Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/39352e3231342e33382e302f32342d3234203d3e20323039363937.roa
File: 39352e3231342e33382e302f32342d3234203d3e20323039363937.roa (raw, json)
Hash identifier: K9PSBzJD7iW6Jp3MqPYWMVp9VZZkziqHVjyJSDaEvLk=
Subject key identifier: F3:0F:CB:E7:EC:4F:2F:FA:69:AA:01:87:FD:34:85:22:D8:91:48:12
Certificate issuer: /CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Certificate serial: 3502CEC19DC1BC1CF5769F2607DD833DFFF4EEB5
Authority key identifier: 7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/39352e3231342e33382e302f32342d3234203d3e20323039363937.roa
Signing time: Fri 26 Jun 2026 07:26:52 +0000
ROA not before: Fri 26 Jun 2026 07:21:52 +0000
ROA not after: Fri 25 Jun 2027 07:26:52 +0000
asID: 209697
IP address blocks: 95.214.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Jun 2026 06:54:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:02:ce:c1:9d:c1:bc:1c:f5:76:9f:26:07:dd:83:3d:ff:f4:ee:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Validity
Not Before: Jun 26 07:21:52 2026 GMT
Not After : Jun 25 07:26:52 2027 GMT
Subject: CN=F30FCBE7EC4F2FFA69AA0187FD348522D8914812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:96:2d:4c:4f:4f:51:8b:ac:68:d6:4a:b2:fa:
67:1d:d4:7d:3e:f7:52:35:14:6d:57:99:6f:2e:df:
69:81:85:d3:4e:0a:94:6d:42:ec:c4:0d:af:fa:04:
fe:87:ac:3e:0e:af:77:20:76:51:78:bc:44:4f:6d:
36:aa:3d:96:73:b6:8c:82:26:60:aa:a7:87:d4:de:
59:5e:ef:3b:ab:b1:c1:aa:a1:94:dd:d3:e9:e0:0b:
36:c4:38:63:41:e1:9e:2f:3c:3d:d4:38:26:47:ef:
3e:71:64:e6:ce:3c:eb:e0:b8:78:5e:99:c2:12:c7:
16:4b:80:af:55:3b:cb:10:e3:cf:38:20:0d:f1:98:
9b:ee:16:67:85:8f:9c:e9:8e:ad:91:54:fa:74:25:
71:84:7e:71:71:6e:af:c9:d3:79:4a:05:58:ef:c2:
b2:69:38:3c:c2:7c:82:be:88:b0:df:21:65:1c:b4:
71:24:b7:9b:f1:db:63:00:a6:75:a9:c0:08:36:a1:
76:fd:a1:dd:7a:7c:66:9e:26:0c:d8:27:33:65:eb:
fa:91:b7:e4:9b:23:db:7b:4e:73:33:53:8d:72:33:
67:bc:20:66:c3:c4:43:6c:0c:6a:33:e5:d0:7c:31:
90:77:93:87:35:42:2a:ed:db:dc:1c:3e:01:23:36:
20:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:0F:CB:E7:EC:4F:2F:FA:69:AA:01:87:FD:34:85:22:D8:91:48:12
X509v3 Authority Key Identifier:
keyid:7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/39352e3231342e33382e302f32342d3234203d3e20323039363937.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.38.0/24
Signature Algorithm: sha256WithRSAEncryption
39:a8:f0:2f:c5:3f:59:bf:10:84:3e:e3:23:99:66:b0:6c:69:
55:39:56:c9:7b:08:ad:6a:85:6f:19:12:63:fc:83:12:b8:0d:
