Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3234322e34392e302f32342d3234203d3e20313336373837.roa
File: 3139342e3234322e34392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: E7WVOgRFuiY0DuqASmy4KTJR4a1WSedOZiOWPawJsWs=
Subject key identifier: C7:B2:4E:24:24:87:99:0A:25:B3:04:D2:B5:95:62:71:FA:B6:C0:8A
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 5D359FEE3C89FCF03E14E1FC319DC68F03EF94A7
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3234322e34392e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Mar 2026 18:23:32 +0000
ROA not before: Fri 27 Mar 2026 18:18:32 +0000
ROA not after: Fri 26 Mar 2027 18:23:32 +0000
asID: 136787
IP address blocks: 194.242.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:35:9f:ee:3c:89:fc:f0:3e:14:e1:fc:31:9d:c6:8f:03:ef:94:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Mar 27 18:18:32 2026 GMT
Not After : Mar 26 18:23:32 2027 GMT
Subject: CN=C7B24E242487990A25B304D2B5956271FAB6C08A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ff:ab:a4:b2:61:aa:50:e7:43:99:64:6b:ac:
86:96:bb:ab:8d:7a:49:90:e9:f0:9f:b4:30:2e:0b:
e6:cd:38:d7:20:95:c9:82:ce:f3:65:28:58:e3:66:
0b:7b:49:82:b6:9d:fd:03:26:d5:80:51:e5:65:a4:
a4:b8:6b:31:e1:0b:71:c5:69:bb:f8:32:b2:6a:8c:
a4:20:dd:85:be:ed:b2:44:69:a5:2e:1e:ed:a8:04:
ad:04:54:3d:74:8d:5b:f3:2e:46:22:c0:80:a0:d9:
92:38:7c:3c:65:a4:73:2b:2c:c4:6c:0b:fe:79:ea:
82:f8:f4:c9:46:55:8f:b6:68:38:0a:a7:94:db:9b:
ca:28:48:4a:fb:cc:1a:ba:b2:98:46:43:33:17:96:
ef:ef:e0:e6:3e:49:8f:3f:b0:2d:9a:dd:00:ae:cb:
c0:57:fc:8e:6a:27:71:4b:18:c7:63:26:69:95:4d:
e0:7c:15:b4:af:9a:30:12:12:2a:e5:a3:9d:1d:b3:
d9:15:f9:f0:ee:63:51:01:30:bd:7a:1f:bc:7e:7d:
22:be:14:ba:1f:45:66:89:00:33:c3:2f:ca:f2:68:
b3:42:6a:cc:51:37:e3:b5:a3:59:1d:71:21:37:27:
58:08:66:88:ae:6e:42:d3:b8:bf:73:4d:6e:a0:9e:
b0:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:B2:4E:24:24:87:99:0A:25:B3:04:D2:B5:95:62:71:FA:B6:C0:8A
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3234322e34392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.242.49.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:da:d8:c7:e7:7d:66:9c:ea:8c:40:30:93:fb:ad:f7:4f:f6:
5b:fe:84:52:64:98:4d:b8:cb:a5:05:a4:4c:e5:b0:45:78:e3:
5d:7a:dc:5a:82:0a:f3:90:66:d9:20:13:51:c0:8d:89:36:92:
9e:3c:fe:3f:ca:3c:b5:48:3c:c8:44:30:82:ef:91:22:92:a4:
30:7e:cc:8b:bb:5c:bb:b9:5a:f0:87:14:32:7d:ec:a7:10:8b:
43:1c:b1:ed:ff:95:9a:c8:2d:34:a2:0c:db:c2:a9:40:07:26:
5b:ac:0d:7d:e3:0b:c6:0d:d0:22:25:4a:5c:f1:8f:f8:e1:99:
17:86:88:b4:60:d8:90:04:ce:23:ac:c7:9b:bf:e1:a1:8e:dd:
0d:b7:5e:3e:cb:a3:df:95:9e:8c:51:a7:89:66:a5:8a:8d:44:
35:6f:be:79:d1:0a:40:2d:64:0c:f1:2d:3d:e2:28:69:a1:fe:
f6:2c:29:c0:8d:b1:22:2b:f5:42:6b:53:30:bf:3c:c9:01:ca:
33:f8:25:85:b8:61:49:31:5e:6c:89:50:f9:3e:68:22:8c:be:
0f:3c:26:49:77:0b:6b:2d:f7:14:c6:20:bc:46:77:5b:67:26:
79:0a:3c:0f:3f:59:eb:64:fe:64:bd:2f:b3:4c:a9:86:8b:cb:
0b:12:b9:d9
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUXTWf7jyJ/PA+FOH8MZ3GjwPvlKcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjAzMjcxODE4MzJaFw0yNzAzMjYxODIzMzJaMDMxMTAvBgNV
BAMTKEM3QjI0RTI0MjQ4Nzk5MEEyNUIzMDREMkI1OTU2MjcxRkFCNkMwOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb/6uksmGqUOdDmWRrrIaWu6uN
ekmQ6fCftDAuC+bNONcglcmCzvNlKFjjZgt7SYK2nf0DJtWAUeVlpKS4azHhC3HF
abv4MrJqjKQg3YW+7bJEaaUuHu2oBK0EVD10jVvzLkYiwICg2ZI4fDxlpHMrLMRs
C/556oL49MlGVY+2aDgKp5Tbm8ooSEr7zBq6sphGQzMXlu/v4OY+SY8/sC2a3QCu
y8BX/I5qJ3FLGMdjJmmVTeB8FbSvmjASEirlo50ds9kV+fDuY1EBML16H7x+fSK+
FLofRWaJADPDL8ryaLNCasxRN+O1o1kdcSE3J1gIZoiubkLTuL9zTW6gnrAPAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUx7JOJCSHmQolswTStZVicfq2wIowHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTMyMzQz
MjJlMzQzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMLyMTANBgkqhkiG9w0BAQsFAAOCAQEAi9rYx+d9ZpzqjEAwk/ut90/2
W/6EUmSYTbjLpQWkTOWwRXjjXXrcWoIK85Bm2SATUcCNiTaSnjz+P8o8tUg8yEQw
gu+RIpKkMH7Mi7tcu7la8IcUMn3spxCLQxyx7f+VmsgtNKIM28KpQAcmW6wNfeML
xg3QIiVKXPGP+OGZF4aItGDYkATOI6zHm7/hoY7dDbdePsuj35WejFGniWalio1E
NW++edEKQC1kDPEtPeIoaaH+9iwpwI2xIiv1QmtTML88yQHKM/glhbhhSTFebIlQ
+T5oIoy+DzwmSXcLay33FMYgvEZ3W2cmeQo8Dz9Z62T+ZL0vs0yphovLCxK52Q==
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:24:07 2026 by rpki-client