Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/37372e3234332e38362e302f32342d3234203d3e20323132323338.roa
File: 37372e3234332e38362e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: V9OWLxcV1lWuIlu3g6wUKc/FyuU6EEOWzodLVYDrAI0=
Subject key identifier: 9F:56:3C:4D:1F:D3:96:D0:C2:D6:73:DC:9D:9E:0A:24:9B:48:10:06
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 7FBE6FB153EFC565E89D9205FDDCBFBDB5AA8270
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/37372e3234332e38362e302f32342d3234203d3e20323132323338.roa
Signing time: Fri 29 May 2026 12:24:42 +0000
ROA not before: Fri 29 May 2026 12:19:42 +0000
ROA not after: Fri 28 May 2027 12:24:42 +0000
asID: 212238
IP address blocks: 77.243.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 22:57:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:be:6f:b1:53:ef:c5:65:e8:9d:92:05:fd:dc:bf:bd:b5:aa:82:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: May 29 12:19:42 2026 GMT
Not After : May 28 12:24:42 2027 GMT
Subject: CN=9F563C4D1FD396D0C2D673DC9D9E0A249B481006
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:80:f6:da:c8:5a:b0:97:0a:dc:c3:fe:46:e2:
ce:46:0f:b4:16:2c:38:39:20:9b:57:3b:d8:a0:f0:
ac:db:7e:42:c5:af:48:93:5b:53:51:22:c3:ef:7d:
b0:66:d9:6e:cc:20:ee:0c:74:66:91:f7:36:73:83:
f0:34:2a:f7:8a:f2:d7:c4:b0:8a:32:33:6d:cc:4a:
46:bb:9a:0e:8f:33:70:c4:71:1d:a4:c8:73:15:b1:
ae:48:99:83:69:00:c4:9e:6a:90:f9:97:17:25:01:
f6:a6:8d:cb:d3:aa:0c:38:05:da:6a:ff:61:34:8a:
9e:bc:f5:e4:49:57:32:c6:f4:cf:c5:4e:d9:db:36:
60:0d:4d:d6:f7:93:b7:69:76:fc:64:3f:7e:d1:b0:
24:58:26:d6:4d:d7:c0:32:35:48:79:50:57:30:f4:
a4:63:67:0b:d1:63:6a:c6:ea:6e:cc:02:41:e0:89:
46:81:fe:08:67:ec:46:34:c8:04:1d:76:e0:ea:6e:
e0:91:16:c2:49:0b:20:1d:7f:ea:23:d2:9c:cf:43:
5d:8c:0b:fb:63:6a:fa:08:92:f9:11:bb:86:a8:1a:
75:b7:9a:fb:de:a3:f7:0c:9f:8c:4a:da:08:0e:55:
75:f1:05:5e:ca:17:cd:26:2c:35:6b:2a:50:1e:4e:
96:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:56:3C:4D:1F:D3:96:D0:C2:D6:73:DC:9D:9E:0A:24:9B:48:10:06
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/37372e3234332e38362e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.243.86.0/24
Signature Algorithm: sha256WithRSAEncryption
20:13:ee:50:6e:3e:97:c0:1a:7b:b6:76:88:88:f9:21:42:e6:
91:92:67:ec:12:a4:82:1e:64:eb:62:26:e3:67:23:bc:e9:fe:
f9:17:e0:19:c1:18:84:eb:a1:ac:71:ac:4c:74:6c:28:39:d2:
e5:4c:88:77:be:21:f6:0b:1c:95:b9:b3:cf:8c:33:a5:77:2c:
eb:59:7c:6b:50:d9:c0:54:8d:af:a4:43:ae:5f:9c:41:b6:e0:
8f:88:ff:5d:a6:81:82:02:d4:13:16:e4:ef:9c:4a:8b:d4:9a:
06:02:e4:e9:9a:01:51:e4:7f:57:36:c0:08:42:ec:ee:a1:5a:
b8:ee:8a:ce:67:62:b8:3a:74:d6:86:7a:1f:9b:6b:7f:7f:d1:
2f:28:6f:ec:d5:11:b3:a4:58:02:60:99:3e:0a:39:15:bc:9f:
c9:72:5d:e1:ee:9e:a6:86:fc:1d:35:53:b6:98:40:8f:1d:ee:
3a:3a:41:bc:5d:5b:b8:d9:c8:d5:64:4c:e6:88:68:a4:c1:97:
0d:85:49:c5:e9:0e:77:46:1d:32:36:03:12:92:2a:87:39:66:
08:7c:9d:86:3a:58:a3:9e:a7:fc:15:c6:e1:d9:fd:64:1b:24:
c0:85:ba:24:db:4a:df:27:93:c9:d1:cb:fd:e8:57:94:e6:51:
53:32:e9:fb
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUf75vsVPvxWXonZIF/dy/vbWqgnAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjA1MjkxMjE5NDJaFw0yNzA1MjgxMjI0NDJaMDMxMTAvBgNV
BAMTKDlGNTYzQzREMUZEMzk2RDBDMkQ2NzNEQzlEOUUwQTI0OUI0ODEwMDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3gPbayFqwlwrcw/5G4s5GD7QW
LDg5IJtXO9ig8KzbfkLFr0iTW1NRIsPvfbBm2W7MIO4MdGaR9zZzg/A0KveK8tfE
sIoyM23MSka7mg6PM3DEcR2kyHMVsa5ImYNpAMSeapD5lxclAfamjcvTqgw4Bdpq
/2E0ip689eRJVzLG9M/FTtnbNmANTdb3k7dpdvxkP37RsCRYJtZN18AyNUh5UFcw
9KRjZwvRY2rG6m7MAkHgiUaB/ghn7EY0yAQdduDqbuCRFsJJCyAdf+oj0pzPQ12M
C/tjavoIkvkRu4aoGnW3mvveo/cMn4xK2ggOVXXxBV7KF80mLDVrKlAeTpabAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUn1Y8TR/TltDC1nPcnZ4KJJtIEAYwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNzM3MmUzMjM0MzMy
ZTM4MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABN81YwDQYJKoZIhvcNAQELBQADggEBACAT7lBuPpfAGnu2doiI+SFC5pGS
Z+wSpIIeZOtiJuNnI7zp/vkX4BnBGITroaxxrEx0bCg50uVMiHe+IfYLHJW5s8+M
M6V3LOtZfGtQ2cBUja+kQ65fnEG24I+I/12mgYIC1BMW5O+cSovUmgYC5OmaAVHk
f1c2wAhC7O6hWrjuis5nYrg6dNaGeh+ba39/0S8ob+zVEbOkWAJgmT4KORW8n8ly
XeHunqaG/B01U7aYQI8d7jo6QbxdW7jZyNVkTOaIaKTBlw2FScXpDndGHTI2AxKS
Koc5Zgh8nYY6WKOep/wVxuHZ/WQbJMCFuiTbSt8nk8nRy/3oV5TmUVMy6fs=
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:13:06 2026 by rpki-client