Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3131302e38372e302f32342d3234203d3e20323033333830.roa
File: 3139342e3131302e38372e302f32342d3234203d3e20323033333830.roa (raw, json)
Hash identifier: D+Y4rLBeufOlzEvs8qhfyCgqjDkRs2n+0WqfSGoOTUE=
Subject key identifier: 88:F1:BF:0F:9B:6B:B6:B5:41:67:08:BB:50:2A:46:7B:EA:82:21:C8
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 6D8605A27478CAC8B57949EDB13AECDEE1CDA55F
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3131302e38372e302f32342d3234203d3e20323033333830.roa
Signing time: Sat 06 Jun 2026 13:32:56 +0000
ROA not before: Sat 06 Jun 2026 13:27:56 +0000
ROA not after: Sat 05 Jun 2027 13:32:56 +0000
asID: 203380
IP address blocks: 194.110.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 22:57:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:86:05:a2:74:78:ca:c8:b5:79:49:ed:b1:3a:ec:de:e1:cd:a5:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 6 13:27:56 2026 GMT
Not After : Jun 5 13:32:56 2027 GMT
Subject: CN=88F1BF0F9B6BB6B5416708BB502A467BEA8221C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:7b:a6:c8:02:e3:88:83:32:8b:76:e6:a1:35:
18:5c:03:45:11:14:67:ed:f0:06:a0:c0:de:9a:d2:
03:66:25:e1:99:31:bb:4d:b0:dc:40:f2:a3:c4:64:
a4:f5:01:8f:75:1a:bc:3a:03:42:8c:32:b2:ef:ca:
a9:33:40:5a:08:a7:70:24:c6:8c:13:01:72:de:db:
e4:03:e9:c2:3e:bb:6a:5c:db:63:72:a4:43:2f:00:
ec:fc:2f:c1:b2:ce:ad:2f:5d:35:13:f1:84:a3:8b:
bc:99:b2:18:90:cd:68:bc:ce:87:65:c4:79:03:b0:
a5:7d:8a:64:67:f9:1c:80:f5:14:6d:a6:6e:c5:3e:
6b:28:5f:98:bd:c6:f5:bf:d5:ae:5a:4f:fa:d7:f9:
d8:52:69:1a:ea:42:ce:0f:a8:b8:cf:15:af:db:94:
b3:7d:01:fd:23:55:eb:6a:40:6d:73:87:a1:3c:ee:
41:6d:19:14:f6:b3:9a:0c:c8:38:39:35:6b:80:1c:
2d:49:1a:9c:34:5f:f8:71:5c:83:e7:11:27:b3:03:
6c:89:57:ab:74:a7:f5:f9:b1:c8:e4:aa:6a:84:d0:
58:77:34:e8:df:a7:5e:8e:27:2b:4c:54:b8:c9:de:
96:ab:ef:89:fb:cf:62:db:c8:52:5f:59:01:a5:6f:
6d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F1:BF:0F:9B:6B:B6:B5:41:67:08:BB:50:2A:46:7B:EA:82:21:C8
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3131302e38372e302f32342d3234203d3e20323033333830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.87.0/24
Signature Algorithm: sha256WithRSAEncryption
65:f2:ec:75:ec:4b:ac:79:02:01:b2:8e:c1:f7:f7:d4:8a:eb:
98:a1:dc:1e:f7:85:ed:0d:5e:41:31:52:ac:6a:2f:68:32:83:
14:11:de:c1:1a:d8:08:8b:24:bb:e6:4b:97:cc:9e:32:ac:87:
84:3c:2b:90:8b:71:6d:99:d8:5c:75:89:59:02:1a:d8:d8:2a:
05:23:9b:47:2b:a3:3a:61:38:24:53:32:15:99:f1:8b:59:12:
2b:47:c0:d5:6b:7d:20:5c:89:f0:1d:13:00:54:3a:16:dc:67:
14:40:5f:54:01:0f:9f:3b:5f:b9:da:4f:8f:16:76:25:be:12:
af:34:39:3a:cc:bf:7a:9c:8c:e7:24:d3:a3:c5:dc:17:db:bc:
4b:4e:0a:4d:a8:09:c0:c9:83:2d:47:a4:65:7e:a7:4e:d4:63:
92:8b:cc:27:b5:7b:c7:8b:a7:02:35:f5:88:f8:94:17:66:ef:
60:6b:96:e8:fb:ea:f7:d1:26:22:0f:8b:a0:84:c2:9b:62:33:
82:68:14:1c:7c:85:6e:5d:2e:ab:70:b4:07:7d:10:b1:47:5a:
60:a2:de:3d:af:00:81:c0:c2:4e:6e:24:2d:ae:ec:20:6d:f0:
a6:3c:b4:6f:a3:cf:ff:cf:3a:f1:57:bb:34:ac:2e:14:ec:bb:
18:aa:1c:76
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUbYYFonR4ysi1eUntsTrs3uHNpV8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjA2MDYxMzI3NTZaFw0yNzA2MDUxMzMyNTZaMDMxMTAvBgNV
BAMTKDg4RjFCRjBGOUI2QkI2QjU0MTY3MDhCQjUwMkE0NjdCRUE4MjIxQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZe6bIAuOIgzKLduahNRhcA0UR
FGft8AagwN6a0gNmJeGZMbtNsNxA8qPEZKT1AY91Grw6A0KMMrLvyqkzQFoIp3Ak
xowTAXLe2+QD6cI+u2pc22NypEMvAOz8L8Gyzq0vXTUT8YSji7yZshiQzWi8zodl
xHkDsKV9imRn+RyA9RRtpm7FPmsoX5i9xvW/1a5aT/rX+dhSaRrqQs4PqLjPFa/b
lLN9Af0jVetqQG1zh6E87kFtGRT2s5oMyDg5NWuAHC1JGpw0X/hxXIPnESezA2yJ
V6t0p/X5scjkqmqE0Fh3NOjfp16OJytMVLjJ3par74n7z2LbyFJfWQGlb23TAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUiPG/D5trtrVBZwi7UCpGe+qCIcgwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTMxMzEz
MDJlMzgzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMzMzMzgzMC5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMJuVzANBgkqhkiG9w0BAQsFAAOCAQEAZfLsdexLrHkCAbKOwff31Irr
mKHcHveF7Q1eQTFSrGovaDKDFBHewRrYCIsku+ZLl8yeMqyHhDwrkItxbZnYXHWJ
WQIa2NgqBSObRyujOmE4JFMyFZnxi1kSK0fA1Wt9IFyJ8B0TAFQ6FtxnFEBfVAEP
nztfudpPjxZ2Jb4SrzQ5Osy/epyM5yTTo8XcF9u8S04KTagJwMmDLUekZX6nTtRj
kovMJ7V7x4unAjX1iPiUF2bvYGuW6Pvq99EmIg+LoITCm2IzgmgUHHyFbl0uq3C0
B30QsUdaYKLePa8AgcDCTm4kLa7sIG3wpjy0b6PP/8868Ve7NKwuFOy7GKocdg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:53:45 2026 by rpki-client