Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38332e3137312e3230302e302f32342d3234203d3e20323033333830.roa
File: 38332e3137312e3230302e302f32342d3234203d3e20323033333830.roa (raw, json)
Hash identifier: htm2P3Goxh77nroQc8ziFL2Ym0m59Wnuyvigr56sYek=
Subject key identifier: 56:A5:BD:FA:F2:AF:9F:21:C5:AF:4F:6F:A4:9E:D0:B6:FA:6C:32:64
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 5CEC2B7DAC54A8CBC5C2BA739F9A43B4872BFD2D
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38332e3137312e3230302e302f32342d3234203d3e20323033333830.roa
Signing time: Sat 06 Jun 2026 13:33:13 +0000
ROA not before: Sat 06 Jun 2026 13:28:13 +0000
ROA not after: Sat 05 Jun 2027 13:33:13 +0000
asID: 203380
IP address blocks: 83.171.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:ec:2b:7d:ac:54:a8:cb:c5:c2:ba:73:9f:9a:43:b4:87:2b:fd:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 6 13:28:13 2026 GMT
Not After : Jun 5 13:33:13 2027 GMT
Subject: CN=56A5BDFAF2AF9F21C5AF4F6FA49ED0B6FA6C3264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:01:bd:ad:7f:c2:9b:54:97:6a:84:a5:54:21:
9a:31:75:b9:e1:38:71:e1:f0:68:c8:19:f0:e7:07:
d6:1e:0e:be:5a:aa:6f:76:fe:3b:7c:4e:63:05:cb:
d7:bb:61:0f:a7:57:99:34:f9:21:5d:26:b5:b5:57:
e9:96:b4:cf:f2:78:fa:3d:12:89:d4:e1:97:05:e3:
e4:d1:a6:dc:cf:01:45:37:32:b0:bf:fb:09:a9:37:
fa:99:85:de:47:9b:5c:26:4f:36:1a:eb:e0:9b:f9:
90:31:d3:89:a9:f2:e2:27:aa:ca:50:6a:05:16:44:
c7:86:4c:09:fe:0d:51:72:c3:9c:ae:16:c8:f5:69:
5e:9d:2f:5c:45:f8:7d:5e:16:f3:97:32:1e:ac:e5:
91:96:e7:e3:28:6d:a2:c5:f2:a6:7a:65:08:08:12:
3c:f1:de:9e:c3:bb:67:59:7c:d4:54:e0:10:c8:2c:
81:96:69:8f:f3:cb:b0:be:a3:15:28:d0:4e:2a:70:
e0:c3:63:e0:f5:b9:12:1f:5e:f8:cb:94:13:18:89:
23:91:60:cd:c3:65:bb:2e:c4:32:e7:2e:35:a4:05:
38:58:93:56:d8:52:26:4f:fb:fe:ff:1f:7b:1b:5e:
67:bb:c3:dd:b5:34:62:14:bb:54:0d:3a:44:78:e8:
c5:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:A5:BD:FA:F2:AF:9F:21:C5:AF:4F:6F:A4:9E:D0:B6:FA:6C:32:64
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38332e3137312e3230302e302f32342d3234203d3e20323033333830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.200.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:b3:c3:4a:9c:c1:9a:e0:8e:af:5a:af:31:57:ab:56:0f:02:
09:c9:be:14:57:18:7f:bc:39:73:5b:a7:6b:c8:ee:48:7b:0f:
41:58:58:38:2f:45:e3:77:2b:6f:98:f9:85:cd:bf:72:af:8e:
05:57:1f:35:cc:16:e4:20:6c:4f:16:00:23:78:a4:74:b9:a8:
d1:57:70:67:6a:36:40:24:ef:c8:81:d4:17:7c:a7:34:e3:2d:
cb:5b:84:84:95:47:04:b6:b8:96:50:3a:60:c8:37:f8:55:6b:
44:21:2d:7b:99:45:cc:44:41:1d:63:c3:46:12:fd:b1:cf:a2:
35:93:54:01:26:86:d7:bb:17:3a:5d:05:6f:74:79:22:4b:5d:
a4:4f:d3:ff:07:d8:4a:d2:02:68:ab:73:0b:05:86:99:3e:d7:
9c:34:f2:9c:6b:3b:3b:28:a9:a0:f2:aa:14:c6:e0:ea:e8:6d:
51:c5:0c:54:a7:ba:e7:f9:a8:4e:bd:84:70:2e:cc:60:0f:bc:
82:be:5a:00:b0:34:b0:87:1c:4a:d4:bc:d7:3c:65:06:a0:81:
b1:c3:2d:12:f6:8a:98:e6:7d:35:e2:77:7e:0a:dd:1e:49:d1:
02:e9:ad:ac:8c:af:cf:2d:85:68:c7:f1:45:22:88:71:4c:fd:
94:4c:32:df
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUXOwrfaxUqMvFwrpzn5pDtIcr/S0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjA2MDYxMzI4MTNaFw0yNzA2MDUxMzMzMTNaMDMxMTAvBgNV
BAMTKDU2QTVCREZBRjJBRjlGMjFDNUFGNEY2RkE0OUVEMEI2RkE2QzMyNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQAb2tf8KbVJdqhKVUIZoxdbnh
OHHh8GjIGfDnB9YeDr5aqm92/jt8TmMFy9e7YQ+nV5k0+SFdJrW1V+mWtM/yePo9
EonU4ZcF4+TRptzPAUU3MrC/+wmpN/qZhd5Hm1wmTzYa6+Cb+ZAx04mp8uInqspQ
agUWRMeGTAn+DVFyw5yuFsj1aV6dL1xF+H1eFvOXMh6s5ZGW5+MobaLF8qZ6ZQgI
Ejzx3p7Du2dZfNRU4BDILIGWaY/zy7C+oxUo0E4qcODDY+D1uRIfXvjLlBMYiSOR
YM3DZbsuxDLnLjWkBThYk1bYUiZP+/7/H3sbXme7w921NGIUu1QNOkR46MXNAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUVqW9+vKvnyHFr09vpJ7QtvpsMmQwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zODMzMmUzMTM3MzEy
ZTMyMzAzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMzMzMzgzMC5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAFOryDANBgkqhkiG9w0BAQsFAAOCAQEA07PDSpzBmuCOr1qvMVerVg8C
Ccm+FFcYf7w5c1una8juSHsPQVhYOC9F43crb5j5hc2/cq+OBVcfNcwW5CBsTxYA
I3ikdLmo0VdwZ2o2QCTvyIHUF3ynNOMty1uEhJVHBLa4llA6YMg3+FVrRCEte5lF
zERBHWPDRhL9sc+iNZNUASaG17sXOl0Fb3R5IktdpE/T/wfYStICaKtzCwWGmT7X
nDTynGs7OyipoPKqFMbg6uhtUcUMVKe65/moTr2EcC7MYA+8gr5aALA0sIccStS8
1zxlBqCBscMtEvaKmOZ9NeJ3fgrdHknRAumtrIyvzy2FaMfxRSKIcUz9lEwy3w==
-----END CERTIFICATE-----
Generated at Sat Jun 13 15:41:41 2026 by rpki-client