Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3234322e34382e302f32342d3234203d3e20313336373837.roa
File: 3139342e3234322e34382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: zEcieO08kuI4uSq/C6GpGqhdmcDef8KoJKJClV9z+uY=
Subject key identifier: EF:F5:E8:B8:A6:26:B2:FA:36:79:79:4D:7F:D5:BA:26:6E:09:4F:73
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 41324A1BBB65CEC70E9BADF3DA4EF6F6614B86C6
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3234322e34382e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Mar 2026 18:23:32 +0000
ROA not before: Fri 27 Mar 2026 18:18:32 +0000
ROA not after: Fri 26 Mar 2027 18:23:32 +0000
asID: 136787
IP address blocks: 194.242.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:32:4a:1b:bb:65:ce:c7:0e:9b:ad:f3:da:4e:f6:f6:61:4b:86:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Mar 27 18:18:32 2026 GMT
Not After : Mar 26 18:23:32 2027 GMT
Subject: CN=EFF5E8B8A626B2FA3679794D7FD5BA266E094F73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fe:2f:26:5f:a0:f7:93:fa:b6:95:e5:bb:37:
59:64:82:69:86:3f:9f:72:35:5a:f4:56:43:f5:8a:
55:6f:5b:67:9e:26:93:0e:08:c0:ca:cc:30:c4:c4:
ea:42:e9:d4:c9:c9:47:e5:35:5d:01:ef:73:2b:e6:
50:b9:59:47:e2:1a:78:d1:dd:6a:57:92:62:61:5f:
6d:3b:13:70:27:bb:ed:45:86:57:b6:3c:62:b1:4c:
79:56:58:28:7c:cc:9f:e1:7c:da:67:b0:45:7b:ee:
9e:5c:f0:7d:65:1b:40:4b:54:06:74:02:32:00:62:
9c:97:3b:2a:82:1f:b7:b3:13:20:c5:3d:65:f1:12:
32:8d:c8:10:44:58:90:9c:bc:2d:31:67:da:5a:d3:
17:f7:de:fa:ac:56:ae:75:46:e4:fd:8b:61:d7:a1:
ce:bb:46:68:02:e1:db:fd:59:07:bd:e1:80:39:60:
99:ac:16:6e:66:02:f0:ee:da:93:a7:ec:5c:79:39:
c6:06:77:ea:a7:b0:9d:fa:9b:2d:99:bb:2b:c3:fd:
5c:99:03:4d:51:a9:70:94:dd:12:7e:36:63:74:cb:
94:39:5e:4f:0e:a9:64:65:52:21:2a:70:9e:b6:99:
ff:dd:4b:ab:aa:fb:ce:ff:da:90:34:ae:75:34:03:
56:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:F5:E8:B8:A6:26:B2:FA:36:79:79:4D:7F:D5:BA:26:6E:09:4F:73
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3234322e34382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.242.48.0/24
Signature Algorithm: sha256WithRSAEncryption
e1:b2:4e:72:eb:2e:ae:9e:5e:44:b3:fa:e6:52:c9:77:50:42:
90:a5:b9:c4:08:43:54:40:03:94:76:c6:39:b8:73:45:ce:d2:
d8:69:91:86:79:d6:a2:d6:19:66:87:99:c0:c9:27:c0:4b:df:
ca:6b:55:2c:0f:7a:a0:c7:66:d7:c0:f0:19:78:64:c1:cd:1b:
09:e9:18:b4:73:fe:94:f4:65:96:18:ab:14:dc:d3:99:71:3c:
0c:b5:85:ea:fb:fa:fa:9d:25:49:2d:14:25:07:c3:e7:36:f9:
49:a7:7c:57:b1:af:96:31:37:dd:ec:3b:c5:64:ce:d7:a8:9f:
5c:63:25:23:74:b2:53:21:01:f6:1d:62:09:a2:cc:9c:3d:22:
5a:f3:66:07:2a:3a:fa:57:84:49:b0:fc:d8:98:f4:3d:2d:9e:
29:25:3e:49:85:11:35:01:94:bd:cc:ec:ec:ed:1d:d6:10:51:
42:d7:c5:66:4d:f4:36:a8:83:72:b2:c8:ca:62:b7:d1:1f:06:
8a:5b:a7:40:f7:fa:14:8c:b9:d6:bc:56:c8:62:c7:00:d3:05:
7c:64:54:ae:24:3c:88:00:aa:ed:65:23:b5:7a:2d:32:10:96:
32:23:34:9a:52:2f:e6:0c:bd:2f:af:c8:b9:7e:4c:31:c1:32:
d0:e6:38:0f
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUQTJKG7tlzscOm63z2k729mFLhsYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjAzMjcxODE4MzJaFw0yNzAzMjYxODIzMzJaMDMxMTAvBgNV
BAMTKEVGRjVFOEI4QTYyNkIyRkEzNjc5Nzk0RDdGRDVCQTI2NkUwOTRGNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy/i8mX6D3k/q2leW7N1lkgmmG
P59yNVr0VkP1ilVvW2eeJpMOCMDKzDDExOpC6dTJyUflNV0B73Mr5lC5WUfiGnjR
3WpXkmJhX207E3Anu+1Fhle2PGKxTHlWWCh8zJ/hfNpnsEV77p5c8H1lG0BLVAZ0
AjIAYpyXOyqCH7ezEyDFPWXxEjKNyBBEWJCcvC0xZ9pa0xf33vqsVq51RuT9i2HX
oc67RmgC4dv9WQe94YA5YJmsFm5mAvDu2pOn7Fx5OcYGd+qnsJ36my2ZuyvD/VyZ
A01RqXCU3RJ+NmN0y5Q5Xk8OqWRlUiEqcJ62mf/dS6uq+87/2pA0rnU0A1bJAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU7/XouKYmsvo2eXlNf9W6Jm4JT3MwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTMyMzQz
MjJlMzQzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMLyMDANBgkqhkiG9w0BAQsFAAOCAQEA4bJOcusurp5eRLP65lLJd1BC
kKW5xAhDVEADlHbGObhzRc7S2GmRhnnWotYZZoeZwMknwEvfymtVLA96oMdm18Dw
GXhkwc0bCekYtHP+lPRllhirFNzTmXE8DLWF6vv6+p0lSS0UJQfD5zb5Sad8V7Gv
ljE33ew7xWTO16ifXGMlI3SyUyEB9h1iCaLMnD0iWvNmByo6+leESbD82Jj0PS2e
KSU+SYURNQGUvczs7O0d1hBRQtfFZk30NqiDcrLIymK30R8GilunQPf6FIy51rxW
yGLHANMFfGRUriQ8iACq7WUjtXotMhCWMiM0mlIv5gy9L6/IuX5MMcEy0OY4Dw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:54:15 2026 by rpki-client