Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/28f7ae6d-c53d-4574-9668-28479db83643/0/3137362e3130322e3137322e302f32322d3234203d3e2032393134.roa
File: 3137362e3130322e3137322e302f32322d3234203d3e2032393134.roa (raw, json)
Hash identifier: 88rKRKK1F0KKtxxPo7XhPiB6gcwX4XCx/ZfUmHitxZs=
Subject key identifier: 5A:CD:72:3C:D2:D8:76:AB:CB:64:45:A4:FA:07:41:9B:79:FC:07:CE
Certificate issuer: /CN=9944737a024fe1405d0b4cf6b53df38938d85b42
Certificate serial: 33A18CB0BBE79642F3F7792EFE847F1C65834383
Authority key identifier: 99:44:73:7A:02:4F:E1:40:5D:0B:4C:F6:B5:3D:F3:89:38:D8:5B:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mURzegJP4UBdC0z2tT3ziTjYW0I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/28f7ae6d-c53d-4574-9668-28479db83643/0/3137362e3130322e3137322e302f32322d3234203d3e2032393134.roa
Signing time: Thu 12 Mar 2026 08:09:39 +0000
ROA not before: Thu 12 Mar 2026 08:04:39 +0000
ROA not after: Thu 11 Mar 2027 08:09:39 +0000
asID: 2914
IP address blocks: 176.102.172.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/28f7ae6d-c53d-4574-9668-28479db83643/0/9944737A024FE1405D0B4CF6B53DF38938D85B42.crl
rsync://rsync.paas.rpki.ripe.net/repository/28f7ae6d-c53d-4574-9668-28479db83643/0/9944737A024FE1405D0B4CF6B53DF38938D85B42.mft
rsync://rpki.ripe.net/repository/DEFAULT/mURzegJP4UBdC0z2tT3ziTjYW0I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:a1:8c:b0:bb:e7:96:42:f3:f7:79:2e:fe:84:7f:1c:65:83:43:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9944737a024fe1405d0b4cf6b53df38938d85b42
Validity
Not Before: Mar 12 08:04:39 2026 GMT
Not After : Mar 11 08:09:39 2027 GMT
Subject: CN=5ACD723CD2D876ABCB6445A4FA07419B79FC07CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c7:df:fd:8e:b5:8a:7d:26:b8:0e:93:53:3f:
53:83:c0:a8:df:ea:7b:56:51:12:2d:95:78:e8:ab:
77:3d:df:39:9e:45:64:15:07:a8:94:eb:39:c3:04:
6d:cc:26:9b:7a:af:15:be:6e:1c:b3:a1:94:80:81:
69:ea:c7:a2:46:69:53:fd:a0:68:69:6c:ae:17:af:
29:b2:56:27:27:1d:c6:48:a3:81:0f:f3:f0:fb:c6:
6a:a1:88:0e:23:c7:86:e1:2b:92:f8:23:17:44:b9:
3d:2e:65:d8:64:9d:50:44:12:c2:03:f7:7f:1e:76:
c7:5d:36:f7:ae:d5:02:c9:db:4f:0c:ce:d3:4a:86:
64:ac:80:c0:39:b9:8c:8b:c3:f4:a1:07:ba:20:9c:
3f:77:e0:17:77:d4:1d:19:cd:dd:35:e4:97:c6:0d:
c9:65:d4:28:e4:e4:60:8f:ff:b5:fa:ae:e5:6d:a0:
dc:8a:77:4c:f0:59:0b:95:0b:c8:a4:8c:52:ff:be:
ec:0b:80:9b:f4:ec:64:0f:d3:9a:62:c3:8f:e6:30:
f8:42:af:0c:6a:1f:f8:38:08:ef:8e:cb:d4:40:0d:
cc:90:da:5b:36:4a:22:a2:f4:47:de:1d:e3:3d:d0:
17:40:85:7f:f6:c5:dc:10:8c:16:25:fc:2d:52:a3:
84:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:CD:72:3C:D2:D8:76:AB:CB:64:45:A4:FA:07:41:9B:79:FC:07:CE
X509v3 Authority Key Identifier:
keyid:99:44:73:7A:02:4F:E1:40:5D:0B:4C:F6:B5:3D:F3:89:38:D8:5B:42
