Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3134372e35362e302f32342d3234203d3e203436353539.roa
File: 3139342e3134372e35362e302f32342d3234203d3e203436353539.roa (raw, json)
Hash identifier: Ic02+QCZUoUmjgO95Yo6prf/RYE9kKuqREDAUIQozBg=
Subject key identifier: 41:61:28:D4:77:5C:D4:A4:A5:1E:BE:42:7B:B8:1F:5D:BA:66:B7:37
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 7C390530144B66A225E3E1A6F8C661ECBDCB074B
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3134372e35362e302f32342d3234203d3e203436353539.roa
Signing time: Sun 01 Feb 2026 12:43:35 +0000
ROA not before: Sun 01 Feb 2026 12:38:35 +0000
ROA not after: Sun 31 Jan 2027 12:43:35 +0000
asID: 46559
IP address blocks: 194.147.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 20:19:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:39:05:30:14:4b:66:a2:25:e3:e1:a6:f8:c6:61:ec:bd:cb:07:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Feb 1 12:38:35 2026 GMT
Not After : Jan 31 12:43:35 2027 GMT
Subject: CN=416128D4775CD4A4A51EBE427BB81F5DBA66B737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:06:65:9e:9d:5d:d0:88:95:40:90:76:b7:1c:
5a:ce:02:8b:2a:1c:f4:aa:6b:20:4f:22:f5:09:c9:
1a:93:69:64:46:74:5a:cb:e6:5c:25:1a:78:92:61:
2c:bf:2e:33:2d:74:06:3f:28:6b:a6:54:f1:90:8c:
eb:42:0a:57:bd:e6:2e:7b:4b:61:0c:11:e0:3e:4e:
5a:91:c7:c6:98:f4:4f:f9:d9:df:6c:d3:73:c9:c9:
76:1b:c1:14:37:f7:59:d2:92:b6:df:b8:c0:ba:5a:
f7:83:8b:c9:8d:b1:0d:4c:52:79:d5:ed:71:70:bb:
b3:99:98:ce:cf:43:e0:f6:15:57:f7:8a:5e:2a:fb:
0e:08:86:f1:f0:6c:85:80:f9:f5:39:6a:d9:34:b1:
52:06:2f:81:ab:7d:36:b1:b3:3b:51:85:2d:48:17:
65:33:5d:a5:f0:92:ca:a6:c4:9f:66:5e:07:ec:7e:
63:b8:6a:12:8f:f9:c2:7e:dd:7b:b9:8f:b8:4e:88:
28:f2:83:ec:6e:c5:f2:8c:b2:09:3f:f7:43:68:ac:
87:f2:ce:4d:63:37:69:74:75:56:23:99:4d:2f:d1:
b0:e2:e2:cb:36:52:6c:d7:ca:c3:db:60:04:29:2e:
6d:7c:bb:d0:fd:26:b4:bb:0b:c4:e5:86:e7:47:22:
56:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:61:28:D4:77:5C:D4:A4:A5:1E:BE:42:7B:B8:1F:5D:BA:66:B7:37
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3134372e35362e302f32342d3234203d3e203436353539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.56.0/24
Signature Algorithm: sha256WithRSAEncryption
37:bd:69:4c:54:86:e8:a3:a3:41:04:32:98:45:dc:2f:d1:54:
66:bc:d1:00:77:bc:d3:6b:4c:64:d5:82:2e:14:93:a3:33:8c:
90:3c:a7:54:aa:fa:3a:06:57:1f:ea:47:71:26:17:4d:e5:53:
4a:a3:e2:b6:7a:7a:98:55:94:4d:fa:20:e6:35:ca:83:11:28:
19:a9:b0:21:a8:e2:02:cb:c8:4b:de:40:9c:39:bb:f1:95:31:
b5:9a:05:53:a9:7d:9e:f8:3a:5a:29:56:c2:07:99:ff:c8:28:
26:e8:e5:20:c1:a9:ed:7d:34:fd:ed:32:90:19:40:a2:6f:6e:
c5:b8:09:9e:a1:58:42:d7:1c:fd:92:23:f6:9b:71:f5:17:91:
18:85:32:5f:09:5c:87:f8:21:00:23:c9:e1:4c:8e:ba:4e:4d:
d0:42:54:a3:00:a3:57:43:75:4f:bb:42:b4:45:cc:bf:cc:8c:
43:3e:26:ec:d2:91:f2:ba:fe:54:a8:dd:a2:f7:40:ea:d8:70:
cb:28:d5:92:fc:e3:1f:02:19:84:de:a7:16:b5:5e:18:a9:90:
d8:b8:1a:6f:c7:98:49:09:32:55:68:b4:28:cd:e0:91:e2:9f:
7f:b5:39:cd:0a:30:d2:ae:4a:60:b7:b6:7e:1b:aa:39:4b:ac:
2c:5b:68:44
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUfDkFMBRLZqIl4+Gm+MZh7L3LB0swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjAyMDExMjM4MzVaFw0yNzAxMzExMjQzMzVaMDMxMTAvBgNV
BAMTKDQxNjEyOEQ0Nzc1Q0Q0QTRBNTFFQkU0MjdCQjgxRjVEQkE2NkI3MzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1BmWenV3QiJVAkHa3HFrOAosq
HPSqayBPIvUJyRqTaWRGdFrL5lwlGniSYSy/LjMtdAY/KGumVPGQjOtCCle95i57
S2EMEeA+TlqRx8aY9E/52d9s03PJyXYbwRQ391nSkrbfuMC6WveDi8mNsQ1MUnnV
7XFwu7OZmM7PQ+D2FVf3il4q+w4IhvHwbIWA+fU5atk0sVIGL4GrfTaxsztRhS1I
F2UzXaXwksqmxJ9mXgfsfmO4ahKP+cJ+3Xu5j7hOiCjyg+xuxfKMsgk/90NorIfy
zk1jN2l0dVYjmU0v0bDi4ss2UmzXysPbYAQpLm18u9D9JrS7C8TlhudHIlY/AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUQWEo1Hdc1KSlHr5Ce7gfXbpmtzcwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTMxMzQz
NzJlMzUzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzYzNTM1Mzkucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADCkzgwDQYJKoZIhvcNAQELBQADggEBADe9aUxUhuijo0EEMphF3C/RVGa8
0QB3vNNrTGTVgi4Uk6MzjJA8p1Sq+joGVx/qR3EmF03lU0qj4rZ6ephVlE36IOY1
yoMRKBmpsCGo4gLLyEveQJw5u/GVMbWaBVOpfZ74OlopVsIHmf/IKCbo5SDBqe19
NP3tMpAZQKJvbsW4CZ6hWELXHP2SI/abcfUXkRiFMl8JXIf4IQAjyeFMjrpOTdBC
VKMAo1dDdU+7QrRFzL/MjEM+JuzSkfK6/lSo3aL3QOrYcMso1ZL84x8CGYTepxa1
XhipkNi4Gm/HmEkJMlVotCjN4JHin3+1Oc0KMNKuSmC3tn4bqjlLrCxbaEQ=
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:57:11 2026 by rpki-client