Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e3136392e3132322e302f32342d3234203d3e20323037333539.roa
File: 33312e3136392e3132322e302f32342d3234203d3e20323037333539.roa (raw, json)
Hash identifier: TMc1u+t9MRFcAqLGYhM2tVgGf65LQVquAtnumD6jwxA=
Subject key identifier: 02:D2:38:B0:2B:8C:26:5A:C6:04:D2:C7:7F:39:C8:FE:D1:8A:4D:07
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 0C7815B16FFE45BDA01A05E3ACD1D3ED7428160E
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e3136392e3132322e302f32342d3234203d3e20323037333539.roa
Signing time: Fri 05 Jun 2026 15:14:34 +0000
ROA not before: Fri 05 Jun 2026 15:09:34 +0000
ROA not after: Fri 04 Jun 2027 15:14:34 +0000
asID: 207359
IP address blocks: 31.169.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 22:57:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:78:15:b1:6f:fe:45:bd:a0:1a:05:e3:ac:d1:d3:ed:74:28:16:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 5 15:09:34 2026 GMT
Not After : Jun 4 15:14:34 2027 GMT
Subject: CN=02D238B02B8C265AC604D2C77F39C8FED18A4D07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f1:4e:cf:ab:6c:03:38:d5:0d:9d:f4:6f:56:
a5:0c:f7:70:af:5f:42:f0:49:fc:61:1b:2c:07:da:
29:fa:69:5c:37:42:cc:78:cc:09:7a:d8:3b:e4:e5:
6d:27:23:a1:70:f4:61:92:6f:2c:1a:8e:6e:92:83:
0b:fc:eb:df:61:45:59:87:b3:40:3f:7c:d2:5f:a8:
cb:2d:c4:35:bc:b0:99:4d:10:66:e9:1e:49:7e:c9:
a5:b2:a8:15:f9:d3:03:2a:0e:7a:6f:4e:c0:4b:ed:
82:d7:57:9b:62:71:43:e3:40:a4:c6:4c:ac:4b:b0:
41:61:42:c8:13:93:d8:f3:4c:b3:39:65:a9:3d:91:
ae:41:e1:5a:78:ac:53:79:cf:fb:7d:cd:5b:12:10:
8f:6e:75:ed:1c:8e:43:e7:4b:ba:a1:12:bf:5a:e1:
17:b8:2a:22:4b:b5:df:13:9a:3e:3d:c7:bf:a3:a6:
df:d9:84:1b:c5:88:36:7c:fc:c4:4c:7d:b6:16:8d:
1a:17:80:c3:a7:cc:49:8d:11:2f:a3:a4:be:69:15:
76:2e:a2:d1:35:2a:b5:de:91:c5:fc:fc:ad:6b:52:
a1:7e:f3:49:fa:c9:5c:11:b3:7f:4a:e1:8b:a6:d6:
1f:e2:8c:07:85:6c:ec:64:a3:33:66:d5:31:d3:3f:
d8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:D2:38:B0:2B:8C:26:5A:C6:04:D2:C7:7F:39:C8:FE:D1:8A:4D:07
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e3136392e3132322e302f32342d3234203d3e20323037333539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.122.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:03:b9:e1:a1:0a:48:96:8a:c8:f6:5d:50:e3:8b:b7:43:5b:
31:87:5b:69:20:9e:f5:af:ed:08:6e:68:40:63:d8:2f:e5:39:
6f:c3:f4:39:9b:17:de:06:db:6e:97:1d:aa:6f:5b:54:6b:1c:
3d:f7:09:0e:49:b1:47:e1:8d:07:5c:3c:f1:87:5d:e6:8b:2b:
03:92:cd:9b:88:1d:ad:29:76:c9:80:eb:a9:d6:b8:1d:23:96:
a5:1d:a8:4b:9b:47:bc:23:d4:b0:b4:dd:0d:04:12:7b:e5:9c:
07:97:30:b8:73:bf:49:80:d4:51:cd:d9:d7:ff:09:13:ea:5e:
b7:4f:cd:fd:58:93:e1:f1:78:4a:0d:d2:8d:86:0b:9f:ed:8e:
e5:a8:61:ed:88:db:f5:75:cd:89:76:5b:d6:ef:d3:2c:63:64:
9c:83:b7:d7:0d:73:4b:e1:c8:01:28:48:6c:cf:06:72:f7:8a:
83:ab:5f:fc:18:c9:91:d9:84:1f:50:1c:e4:48:bf:62:ac:00:
66:fe:d7:f9:2c:fc:d9:bf:62:43:82:2c:7f:d2:55:77:fc:2a:
e0:95:db:db:f2:39:30:48:1e:1b:34:54:cb:3f:c8:f5:aa:e1:
20:2d:4e:0a:ad:38:ff:9d:bf:49:3b:38:38:24:13:4d:a3:3c:
07:f9:c0:68
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUDHgVsW/+Rb2gGgXjrNHT7XQoFg4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjA2MDUxNTA5MzRaFw0yNzA2MDQxNTE0MzRaMDMxMTAvBgNV
BAMTKDAyRDIzOEIwMkI4QzI2NUFDNjA0RDJDNzdGMzlDOEZFRDE4QTREMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF8U7Pq2wDONUNnfRvVqUM93Cv
X0LwSfxhGywH2in6aVw3Qsx4zAl62Dvk5W0nI6Fw9GGSbywajm6Sgwv8699hRVmH
s0A/fNJfqMstxDW8sJlNEGbpHkl+yaWyqBX50wMqDnpvTsBL7YLXV5ticUPjQKTG
TKxLsEFhQsgTk9jzTLM5Zak9ka5B4Vp4rFN5z/t9zVsSEI9ude0cjkPnS7qhEr9a
4Re4KiJLtd8Tmj49x7+jpt/ZhBvFiDZ8/MRMfbYWjRoXgMOnzEmNES+jpL5pFXYu
otE1KrXekcX8/K1rUqF+80n6yVwRs39K4Yum1h/ijAeFbOxkozNm1THTP9hrAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUAtI4sCuMJlrGBNLHfznI/tGKTQcwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMzMxMmUzMTM2Mzky
ZTMxMzIzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNzMzMzUzOS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAB+pejANBgkqhkiG9w0BAQsFAAOCAQEAuwO54aEKSJaKyPZdUOOLt0Nb
MYdbaSCe9a/tCG5oQGPYL+U5b8P0OZsX3gbbbpcdqm9bVGscPfcJDkmxR+GNB1w8
8Ydd5osrA5LNm4gdrSl2yYDrqda4HSOWpR2oS5tHvCPUsLTdDQQSe+WcB5cwuHO/
SYDUUc3Z1/8JE+pet0/N/ViT4fF4Sg3SjYYLn+2O5ahh7Yjb9XXNiXZb1u/TLGNk
nIO31w1zS+HIAShIbM8GcveKg6tf/BjJkdmEH1Ac5Ei/YqwAZv7X+Sz82b9iQ4Is
f9JVd/wq4JXb2/I5MEgeGzRUyz/I9arhIC1OCq04/52/STs4OCQTTaM8B/nAaA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:06:59 2026 by rpki-client