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/28f7ae6d-c53d-4574-9668-28479db83643/0/9944737A024FE1405D0B4CF6B53DF38938D85B42.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mURzegJP4UBdC0z2tT3ziTjYW0I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/28f7ae6d-c53d-4574-9668-28479db83643/0/3137362e3130322e3137322e302f32322d3234203d3e2032393134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.102.172.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:98:86:62:5e:8f:c2:55:9c:8d:45:8c:44:d6:48:2f:57:33:
09:18:67:01:84:c2:29:be:7c:1e:58:bf:63:c8:87:f6:4b:f1:
55:73:18:67:eb:9e:db:df:e8:aa:0c:ae:7e:7b:2e:c9:90:fe:
5e:50:0c:36:fb:a1:9f:47:6c:8c:ed:1d:b9:35:9a:95:c4:19:
18:1f:ba:eb:d0:b5:0e:f8:2c:2b:48:16:0d:ac:55:40:a4:f5:
72:7e:af:35:0c:4b:08:1f:72:0c:83:db:13:47:96:40:c9:ed:
00:5b:b0:26:3a:7c:7a:ba:71:61:64:37:48:cd:7d:c4:d6:0d:
07:35:80:24:67:c6:98:dd:bd:a2:fd:0c:37:86:b7:b3:3d:a5:
ef:23:e4:fb:a0:ff:61:92:20:b9:58:2e:11:a0:d6:1a:49:25:
18:a1:df:b6:75:f2:66:14:94:5f:a3:d9:95:c4:9d:ba:14:c8:
c3:08:25:e2:b1:7a:b6:f7:92:fa:38:8a:ab:0b:29:3b:a3:0f:
24:1b:7f:35:f2:71:00:7b:a8:ec:2e:8c:14:7e:a8:57:cb:7e:
93:d6:76:a4:fe:37:69:b6:ce:35:6e:bb:51:40:f9:0c:00:5d:
99:18:8b:82:cf:dc:93:3c:fa:85:de:96:18:88:3c:93:e3:5e:
b5:1f:f5:5d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUM6GMsLvnlkLz93ku/oR/HGWDQ4MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTk0NDczN2EwMjRmZTE0MDVkMGI0Y2Y2YjUzZGYzODkz
OGQ4NWI0MjAeFw0yNjAzMTIwODA0MzlaFw0yNzAzMTEwODA5MzlaMDMxMTAvBgNV
BAMTKDVBQ0Q3MjNDRDJEODc2QUJDQjY0NDVBNEZBMDc0MTlCNzlGQzA3Q0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBx9/9jrWKfSa4DpNTP1ODwKjf
6ntWURItlXjoq3c93zmeRWQVB6iU6znDBG3MJpt6rxW+bhyzoZSAgWnqx6JGaVP9
oGhpbK4XrymyVicnHcZIo4EP8/D7xmqhiA4jx4bhK5L4IxdEuT0uZdhknVBEEsID
938edsddNveu1QLJ208MztNKhmSsgMA5uYyLw/ShB7ognD934Bd31B0Zzd015JfG
Dcll1Cjk5GCP/7X6ruVtoNyKd0zwWQuVC8ikjFL/vuwLgJv07GQP05piw4/mMPhC
rwxqH/g4CO+Oy9RADcyQ2ls2SiKi9EfeHeM90BdAhX/2xdwQjBYl/C1So4Q3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUWs1yPNLYdqvLZEWk+gdBm3n8B84wHwYDVR0j
BBgwFoAUmURzegJP4UBdC0z2tT3ziTjYW0IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjhmN2FlNmQtYzUzZC00NTc0LTk2NjgtMjg0NzlkYjgz
NjQzLzAvOTk0NDczN0EwMjRGRTE0MDVEMEI0Q0Y2QjUzREYzODkzOEQ4NUI0Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21VUnplZ0pQNFVCZEMwejJ0VDN6aVRq
WVcwSS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjhmN2FlNmQt
YzUzZC00NTc0LTk2NjgtMjg0NzlkYjgzNjQzLzAvMzEzNzM2MmUzMTMwMzIyZTMx
MzczMjJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzkzMTM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
sGasMA0GCSqGSIb3DQEBCwUAA4IBAQCymIZiXo/CVZyNRYxE1kgvVzMJGGcBhMIp
vnweWL9jyIf2S/FVcxhn657b3+iqDK5+ey7JkP5eUAw2+6GfR2yM7R25NZqVxBkY
H7rr0LUO+CwrSBYNrFVApPVyfq81DEsIH3IMg9sTR5ZAye0AW7AmOnx6unFhZDdI
zX3E1g0HNYAkZ8aY3b2i/Qw3hrezPaXvI+T7oP9hkiC5WC4RoNYaSSUYod+2dfJm
FJRfo9mVxJ26FMjDCCXisXq295L6OIqrCyk7ow8kG3818nEAe6jsLowUfqhXy36T
1nak/jdpts41brtRQPkMAF2ZGIuCz9yTPPqF3pYYiDyT4161H/Vd
-----END CERTIFICATE-----
Generated at Sat Mar 14 08:52:16 2026 by rpki-client