Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/39352e3231342e33392e302f32342d3234203d3e20323039363937.roa
File: 39352e3231342e33392e302f32342d3234203d3e20323039363937.roa (raw, json)
Hash identifier: eF/8gYng21CGvIOlKRNr6+i+75sIopHD4y33SJzwaAI=
Subject key identifier: F9:EA:E0:30:4B:D3:97:B8:3B:A4:67:9A:05:D2:F9:66:EB:25:30:10
Certificate issuer: /CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Certificate serial: 0F07639BE55CB8202E98E88F11A138D7FB4EECCA
Authority key identifier: 7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/39352e3231342e33392e302f32342d3234203d3e20323039363937.roa
Signing time: Fri 26 Jun 2026 07:26:51 +0000
ROA not before: Fri 26 Jun 2026 07:21:51 +0000
ROA not after: Fri 25 Jun 2027 07:26:51 +0000
asID: 209697
IP address blocks: 95.214.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Jun 2026 06:54:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:07:63:9b:e5:5c:b8:20:2e:98:e8:8f:11:a1:38:d7:fb:4e:ec:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Validity
Not Before: Jun 26 07:21:51 2026 GMT
Not After : Jun 25 07:26:51 2027 GMT
Subject: CN=F9EAE0304BD397B83BA4679A05D2F966EB253010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:bc:52:c8:82:8a:d3:7a:ac:f4:d6:c7:40:35:
84:27:41:c9:60:55:7e:b6:cc:d8:6d:80:4c:84:e0:
5b:8c:02:9b:89:7a:04:00:66:3c:73:2e:63:84:2d:
5b:6b:8b:28:f1:83:6e:ca:b1:e6:ac:72:71:29:73:
5a:4a:f4:e7:40:f3:f2:10:f4:c8:61:44:50:e9:82:
ad:36:f0:a0:83:6a:98:bf:a9:ce:f5:a9:dc:19:47:
d2:7d:20:63:9f:92:e3:82:dd:e1:93:68:0b:79:2d:
e8:79:0b:90:07:0e:94:e4:21:67:4c:4d:79:6c:67:
23:4f:d6:80:86:85:43:4d:a7:55:af:db:b0:9c:c2:
a1:8b:48:7d:fd:cb:39:48:55:34:57:23:00:ed:c1:
42:a9:97:99:86:0a:86:a6:50:90:b8:ea:bb:d3:83:
bf:e5:7e:0b:94:85:87:45:44:7f:9a:1a:13:19:e3:
22:e1:46:b4:23:6d:0d:e5:00:83:ac:09:41:6b:47:
e6:f3:9c:e7:fb:25:8b:a2:59:7f:f7:5e:fc:89:3c:
f6:be:73:b5:46:c7:a0:16:52:0c:62:6a:6f:e7:1f:
04:9b:b8:e0:8f:58:61:48:d9:68:8a:f1:a2:ff:4f:
fe:ff:86:23:98:34:fa:1f:2e:fe:f0:c2:ad:d0:f7:
c8:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:EA:E0:30:4B:D3:97:B8:3B:A4:67:9A:05:D2:F9:66:EB:25:30:10
X509v3 Authority Key Identifier:
keyid:7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/39352e3231342e33392e302f32342d3234203d3e20323039363937.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.39.0/24
Signature Algorithm: sha256WithRSAEncryption
70:e3:bd:4c:18:4b:39:09:22:d5:71:90:1b:0f:97:4a:0b:3d:
bb:6b:bc:1a:ba:46:2e:15:d1:d8:e0:c4:38:8f:53:22:64:d1:
