Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38302e37312e3134382e302f32342d3234203d3e20323031333431.roa
File: 38302e37312e3134382e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: gaxrvXUNRlv4ACTdP1xjk7mWNX/xeWjjWOB85yCaEi4=
Subject key identifier: 12:DE:FB:50:46:24:F5:26:BA:61:29:56:74:3B:5B:94:F6:6F:92:AD
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 430EE9E8200A26DFFC8CCA5AA39A3DD57DC29E6D
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38302e37312e3134382e302f32342d3234203d3e20323031333431.roa
Signing time: Thu 23 Oct 2025 16:47:58 +0000
ROA not before: Thu 23 Oct 2025 16:42:58 +0000
ROA not after: Thu 22 Oct 2026 16:47:58 +0000
asID: 201341
IP address blocks: 80.71.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 07:59:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:0e:e9:e8:20:0a:26:df:fc:8c:ca:5a:a3:9a:3d:d5:7d:c2:9e:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Oct 23 16:42:58 2025 GMT
Not After : Oct 22 16:47:58 2026 GMT
Subject: CN=12DEFB504624F526BA612956743B5B94F66F92AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ae:49:16:8a:63:38:0a:c9:3b:4f:ff:c6:5d:
9c:e1:e6:f2:fb:71:13:ab:88:3c:64:a7:bd:d9:bb:
04:60:b8:8a:31:b3:05:09:67:3d:98:6f:45:0a:ec:
c2:ca:ee:6e:fe:0c:1f:a3:16:91:e6:80:74:5e:03:
bb:f3:f0:26:c4:36:aa:fe:64:a3:15:54:33:24:b1:
39:e2:fc:9e:02:c7:5c:eb:da:91:dd:ae:82:56:5f:
a2:ad:9c:7f:9a:10:5b:61:c5:9e:d5:47:7a:59:8a:
13:7f:e8:77:01:fd:85:f3:64:c7:09:6e:fc:f6:24:
ad:9a:e8:4c:14:94:e6:b9:3f:b1:a8:4d:c1:af:cf:
98:22:2b:72:30:89:6d:36:4e:71:ec:4a:8e:d5:8c:
2b:b7:70:9f:9d:9c:fc:a9:3d:c8:2e:2d:89:15:8b:
4c:14:c7:22:7d:c2:a2:dc:e9:21:6b:ec:da:7f:a7:
29:bb:32:91:b0:a3:a3:33:e1:4d:dd:01:f0:01:0b:
74:dc:75:96:e8:5b:62:30:78:3f:45:55:a5:6e:1f:
b5:fb:b8:73:0f:ba:da:2a:1f:94:d1:0a:b7:57:0e:
cd:9e:62:9f:be:cb:38:37:1a:d7:d9:f0:e6:dc:f9:
77:bb:2a:40:20:ac:0c:60:b5:c8:8a:71:c9:e3:d0:
8d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:DE:FB:50:46:24:F5:26:BA:61:29:56:74:3B:5B:94:F6:6F:92:AD
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38302e37312e3134382e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.148.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:b9:36:79:06:60:71:12:40:f3:01:cb:dd:17:c7:f9:c6:5b:
70:d9:af:fe:7e:18:9b:35:08:cc:d4:32:07:5d:58:b8:cf:f9:
ef:79:5e:78:35:bb:5d:21:ae:31:90:c3:08:f5:47:5a:ee:c3:
91:e7:ca:fa:c9:04:22:5c:60:a2:37:3b:8e:5f:9d:18:2a:0f:
3d:b0:d2:14:44:9f:14:36:c4:3e:f3:b6:8a:23:01:86:33:b9:
6b:82:cd:cd:bf:97:f6:ca:86:a2:11:a6:05:a6:ed:41:7a:43:
ee:b7:b3:f3:38:0e:06:ce:ed:cb:9e:d7:c7:96:23:41:a6:93:
9b:9f:e6:32:3d:a1:0c:2c:62:a0:fc:70:73:1c:c6:6d:ba:d3:
98:28:76:d0:c6:83:80:d5:a5:78:e9:a0:3b:be:16:00:a0:ce:
cf:08:ab:50:29:ff:a8:49:b7:8c:c2:82:23:0e:89:93:f9:8c:
4c:13:63:8b:c4:78:c2:4e:1b:b2:7c:11:a0:89:c3:76:75:bd:
c6:2a:a6:ee:99:cc:a8:a3:c7:33:31:66:1c:24:aa:42:f1:17:
ba:c3:e2:45:f0:bf:8c:91:cb:0d:1b:be:16:38:ce:f0:ff:c6:
12:80:56:47:bd:e3:8d:27:05:a8:c5:bd:cb:b4:55:cc:48:23:
09:b4:91:a1
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUQw7p6CAKJt/8jMpao5o91X3Cnm0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTEwMjMxNjQyNThaFw0yNjEwMjIxNjQ3NThaMDMxMTAvBgNV
BAMTKDEyREVGQjUwNDYyNEY1MjZCQTYxMjk1Njc0M0I1Qjk0RjY2RjkyQUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMrkkWimM4Csk7T//GXZzh5vL7
cROriDxkp73ZuwRguIoxswUJZz2Yb0UK7MLK7m7+DB+jFpHmgHReA7vz8CbENqr+
ZKMVVDMksTni/J4Cx1zr2pHdroJWX6KtnH+aEFthxZ7VR3pZihN/6HcB/YXzZMcJ
bvz2JK2a6EwUlOa5P7GoTcGvz5giK3IwiW02TnHsSo7VjCu3cJ+dnPypPcguLYkV
i0wUxyJ9wqLc6SFr7Np/pym7MpGwo6Mz4U3dAfABC3TcdZboW2IweD9FVaVuH7X7
uHMPutoqH5TRCrdXDs2eYp++yzg3GtfZ8Obc+Xe7KkAgrAxgtciKccnj0I1tAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUEt77UEYk9Sa6YSlWdDtblPZvkq0wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zODMwMmUzNzMxMmUz
MTM0MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABQR5QwDQYJKoZIhvcNAQELBQADggEBAH+5NnkGYHESQPMBy90Xx/nGW3DZ
r/5+GJs1CMzUMgddWLjP+e95Xng1u10hrjGQwwj1R1ruw5HnyvrJBCJcYKI3O45f
nRgqDz2w0hREnxQ2xD7ztoojAYYzuWuCzc2/l/bKhqIRpgWm7UF6Q+63s/M4DgbO
7cue18eWI0Gmk5uf5jI9oQwsYqD8cHMcxm2605godtDGg4DVpXjpoDu+FgCgzs8I
q1Ap/6hJt4zCgiMOiZP5jEwTY4vEeMJOG7J8EaCJw3Z1vcYqpu6ZzKijxzMxZhwk
qkLxF7rD4kXwv4yRyw0bvhY4zvD/xhKAVke9440nBajFvcu0VcxIIwm0kaE=
-----END CERTIFICATE-----
Generated at Mon Nov 3 22:07:03 2025 by rpki-client