Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136332e35342e302f32342d3234203d3e20323031333431.roa
File: 3138352e3136332e35342e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: OZ8Z9sZYmQhtqmVYAG2WbfVCx+ruSfJwiCzMKdaBmTI=
Subject key identifier: 04:A9:30:A3:06:EA:B9:5A:C8:75:C6:94:27:75:2E:10:0A:8D:F8:65
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 6766EB5B94A581A8EA1FFC59657D7328E099B856
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136332e35342e302f32342d3234203d3e20323031333431.roa
Signing time: Mon 29 Dec 2025 09:50:33 +0000
ROA not before: Mon 29 Dec 2025 09:45:33 +0000
ROA not after: Mon 28 Dec 2026 09:50:33 +0000
asID: 201341
IP address blocks: 185.163.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Feb 2026 21:36:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:66:eb:5b:94:a5:81:a8:ea:1f:fc:59:65:7d:73:28:e0:99:b8:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 29 09:45:33 2025 GMT
Not After : Dec 28 09:50:33 2026 GMT
Subject: CN=04A930A306EAB95AC875C69427752E100A8DF865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:34:be:7c:6c:7c:0d:41:62:fa:82:24:e3:ec:
4a:16:fe:3f:8c:3d:25:e3:15:b2:67:dd:07:64:fc:
6d:26:77:1c:69:dd:8d:91:b4:77:47:b9:54:21:c9:
45:37:d7:d7:3a:e6:50:a0:cf:d7:98:53:94:89:2d:
64:ae:08:25:f2:82:81:98:20:25:b4:c5:d3:cf:3b:
cb:f5:f2:a6:31:dc:8e:9c:42:03:5a:07:81:3d:e9:
5e:f4:73:e6:25:66:ef:e1:c3:91:8d:5f:8f:e8:5d:
b0:b7:05:15:60:60:ef:77:39:23:30:0f:62:31:d7:
ce:f8:4b:2e:9e:a3:af:3e:4d:bd:7f:44:af:09:87:
d2:d1:d4:6e:1b:d4:64:8b:93:21:96:89:82:f3:e9:
ee:8f:aa:7f:0b:b8:1a:df:2e:49:c8:f7:4b:e0:21:
c1:14:30:1e:17:4b:3c:3d:64:1c:55:b0:ee:75:25:
fe:de:74:20:65:ce:34:97:f6:b1:a2:c3:a9:cb:3c:
4a:d6:43:b5:ea:b2:05:fd:c9:7f:11:91:06:56:a8:
88:72:22:3a:ed:73:59:b7:26:f8:73:59:80:0d:eb:
d6:19:0a:18:66:7c:cc:ff:96:45:3c:0e:ff:cf:94:
f3:fc:23:13:7c:31:26:6e:40:e3:19:7e:82:bc:b2:
3c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:A9:30:A3:06:EA:B9:5A:C8:75:C6:94:27:75:2E:10:0A:8D:F8:65
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136332e35342e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.54.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:7b:4d:7c:1a:3c:e6:59:d6:bf:ea:43:c0:75:05:57:b9:5e:
d8:67:70:e6:b2:c0:b5:e9:62:76:b6:f2:52:ce:b4:2c:47:fa:
56:92:96:b5:a5:ad:a3:41:37:e2:79:a7:3f:3e:61:66:21:ef:
8a:4a:30:32:b8:99:6b:b3:10:1c:6f:fe:60:de:62:ae:76:e6:
cd:2d:e5:f4:28:de:f9:b9:d2:12:05:0e:b0:73:d0:29:2d:54:
b1:79:3e:38:47:5d:d7:09:4f:07:20:d8:a6:27:d9:fb:3d:dc:
10:6c:81:b9:97:8c:7c:f6:7c:10:6c:a8:38:d4:e4:2c:76:26:
fd:1a:be:c4:44:7e:ea:2d:51:c4:7f:8b:bb:47:ef:cc:ea:99:
a3:78:07:94:0f:b4:70:0e:83:72:45:11:f0:cf:1d:ab:dc:8f:
29:a9:0d:0b:6d:78:72:7a:95:6b:fa:8d:c0:21:e6:2d:cc:35:
ae:e0:de:b1:ba:90:70:3d:7d:19:12:f8:b0:a9:c2:55:6d:a5:
f0:fc:04:90:8b:72:6f:3a:c3:4a:91:9e:d3:43:ab:df:fc:b4:
76:cc:7b:28:43:82:d5:0c:65:23:a4:37:03:50:aa:62:9f:0f:
96:35:6a:cf:33:85:f7:de:25:cf:88:43:9f:0c:0d:ab:0f:ce:
96:94:4e:f4
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUZ2brW5SlgajqH/xZZX1zKOCZuFYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTEyMjkwOTQ1MzNaFw0yNjEyMjgwOTUwMzNaMDMxMTAvBgNV
BAMTKDA0QTkzMEEzMDZFQUI5NUFDODc1QzY5NDI3NzUyRTEwMEE4REY4NjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNNL58bHwNQWL6giTj7EoW/j+M
PSXjFbJn3Qdk/G0mdxxp3Y2RtHdHuVQhyUU319c65lCgz9eYU5SJLWSuCCXygoGY
ICW0xdPPO8v18qYx3I6cQgNaB4E96V70c+YlZu/hw5GNX4/oXbC3BRVgYO93OSMw
D2Ix1874Sy6eo68+Tb1/RK8Jh9LR1G4b1GSLkyGWiYLz6e6Pqn8LuBrfLknI90vg
IcEUMB4XSzw9ZBxVsO51Jf7edCBlzjSX9rGiw6nLPErWQ7XqsgX9yX8RkQZWqIhy
Ijrtc1m3JvhzWYAN69YZChhmfMz/lkU8Dv/PlPP8IxN8MSZuQOMZfoK8sjzVAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUBKkwowbquVrIdcaUJ3UuEAqN+GUwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
MzJlMzUzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMTMzMzQzMS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmjNjANBgkqhkiG9w0BAQsFAAOCAQEAwXtNfBo85lnWv+pDwHUFV7le
2Gdw5rLAtelidrbyUs60LEf6VpKWtaWto0E34nmnPz5hZiHvikowMriZa7MQHG/+
YN5irnbmzS3l9Cje+bnSEgUOsHPQKS1UsXk+OEdd1wlPByDYpifZ+z3cEGyBuZeM
fPZ8EGyoONTkLHYm/Rq+xER+6i1RxH+Lu0fvzOqZo3gHlA+0cA6DckUR8M8dq9yP
KakNC214cnqVa/qNwCHmLcw1ruDesbqQcD19GRL4sKnCVW2l8PwEkItybzrDSpGe
00Or3/y0dsx7KEOC1QxlI6Q3A1CqYp8PljVqzzOF994lz4hDnwwNqw/OlpRO9A==
-----END CERTIFICATE-----
Generated at Mon Feb 23 03:00:51 2026 by rpki-client