e6:63:93:41:43:a5:c8:3e:98:f5:e6:73:20:bc:d7:76:c5:c8:
06:f4:b4:d1:fa:6b:df:69:d4:15:3b:84:43:fa:23:90:c0:be:
5d:5d:c8:3c:57:c4:f7:07:66:ea:ce:2a:2b:c9:4d:77:9c:fa:
27:c5:e7:13:0f:e5:f5:b8:93:c9:5c:bf:e8:85:22:3c:77:8e:
cd:a6:fb:65:8e:0f:ff:c2:64:39:10:3d:08:a8:f6:b1:f7:95:
b4:73:e0:1d:8c:61:2e:97:9e:f0:a1:a8:83:b7:f6:7e:1f:6e:
de:99:7e:ce:2f:18:84:ac:18:76:04:a7:2c:cf:c3:d6:ea:e0:
af:cb:b1:be:fe:ff:09:29:d2:59:69:79:3d:35:77:cd:53:6e:
63:bb:fd:da:52:fe:ae:25:ce:5d:14:dd:4e:51:99:4e:58:6c:
b3:a7:44:e2:12:88:82:29:32:13:00:64:ab:98:1c:65:0c:4d:
95:9f:36:52:29:dd:94:7c:5d:81:16:29:db:47:40:3c:97:79:
a5:5e:e3:c6:88:2b:d7:dc:96:c3:eb:55:d3:0c:7c:07:88:a4:
57:0c:20:74
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDwdjm+VcuCAumOiPEaE41/tO7MowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2ZlYTM3ZmRmZTI5YjM0MTczZTk3ZjFiNjM3YTQ0ZWM0
MWFjZWJiODAeFw0yNjA2MjYwNzIxNTFaFw0yNzA2MjUwNzI2NTFaMDMxMTAvBgNV
BAMTKEY5RUFFMDMwNEJEMzk3QjgzQkE0Njc5QTA1RDJGOTY2RUIyNTMwMTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSvFLIgorTeqz01sdANYQnQclg
VX62zNhtgEyE4FuMApuJegQAZjxzLmOELVtriyjxg27KseascnEpc1pK9OdA8/IQ
9MhhRFDpgq028KCDapi/qc71qdwZR9J9IGOfkuOC3eGTaAt5Leh5C5AHDpTkIWdM
TXlsZyNP1oCGhUNNp1Wv27CcwqGLSH39yzlIVTRXIwDtwUKpl5mGCoamUJC46rvT
g7/lfguUhYdFRH+aGhMZ4yLhRrQjbQ3lAIOsCUFrR+bznOf7JYuiWX/3XvyJPPa+
c7VGx6AWUgxiam/nHwSbuOCPWGFI2WiK8aL/T/7/hiOYNPofLv7wwq3Q98h/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU+ergMEvTl7g7pGeaBdL5ZuslMBAwHwYDVR0j
BBgwFoAUf+o3/f4ps0Fz6X8bY3pE7EGs67gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWItZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkz
YTlkLzAvN0ZFQTM3RkRGRTI5QjM0MTczRTk3RjFCNjM3QTQ0RUM0MUFDRUJCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YtbzNfZjRwczBGejZYOGJZM3BFN0VH
czY3Zy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWIt
ZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkzYTlkLzAvMzkzNTJlMzIzMTM0MmUzMzM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM5MzYzOTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X9YnMA0GCSqGSIb3DQEBCwUAA4IBAQBw471MGEs5CSLVcZAbD5dKCz27a7waukYu
FdHY4MQ4j1MiZNHmY5NBQ6XIPpj15nMgvNd2xcgG9LTR+mvfadQVO4RD+iOQwL5d
Xcg8V8T3B2bqzioryU13nPonxecTD+X1uJPJXL/ohSI8d47Npvtljg//wmQ5ED0I
qPax95W0c+AdjGEul57woaiDt/Z+H27emX7OLxiErBh2BKcsz8PW6uCvy7G+/v8J
KdJZaXk9NXfNU25ju/3aUv6uJc5dFN1OUZlOWGyzp0TiEoiCKTITAGSrmBxlDE2V
nzZSKd2UfF2BFinbR0A8l3mlXuPGiCvX3JbD61XTDHwHiKRXDCB0
-----END CERTIFICATE-----
Generated at Sat Jun 27 23:48:31 2026 by rpki-client