92:6a:d4:1c:80:4d:85:94:7c:50:5a:4c:cf:c3:90:e2:05:28:
87:19:92:b3:29:d8:7c:9f:82:34:5c:59:0c:fb:f6:31:85:bc:
30:52:69:09:f0:81:4c:e4:eb:fb:36:1a:b1:2f:e8:cb:bc:e4:
b5:c8:6b:29:c6:90:7b:28:d4:d9:4d:43:ae:10:b6:3f:b3:44:
15:9b:66:66:7a:6f:13:94:d4:2f:a3:59:ab:1b:d6:25:2d:a7:
f4:35:11:f1:65:59:ce:9c:f7:d4:fc:5a:40:4c:53:78:21:cf:
8a:d7:6f:87:95:68:82:e7:ee:2f:7b:2f:c9:0c:dd:9c:ba:3c:
ed:22:77:f9:f6:35:8e:bc:5d:1d:dc:f4:e7:f8:33:bd:83:b3:
ee:d1:2e:6c:15:65:79:ee:b7:9c:e5:85:d7:ea:16:b0:07:cf:
20:9c:54:47:b2:ba:ef:f9:48:a5:bb:fa:a8:1f:53:e5:a1:57:
7f:4c:27:17:28:76:bd:61:72:e4:59:af:4b:49:1a:29:ad:15:
f1:55:ec:c1:e0:dd:5c:b5:97:4a:8f:02:c7:e8:c2:6b:21:c2:
d3:11:2b:2b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUNQLOwZ3BvBz1dp8mB92DPf/07rUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2ZlYTM3ZmRmZTI5YjM0MTczZTk3ZjFiNjM3YTQ0ZWM0
MWFjZWJiODAeFw0yNjA2MjYwNzIxNTJaFw0yNzA2MjUwNzI2NTJaMDMxMTAvBgNV
BAMTKEYzMEZDQkU3RUM0RjJGRkE2OUFBMDE4N0ZEMzQ4NTIyRDg5MTQ4MTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfli1MT09Ri6xo1kqy+mcd1H0+
91I1FG1XmW8u32mBhdNOCpRtQuzEDa/6BP6HrD4Or3cgdlF4vERPbTaqPZZztoyC
JmCqp4fU3lle7zurscGqoZTd0+ngCzbEOGNB4Z4vPD3UOCZH7z5xZObOPOvguHhe
mcISxxZLgK9VO8sQ4884IA3xmJvuFmeFj5zpjq2RVPp0JXGEfnFxbq/J03lKBVjv
wrJpODzCfIK+iLDfIWUctHEkt5vx22MApnWpwAg2oXb9od16fGaeJgzYJzNl6/qR
t+SbI9t7TnMzU41yM2e8IGbDxENsDGoz5dB8MZB3k4c1Qirt29wcPgEjNiDpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU8w/L5+xPL/ppqgGH/TSFItiRSBIwHwYDVR0j
BBgwFoAUf+o3/f4ps0Fz6X8bY3pE7EGs67gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWItZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkz
YTlkLzAvN0ZFQTM3RkRGRTI5QjM0MTczRTk3RjFCNjM3QTQ0RUM0MUFDRUJCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YtbzNfZjRwczBGejZYOGJZM3BFN0VH
czY3Zy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWIt
ZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkzYTlkLzAvMzkzNTJlMzIzMTM0MmUzMzM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM5MzYzOTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X9YmMA0GCSqGSIb3DQEBCwUAA4IBAQA5qPAvxT9ZvxCEPuMjmWawbGlVOVbJewit
aoVvGRJj/IMSuA2SatQcgE2FlHxQWkzPw5DiBSiHGZKzKdh8n4I0XFkM+/Yxhbww
UmkJ8IFM5Ov7NhqxL+jLvOS1yGspxpB7KNTZTUOuELY/s0QVm2Zmem8TlNQvo1mr
G9YlLaf0NRHxZVnOnPfU/FpATFN4Ic+K12+HlWiC5+4vey/JDN2cujztInf59jWO
vF0d3PTn+DO9g7Pu0S5sFWV57rec5YXX6hawB88gnFRHsrrv+Uilu/qoH1PloVd/
TCcXKHa9YXLkWa9LSRoprRXxVezB4N1ctZdKjwLH6MJrIcLTESsr
-----END CERTIFICATE-----
Generated at Sat Jun 27 23:48:10 2026 by rpki-client