:19:b8:85:4d:d3:06:cc:be:78:7c:a3:c4:fc:3f:28:00:ec:
d2:ab:9b:10:aa:8f:c3:ff:33:44:cc:d9:53:b6:41:10:6d:60:
55:7f:92:93:2c:51:05:64:e5:26:c9:ee:d7:cf:72:1e:e0:e1:
92:81:4e:fa:49:ea:ca:e3:f7:86:59:a6:92:e3:9f:af:aa:88:
70:35:ac:1e:8c:91:dc:f7:7e:a1:47:06:a4:a7:dd:00:6d:a5:
73:6b:7a:be:28:7c:ea:4c:3f:96:40:b5:62:16:23:a2:56:8f:
95:05:21:23:de:1a:92:fb:86:c5:c8:fc:e5:0d:c2:11:c2:5c:
c7:76:d3:5f:4a:d9:e2:13:d5:eb:cd:4d:12:03:56:5c:6c:25:
8d:1e:3b:88:6d:f9:e6:e9:29:e7:e2:bd:a5:14:90:93:58:4b:
26:b0:13:c9:66:c5:02:d2:8d:8c:9a:68:f0:3d:80:d3:e2:86:
0f:a2:74:6c:32:1d:96:5a:49:67:0a:51:da:6c:27:f3:a4:b7:
7d:a5:67:ca
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUTLyPPLV5Q1ncW2Fu3vooybHU+wowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjA1MjkxMjE5NDFaFw0yNzA1MjgxMjI0NDFaMDMxMTAvBgNV
BAMTKEQ3OTVFMjVBRUZGRERERjNCRjRGMDE1RkE5RUQzNEVCNERBM0NGNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1FNhp08WI+G3nZ91+A1cqURuN
rhRhMls8NYTYoIhbgza/193DRzFCI91HBWjzUvYvtq4wVbFGghqdLQCpABQ099wk
7rG7TR/nOejcAHmxETBrMVidhtT7m9SMULe/05fogNoCSwCF3A4yAna6La2LDtoN
kQDnmi0MRKDZ1/ZCzTgY51ARDgg8kLz2+B0oFiWvhip+ZfTpbhLC/aPYmouVx9bC
DCwKKJpOpjAjTw2gbi57V7qIzTXc4DDnGeIqfZcuOTQ3wwzf55GVFwGFs/YHg4TW
eWPLM11G5Nu01s6gG5a53cEym9i3jHtBVLEtxmQBPBE6l/xRnPY6pQpVRZBjAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQU15XiWu/93fO/TwFfqe00602jz2MwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzMyZTM0MzIy
ZTM5MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADBKmIwDQYJKoZIhvcNAQELBQADggEBAGG230YQq78Lstn/TeU2k2NfZFQ2
6ve6sr1IWmA1crPySzSd/8GvejPWm+2p9I9U4zPNdmuTWZwZuIVN0wbMvnh8o8T8
PygA7NKrmxCqj8P/M0TM2VO2QRBtYFV/kpMsUQVk5SbJ7tfPch7g4ZKBTvpJ6srj
94ZZppLjn6+qiHA1rB6Mkdz3fqFHBqSn3QBtpXNrer4ofOpMP5ZAtWIWI6JWj5UF
ISPeGpL7hsXI/OUNwhHCXMd2019K2eIT1evNTRIDVlxsJY0eO4ht+ebpKefivaUU
kJNYSyawE8lmxQLSjYyaaPA9gNPihg+idGwyHZZaSWcKUdpsJ/Okt32lZ8o=
-----END CERTIFICATE-----
Generated at Sat Jun 13 19:01:34 2026 by rpki-client