Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38332e39372e3131332e302f32342d3234203d3e20323037333539.roa
File: 38332e39372e3131332e302f32342d3234203d3e20323037333539.roa (raw, json)
Hash identifier: Wu39Le1Msjbq2LtKz1gKzGLRaFalx9WdDs7kwUzRr1I=
Subject key identifier: 31:65:9E:98:F6:09:DB:AA:7C:E0:5C:15:0C:98:EF:A8:AE:40:04:0F
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 19A41C7E0726479D34281F78540AB94496FD98B7
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38332e39372e3131332e302f32342d3234203d3e20323037333539.roa
Signing time: Fri 05 Jun 2026 15:14:08 +0000
ROA not before: Fri 05 Jun 2026 15:09:08 +0000
ROA not after: Fri 04 Jun 2027 15:14:08 +0000
asID: 207359
IP address blocks: 83.97.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 22:57:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:a4:1c:7e:07:26:47:9d:34:28:1f:78:54:0a:b9:44:96:fd:98:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 5 15:09:08 2026 GMT
Not After : Jun 4 15:14:08 2027 GMT
Subject: CN=31659E98F609DBAA7CE05C150C98EFA8AE40040F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ff:5a:7b:ac:00:f3:25:59:75:f2:79:09:f4:
64:76:8c:05:45:ec:7b:bf:1a:4a:11:df:a7:ce:41:
90:2d:18:7a:03:34:5e:23:e2:e0:73:f8:a0:f8:f1:
1f:e3:e9:ea:7e:13:7a:bf:5a:16:4d:89:8d:d5:cb:
9f:c7:fb:e9:03:3d:8f:b7:4f:32:ef:72:fd:7a:c6:
f6:15:ec:30:33:0a:3f:35:b3:a1:9e:ed:2f:12:ee:
d0:b3:74:59:10:d5:11:bf:ac:96:c9:51:a6:ce:41:
24:e0:c2:4c:b0:55:92:3a:e2:b3:be:98:85:9c:9e:
86:b6:ea:4c:64:d8:78:15:cb:ae:92:15:0b:0b:ff:
42:3e:33:44:1e:a1:51:a5:60:eb:9e:b7:aa:c8:16:
9f:9b:8d:a3:88:24:17:32:13:cc:56:d2:1c:c6:60:
5e:33:5e:65:d1:be:3e:fd:20:97:84:df:1f:5a:66:
3d:d6:69:84:e8:c2:8f:57:99:a9:b4:90:da:c4:0f:
67:77:cf:5a:f1:0c:a4:c2:8b:bb:cb:9d:98:4e:ac:
b1:16:b3:79:e2:9f:5e:b9:c1:aa:bc:5f:ae:d8:89:
77:c1:18:7e:12:a2:04:ed:ed:8c:56:af:82:80:04:
b1:af:05:92:98:87:86:c9:a4:59:d2:8a:3d:7d:81:
0d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:65:9E:98:F6:09:DB:AA:7C:E0:5C:15:0C:98:EF:A8:AE:40:04:0F
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38332e39372e3131332e302f32342d3234203d3e20323037333539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.113.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:da:6f:7e:65:db:fb:30:2f:46:1a:b0:09:96:79:0a:7f:17:
3d:03:53:2c:6b:19:f8:62:68:db:53:e8:39:21:b2:41:f8:fd:
27:f1:99:0b:1c:87:fb:62:b0:bd:96:2c:3d:ff:26:c9:66:ee:
f4:4b:86:84:41:31:db:5d:2f:0e:36:0c:0d:80:1f:98:f3:1c:
8a:6f:dd:fd:cc:b1:6d:c6:de:ea:40:02:33:45:f7:db:b2:07:
a6:9a:8e:0f:ff:06:c7:50:63:91:c6:fd:7e:cf:65:14:fd:48:
f9:f8:ab:0e:6a:8d:ec:73:e8:9a:c0:09:d5:55:e1:ca:1c:24:
6b:7e:5b:ab:fc:ba:fd:39:16:6f:9a:74:1c:10:39:88:ab:36:
b5:70:5b:09:0d:a4:87:d9:d5:76:02:d6:fc:f1:aa:46:49:00:
f5:a4:45:32:ad:10:30:8c:b9:28:36:b0:c3:64:6d:4d:09:68:
47:77:f4:10:98:2a:66:44:04:93:92:23:b8:0f:5e:a1:54:7b:
10:40:ba:2f:c6:16:35:74:eb:7c:a8:35:ed:08:55:a0:94:ac:
c1:d4:d6:c4:1b:f4:a6:5f:96:fe:98:86:cd:f9:41:e5:6d:4e:
25:8a:6f:60:af:f7:f5:49:a3:2b:97:1a:d3:08:6d:1f:6a:29:
53:7e:b6:43
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUGaQcfgcmR500KB94VAq5RJb9mLcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjA2MDUxNTA5MDhaFw0yNzA2MDQxNTE0MDhaMDMxMTAvBgNV
BAMTKDMxNjU5RTk4RjYwOURCQUE3Q0UwNUMxNTBDOThFRkE4QUU0MDA0MEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl/1p7rADzJVl18nkJ9GR2jAVF
7Hu/GkoR36fOQZAtGHoDNF4j4uBz+KD48R/j6ep+E3q/WhZNiY3Vy5/H++kDPY+3
TzLvcv16xvYV7DAzCj81s6Ge7S8S7tCzdFkQ1RG/rJbJUabOQSTgwkywVZI64rO+
mIWcnoa26kxk2HgVy66SFQsL/0I+M0QeoVGlYOuet6rIFp+bjaOIJBcyE8xW0hzG
YF4zXmXRvj79IJeE3x9aZj3WaYTowo9Xmam0kNrED2d3z1rxDKTCi7vLnZhOrLEW
s3nin165waq8X67YiXfBGH4SogTt7YxWr4KABLGvBZKYh4bJpFnSij19gQ2hAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUMWWemPYJ26p84FwVDJjvqK5ABA8wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zODMzMmUzOTM3MmUz
MTMxMzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMzM1Mzkucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABTYXEwDQYJKoZIhvcNAQELBQADggEBAA7ab35l2/swL0YasAmWeQp/Fz0D
UyxrGfhiaNtT6DkhskH4/SfxmQsch/tisL2WLD3/Jslm7vRLhoRBMdtdLw42DA2A
H5jzHIpv3f3MsW3G3upAAjNF99uyB6aajg//BsdQY5HG/X7PZRT9SPn4qw5qjexz
6JrACdVV4cocJGt+W6v8uv05Fm+adBwQOYirNrVwWwkNpIfZ1XYC1vzxqkZJAPWk
RTKtEDCMuSg2sMNkbU0JaEd39BCYKmZEBJOSI7gPXqFUexBAui/GFjV063yoNe0I
VaCUrMHU1sQb9KZflv6Yhs35QeVtTiWKb2Cv9/VJoyuXGtMIbR9qKVN+tkM=
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:40:37 2026 by rpki-client