Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/37372e3234332e38372e302f32342d3234203d3e20323132323338.roa
File: 37372e3234332e38372e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: N/N9dhr+ZE/Le+4u2+unl5DVNvSJrPElDEdeFUhoRcQ=
Subject key identifier: 13:C5:A2:A0:93:19:AA:C5:0D:2B:D3:16:5C:5E:36:DF:75:02:05:30
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 11C319271A7661398480886F566538BB9A273A2B
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/37372e3234332e38372e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 28 Aug 2025 08:51:31 +0000
ROA not before: Thu 28 Aug 2025 08:46:31 +0000
ROA not after: Thu 27 Aug 2026 08:51:31 +0000
asID: 212238
IP address blocks: 77.243.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 01:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:c3:19:27:1a:76:61:39:84:80:88:6f:56:65:38:bb:9a:27:3a:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Aug 28 08:46:31 2025 GMT
Not After : Aug 27 08:51:31 2026 GMT
Subject: CN=13C5A2A09319AAC50D2BD3165C5E36DF75020530
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4c:01:76:4b:58:c1:c5:33:ca:b2:f6:b9:6e:
4c:00:5f:72:51:5a:b9:61:84:64:78:36:89:38:7d:
98:53:93:57:31:01:e6:84:7d:a9:f6:82:f3:17:84:
6f:7f:bb:87:98:f9:48:d4:6b:61:41:81:79:70:52:
67:22:e5:e0:e1:10:1b:1d:e1:50:57:56:27:08:96:
a4:d8:7e:13:a9:0e:20:1f:7a:ce:44:2e:3b:1f:d2:
11:49:1c:7a:f9:51:d3:00:5a:29:7f:86:f0:5e:87:
64:11:2a:41:68:54:dd:32:8a:b2:2e:1c:56:a8:3f:
68:9c:1d:9d:93:fc:7b:78:42:30:8e:fd:2c:a5:10:
6a:99:81:ad:74:4e:1b:30:e4:b4:c0:86:fd:89:af:
e8:a3:a2:4b:ef:6e:2b:69:84:1e:2e:93:20:e4:b8:
fe:91:27:a5:33:5c:e2:fa:61:de:3d:80:9f:d6:78:
d8:48:27:2d:99:8f:c1:8c:35:ae:45:46:f9:02:81:
2f:e2:bd:fa:df:2e:90:63:f4:44:14:45:ba:7f:a8:
86:df:01:ea:81:5c:e5:4b:49:61:35:35:75:36:af:
b0:b0:b0:27:72:53:b9:d8:0f:13:0c:d6:89:96:11:
02:1f:66:90:20:80:3f:dc:ff:94:80:09:24:2d:3f:
96:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:C5:A2:A0:93:19:AA:C5:0D:2B:D3:16:5C:5E:36:DF:75:02:05:30
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/37372e3234332e38372e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.243.87.0/24
Signature Algorithm: sha256WithRSAEncryption
66:ca:5c:23:0d:67:ab:02:04:bd:49:e3:a6:d6:5f:35:ee:c1:
09:01:b6:90:aa:89:84:e8:01:3e:6e:ec:0b:c7:9a:52:9b:a3:
a3:b1:d9:1e:c3:4c:87:8e:0d:d8:f4:4c:80:d6:a2:3a:22:ba:
f7:df:3f:94:1e:eb:14:bd:42:10:4d:7d:29:4e:dd:23:11:5a:
2a:9b:93:60:a9:79:e1:93:51:07:cf:10:25:69:8a:1e:c1:99:
1a:6e:e0:b5:ef:8d:99:fd:d6:68:86:f8:ec:c8:88:3f:64:d5:
9b:e1:c6:d1:b2:0a:bf:e9:16:89:48:75:08:c5:da:f8:72:72:
a0:bf:03:6e:e6:9d:ca:4c:8d:c5:76:3a:6d:05:45:8f:f3:d4:
38:19:ad:2b:bb:6d:a7:7d:a8:f0:e4:88:9b:32:80:af:eb:de:
8d:35:79:db:a0:e1:73:7c:33:ac:61:aa:f6:cf:17:15:46:8d:
bb:63:6f:49:22:e0:26:b0:0f:f8:26:97:e1:8e:d0:e0:92:47:
e7:ee:5b:6f:3d:6f:0e:7e:46:9a:fc:c2:e6:9d:c1:39:e0:5a:
51:a8:4e:5a:56:14:92:cd:fa:43:29:57:f8:23:2a:60:ba:47:
e8:f4:c2:67:90:f6:5b:49:15:65:62:61:7c:54:5c:9c:e3:0d:
12:fe:b3:bb
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUEcMZJxp2YTmEgIhvVmU4u5onOiswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA4MjgwODQ2MzFaFw0yNjA4MjcwODUxMzFaMDMxMTAvBgNV
BAMTKDEzQzVBMkEwOTMxOUFBQzUwRDJCRDMxNjVDNUUzNkRGNzUwMjA1MzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDATAF2S1jBxTPKsva5bkwAX3JR
WrlhhGR4Nok4fZhTk1cxAeaEfan2gvMXhG9/u4eY+UjUa2FBgXlwUmci5eDhEBsd
4VBXVicIlqTYfhOpDiAfes5ELjsf0hFJHHr5UdMAWil/hvBeh2QRKkFoVN0yirIu
HFaoP2icHZ2T/Ht4QjCO/SylEGqZga10Thsw5LTAhv2Jr+ijokvvbitphB4ukyDk
uP6RJ6UzXOL6Yd49gJ/WeNhIJy2Zj8GMNa5FRvkCgS/ivfrfLpBj9EQURbp/qIbf
AeqBXOVLSWE1NXU2r7CwsCdyU7nYDxMM1omWEQIfZpAggD/c/5SACSQtP5aXAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUE8WioJMZqsUNK9MWXF4233UCBTAwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNzM3MmUzMjM0MzMy
ZTM4MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABN81cwDQYJKoZIhvcNAQELBQADggEBAGbKXCMNZ6sCBL1J46bWXzXuwQkB
tpCqiYToAT5u7AvHmlKbo6Ox2R7DTIeODdj0TIDWojoiuvffP5Qe6xS9QhBNfSlO
3SMRWiqbk2CpeeGTUQfPECVpih7BmRpu4LXvjZn91miG+OzIiD9k1ZvhxtGyCr/p
FolIdQjF2vhycqC/A27mncpMjcV2Om0FRY/z1DgZrSu7bad9qPDkiJsygK/r3o01
edug4XN8M6xhqvbPFxVGjbtjb0ki4CawD/gml+GO0OCSR+fuW289bw5+Rpr8wuad
wTngWlGoTlpWFJLN+kMpV/gjKmC6R+j0wmeQ9ltJFWViYXxUXJzjDRL+s7s=
-----END CERTIFICATE-----
Generated at Fri Sep 5 07:52:58 2025 by rpki-client