Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e34322e39392e302f32342d3234203d3e20323132323338.roa
File: 3139332e34322e39392e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: OaJFQw1v4R39CRPzbY/Hy3U8+X/83pTXrC11AchNnDs=
Subject key identifier: 9F:75:70:B5:0C:53:0A:16:59:B4:EB:6B:18:F0:31:33:CA:F4:37:FB
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4A4D3E46D5BEC519932CCB3136825E447CE188E3
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e34322e39392e302f32342d3234203d3e20323132323338.roa
Signing time: Mon 01 Jun 2026 22:24:48 +0000
ROA not before: Mon 01 Jun 2026 22:19:48 +0000
ROA not after: Mon 31 May 2027 22:24:48 +0000
asID: 212238
IP address blocks: 193.42.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:4d:3e:46:d5:be:c5:19:93:2c:cb:31:36:82:5e:44:7c:e1:88:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 1 22:19:48 2026 GMT
Not After : May 31 22:24:48 2027 GMT
Subject: CN=9F7570B50C530A1659B4EB6B18F03133CAF437FB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:80:5f:35:2a:2f:79:3e:30:93:4c:9c:86:5e:
b6:c0:80:bd:cb:84:13:e1:d4:60:ef:4c:c5:91:ee:
bc:97:5c:6b:87:e1:7b:a9:35:f7:2b:e9:70:66:00:
3a:18:54:65:23:f3:1e:b9:ca:10:d5:cb:e6:09:6a:
d9:27:83:0f:a0:8c:de:ec:94:d5:b2:31:31:44:9e:
2d:3a:63:bd:74:76:54:1f:b9:f9:10:d8:d5:0e:1c:
84:bb:a7:d4:c1:83:75:98:61:bf:6e:a7:b6:50:44:
7e:c9:4d:ce:22:5c:32:e9:26:82:e7:8f:20:6c:f7:
e1:0f:37:d5:73:fc:4a:0c:b6:0c:ac:42:c6:c6:76:
48:91:65:f9:99:ec:63:a0:4d:90:14:9d:31:ff:b5:
9a:16:04:35:39:e0:87:57:87:06:06:47:50:fc:cb:
c4:bb:49:b1:df:dc:47:ed:13:1e:45:bf:56:14:a0:
82:9d:14:1b:1e:a6:b3:47:c8:49:fb:d2:b3:18:a7:
6f:a8:cc:8f:85:24:e8:c6:9a:69:73:2d:86:40:df:
f8:42:e2:49:aa:ac:3a:8e:4a:17:c6:3c:00:14:1b:
62:9f:de:5a:21:25:c7:a5:07:77:86:f4:55:4e:6e:
17:45:8f:a6:8a:bd:5a:ce:33:5e:a5:bb:38:1f:b8:
66:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:75:70:B5:0C:53:0A:16:59:B4:EB:6B:18:F0:31:33:CA:F4:37:FB
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e34322e39392e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.42.99.0/24
Signature Algorithm: sha256WithRSAEncryption
71:f5:9f:96:e5:af:b1:06:5c:5e:ef:e7:ba:24:c7:d6:45:d3:
fb:1a:5e:b8:dc:6f:d1:09:59:5c:04:b5:e2:ae:ea:c0:da:6c:
08:57:8b:5d:88:dc:65:22:c3:e3:93:48:2a:03:64:7d:02:61:
57:8c:a5:db:e9:c2:55:08:f8:42:6c:4c:01:58:d6:ea:15:21:
69:00:b0:26:f8:a4:95:22:72:97:1a:79:f7:d6:b5:5b:3b:96:
db:3a:76:57:b0:f1:52:40:a6:1c:0d:5b:57:00:e8:a1:51:8f:
4b:cb:cc:a4:c2:08:e2:35:d6:d4:d2:7b:7b:1d:06:4f:35:17:
c0:c3:ed:f5:82:ad:92:c6:aa:4d:66:cd:a4:73:58:53:75:f9:
6e:28:61:25:46:b4:27:fe:37:d4:df:cf:8d:b9:f7:48:2c:65:
ca:a6:4c:0e:2b:81:ad:1d:64:4f:ae:d9:48:d1:b4:2f:f1:37:
ca:bf:fd:01:a7:2b:fe:2f:49:eb:d0:fc:42:f6:ae:51:d9:e9:
e1:d8:a1:17:a8:76:d8:a9:9f:15:64:09:90:2c:2c:32:62:98:
18:98:a2:db:51:cb:81:16:7e:2c:e4:9b:9b:99:f0:af:cc:79:
53:45:5b:7d:5a:d5:4b:41:36:e0:d3:7e:73:72:00:0a:77:ae:
42:f1:56:7e
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUSk0+RtW+xRmTLMsxNoJeRHzhiOMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjA2MDEyMjE5NDhaFw0yNzA1MzEyMjI0NDhaMDMxMTAvBgNV
BAMTKDlGNzU3MEI1MEM1MzBBMTY1OUI0RUI2QjE4RjAzMTMzQ0FGNDM3RkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdgF81Ki95PjCTTJyGXrbAgL3L
hBPh1GDvTMWR7ryXXGuH4XupNfcr6XBmADoYVGUj8x65yhDVy+YJatkngw+gjN7s
lNWyMTFEni06Y710dlQfufkQ2NUOHIS7p9TBg3WYYb9up7ZQRH7JTc4iXDLpJoLn
jyBs9+EPN9Vz/EoMtgysQsbGdkiRZfmZ7GOgTZAUnTH/tZoWBDU54IdXhwYGR1D8
y8S7SbHf3EftEx5Fv1YUoIKdFBseprNHyEn70rMYp2+ozI+FJOjGmmlzLYZA3/hC
4kmqrDqOShfGPAAUG2Kf3lohJcelB3eG9FVObhdFj6aKvVrOM16luzgfuGYRAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUn3VwtQxTChZZtOtrGPAxM8r0N/swHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzMyZTM0MzIy
ZTM5MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADBKmMwDQYJKoZIhvcNAQELBQADggEBAHH1n5blr7EGXF7v57okx9ZF0/sa
Xrjcb9EJWVwEteKu6sDabAhXi12I3GUiw+OTSCoDZH0CYVeMpdvpwlUI+EJsTAFY
1uoVIWkAsCb4pJUicpcaeffWtVs7lts6dlew8VJAphwNW1cA6KFRj0vLzKTCCOI1
1tTSe3sdBk81F8DD7fWCrZLGqk1mzaRzWFN1+W4oYSVGtCf+N9Tfz42590gsZcqm
TA4rga0dZE+u2UjRtC/xN8q//QGnK/4vSevQ/EL2rlHZ6eHYoReodtipnxVkCZAs
LDJimBiYottRy4EWfizkm5uZ8K/MeVNFW31a1UtBNuDTfnNyAAp3rkLxVn4=
-----END CERTIFICATE-----
Generated at Sat Jun 13 19:33:51 2026 by rpki-client