Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33372e3134302e3234362e302f32342d3234203d3e20323031333431.roa
File: 33372e3134302e3234362e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: Yxw/vET+4H+kkJ1ezFqiXOtrjJgRt1lmVuFxOXzn+DE=
Subject key identifier: 7F:A5:E3:A7:39:BC:7D:C2:7E:A6:D1:F5:96:37:54:73:56:80:D8:EA
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 198534200DDAA08005427228C0FEFB30E4CED91C
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33372e3134302e3234362e302f32342d3234203d3e20323031333431.roa
Signing time: Thu 23 Oct 2025 16:47:58 +0000
ROA not before: Thu 23 Oct 2025 16:42:58 +0000
ROA not after: Thu 22 Oct 2026 16:47:58 +0000
asID: 201341
IP address blocks: 37.140.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 07:59:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:85:34:20:0d:da:a0:80:05:42:72:28:c0:fe:fb:30:e4:ce:d9:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Oct 23 16:42:58 2025 GMT
Not After : Oct 22 16:47:58 2026 GMT
Subject: CN=7FA5E3A739BC7DC27EA6D1F5963754735680D8EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:26:86:e8:3f:48:3a:4c:13:55:5d:9a:e4:b3:
8b:c1:db:c3:40:12:52:26:9f:4e:e6:5f:84:e1:f4:
b4:fc:1e:19:95:c1:b4:53:d2:29:da:61:c3:a0:7e:
81:3a:6f:b4:d2:f1:fd:73:c3:45:2a:1c:98:9f:50:
e8:cb:54:27:aa:7e:a8:03:eb:e2:b1:6f:7e:eb:62:
0c:f5:3a:e2:e3:87:aa:3e:b4:7a:0e:46:4e:fc:8f:
0d:38:67:06:f2:bd:0a:4e:1d:76:b9:fb:cf:2f:16:
2a:30:4a:1d:d5:98:d2:de:c8:00:b4:89:8d:95:11:
f6:f8:e1:96:46:d6:c0:1f:50:c3:14:77:d2:84:1d:
08:86:b6:e8:e0:a1:1a:4d:91:5a:27:bc:31:91:0f:
cb:62:3b:c7:f3:83:0c:71:ad:2b:d3:98:a2:4c:5a:
94:9b:8e:03:5e:51:da:1e:0c:75:fe:25:d6:b6:ff:
f7:16:a1:f2:eb:66:cc:06:3d:f3:2e:d8:a1:d0:f4:
69:67:7e:15:67:cb:8a:11:c4:ab:ed:1e:fd:5a:36:
5b:7a:a0:67:34:8a:8e:72:13:53:b3:32:a4:78:2c:
0d:59:32:08:36:a2:e5:5e:1e:24:c5:0c:c4:67:d8:
ba:ee:2e:29:6a:31:23:53:91:61:6d:89:0d:6f:8c:
6a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:A5:E3:A7:39:BC:7D:C2:7E:A6:D1:F5:96:37:54:73:56:80:D8:EA
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33372e3134302e3234362e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.246.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:da:da:da:5f:c8:b3:3f:8d:19:f0:cb:23:2e:6d:ec:3e:23:
24:6f:ac:2a:6f:90:21:5f:51:37:6f:e3:23:a8:20:f4:40:6c:
5b:55:b3:3a:6e:3d:5c:4b:6d:24:78:32:4d:e6:b3:24:16:75:
aa:37:fe:22:e6:ad:93:5d:ec:c1:79:66:ea:5e:37:86:c8:57:
b6:b5:7c:b0:05:35:25:58:b8:ca:46:df:e2:37:95:81:ce:a9:
34:b3:72:4b:6a:1e:93:fc:44:f6:96:c0:3f:a3:67:b1:e1:48:
17:96:e8:d4:a7:35:de:7c:98:67:4d:07:96:97:34:bf:6f:5b:
f3:b0:e8:4a:87:8e:31:48:17:5f:a1:21:c2:b6:18:3c:b9:d5:
3c:15:98:5a:c4:67:a8:41:ee:50:92:1d:65:2a:38:62:ca:02:
5e:30:92:ca:a1:92:ce:c1:ad:b3:78:d8:b9:43:3d:2d:06:22:
1f:42:8a:51:c7:cd:9c:ba:f2:f3:ed:fb:7f:10:f4:22:fb:1f:
d5:15:fb:94:ef:02:77:1c:92:dc:ba:f2:8e:bc:5e:6b:65:50:
ca:b0:87:90:ea:f1:9d:85:30:34:8e:ef:32:d9:d6:c8:42:7a:
e3:4c:cb:15:2d:09:59:81:57:5d:81:e2:55:d2:cd:7b:84:40:
e5:99:58:8c
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUGYU0IA3aoIAFQnIowP77MOTO2RwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTEwMjMxNjQyNThaFw0yNjEwMjIxNjQ3NThaMDMxMTAvBgNV
BAMTKDdGQTVFM0E3MzlCQzdEQzI3RUE2RDFGNTk2Mzc1NDczNTY4MEQ4RUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjJoboP0g6TBNVXZrks4vB28NA
ElImn07mX4Th9LT8HhmVwbRT0inaYcOgfoE6b7TS8f1zw0UqHJifUOjLVCeqfqgD
6+Kxb37rYgz1OuLjh6o+tHoORk78jw04ZwbyvQpOHXa5+88vFiowSh3VmNLeyAC0
iY2VEfb44ZZG1sAfUMMUd9KEHQiGtujgoRpNkVonvDGRD8tiO8fzgwxxrSvTmKJM
WpSbjgNeUdoeDHX+Jda2//cWofLrZswGPfMu2KHQ9GlnfhVny4oRxKvtHv1aNlt6
oGc0io5yE1OzMqR4LA1ZMgg2ouVeHiTFDMRn2LruLilqMSNTkWFtiQ1vjGpdAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUf6Xjpzm8fcJ+ptH1ljdUc1aA2OowHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMzM3MmUzMTM0MzAy
ZTMyMzQzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMTMzMzQzMS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEACWM9jANBgkqhkiG9w0BAQsFAAOCAQEADNra2l/Isz+NGfDLIy5t7D4j
JG+sKm+QIV9RN2/jI6gg9EBsW1WzOm49XEttJHgyTeazJBZ1qjf+Iuatk13swXlm
6l43hshXtrV8sAU1JVi4ykbf4jeVgc6pNLNyS2oek/xE9pbAP6NnseFIF5bo1Kc1
3nyYZ00Hlpc0v29b87DoSoeOMUgXX6EhwrYYPLnVPBWYWsRnqEHuUJIdZSo4YsoC
XjCSyqGSzsGts3jYuUM9LQYiH0KKUcfNnLry8+37fxD0Ivsf1RX7lO8CdxyS3Lry
jrxea2VQyrCHkOrxnYUwNI7vMtnWyEJ640zLFS0JWYFXXYHiVdLNe4RA5ZlYjA==
-----END CERTIFICATE-----
Generated at Mon Nov 3 22:08:59 2025 by rpki-client