Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/28f7ae6d-c53d-4574-9668-28479db83643/0/39312e3233332e31312e302f32342d3234203d3e203136323736.roa
File: 39312e3233332e31312e302f32342d3234203d3e203136323736.roa (raw, json)
Hash identifier: LV3Z47QQt2GLbvsziknv3+jFd275mrEJNobpg8iXLAE=
Subject key identifier: 93:95:C2:3A:7B:53:74:A6:72:A2:97:CE:81:F2:6E:69:09:60:42:0B
Certificate issuer: /CN=9944737a024fe1405d0b4cf6b53df38938d85b42
Certificate serial: 2584E3E471E51DFB0C97C710FFE9C4E79B227692
Authority key identifier: 99:44:73:7A:02:4F:E1:40:5D:0B:4C:F6:B5:3D:F3:89:38:D8:5B:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mURzegJP4UBdC0z2tT3ziTjYW0I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/28f7ae6d-c53d-4574-9668-28479db83643/0/39312e3233332e31312e302f32342d3234203d3e203136323736.roa
Signing time: Sat 07 Mar 2026 00:30:51 +0000
ROA not before: Sat 07 Mar 2026 00:25:51 +0000
ROA not after: Sat 06 Mar 2027 00:30:51 +0000
asID: 16276
IP address blocks: 91.233.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/28f7ae6d-c53d-4574-9668-28479db83643/0/9944737A024FE1405D0B4CF6B53DF38938D85B42.crl
rsync://rsync.paas.rpki.ripe.net/repository/28f7ae6d-c53d-4574-9668-28479db83643/0/9944737A024FE1405D0B4CF6B53DF38938D85B42.mft
rsync://rpki.ripe.net/repository/DEFAULT/mURzegJP4UBdC0z2tT3ziTjYW0I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 13:39:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:84:e3:e4:71:e5:1d:fb:0c:97:c7:10:ff:e9:c4:e7:9b:22:76:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9944737a024fe1405d0b4cf6b53df38938d85b42
Validity
Not Before: Mar 7 00:25:51 2026 GMT
Not After : Mar 6 00:30:51 2027 GMT
Subject: CN=9395C23A7B5374A672A297CE81F26E690960420B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:fa:a1:23:26:19:ce:a5:e3:dd:9b:57:95:16:
4e:94:f0:33:d7:26:a2:c6:cf:fb:63:26:bc:0a:66:
3e:e4:ee:73:28:62:c1:f3:c6:a9:3c:6f:d6:33:a1:
47:ee:84:c4:99:78:e3:47:ad:af:4b:ef:7e:f2:5a:
a0:5d:96:18:41:31:62:00:f3:f0:3f:3c:c0:a3:ef:
6e:bc:c1:90:9e:82:d4:fb:43:98:94:d3:80:01:31:
e4:28:39:ca:9c:cd:0a:b1:dc:c1:46:0e:a5:54:81:
76:51:47:26:2b:2c:6c:b0:31:0e:b2:6b:f0:96:0d:
3e:cd:e1:35:32:dd:14:ab:17:82:23:c8:45:cd:16:
ad:35:b0:13:11:c0:ce:d7:9c:68:7c:b8:02:fd:4a:
a8:d0:4d:1b:d0:20:06:11:27:df:c7:08:78:c8:8f:
87:7e:3c:b2:b1:0a:9e:1c:6f:d3:1f:db:8c:58:27:
78:15:50:3f:f1:21:e0:85:a4:1a:df:df:4e:95:3c:
a8:62:7c:5f:e4:89:11:ac:3e:49:03:81:2a:ed:6d:
d3:69:bb:48:4c:e2:9c:6e:b0:81:6c:c3:4b:a9:03:
26:ab:e3:81:3d:26:02:7c:19:76:35:0a:02:fb:a8:
11:17:9a:5d:80:c8:5a:87:1b:4c:d7:e3:1d:ef:7b:
3b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:95:C2:3A:7B:53:74:A6:72:A2:97:CE:81:F2:6E:69:09:60:42:0B
X509v3 Authority Key Identifier:
keyid:99:44:73:7A:02:4F:E1:40:5D:0B:4C:F6:B5:3D:F3:89:38:D8:5B:42
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/28f7ae6d-c53d-4574-9668-28479db83643/0/9944737A024FE1405D0B4CF6B53DF38938D85B42.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mURzegJP4UBdC0z2tT3ziTjYW0I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/28f7ae6d-c53d-4574-9668-28479db83643/0/39312e3233332e31312e302f32342d3234203d3e203136323736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.11.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:44:63:bf:94:85:03:6c:c8:91:5b:e8:d3:94:5d:d5:ee:e1:
96:93:48:68:2c:5c:b7:35:6c:29:0a:66:2f:3d:57:c0:ab:10:
06:16:38:4d:5e:41:be:b4:47:bb:db:8f:a0:7a:4a:c2:2e:dc:
6c:a4:1e:95:6b:af:69:33:91:59:fc:c5:51:30:92:ef:02:9f:
dd:ac:d4:02:ec:ed:82:91:42:77:b1:bc:4f:a7:3f:2d:32:1c:
33:0d:1c:ea:90:bf:2a:52:93:6a:14:ee:a2:77:6a:08:75:d8:
50:11:f0:4d:d1:f4:d6:c1:43:fe:17:91:b0:db:b6:29:d4:28:
36:aa:05:77:df:1c:50:e0:96:7d:92:68:0a:b7:a7:4b:18:4b:
79:dc:24:10:7c:18:62:98:12:16:30:f4:9e:89:f5:1e:8c:fe:
02:2f:9f:99:4b:66:19:af:ec:50:02:bb:ac:28:fa:89:41:02:
c0:ac:7e:00:41:5e:a9:09:84:74:7b:c0:6e:91:02:74:5e:35:
c8:2d:8a:f9:a5:da:5c:a0:0c:9c:46:8e:24:bb:38:9a:9a:7b:
17:43:36:8f:8f:cc:a1:c9:91:b2:41:a3:92:c2:fa:5f:ed:fb:
71:96:09:6f:28:dc:61:78:79:b5:b3:2a:03:56:8a:71:e9:c3:
6d:11:89:d3
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUJYTj5HHlHfsMl8cQ/+nE55sidpIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTk0NDczN2EwMjRmZTE0MDVkMGI0Y2Y2YjUzZGYzODkz
OGQ4NWI0MjAeFw0yNjAzMDcwMDI1NTFaFw0yNzAzMDYwMDMwNTFaMDMxMTAvBgNV
BAMTKDkzOTVDMjNBN0I1Mzc0QTY3MkEyOTdDRTgxRjI2RTY5MDk2MDQyMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl+qEjJhnOpePdm1eVFk6U8DPX
JqLGz/tjJrwKZj7k7nMoYsHzxqk8b9YzoUfuhMSZeONHra9L737yWqBdlhhBMWIA
8/A/PMCj7268wZCegtT7Q5iU04ABMeQoOcqczQqx3MFGDqVUgXZRRyYrLGywMQ6y
a/CWDT7N4TUy3RSrF4IjyEXNFq01sBMRwM7XnGh8uAL9SqjQTRvQIAYRJ9/HCHjI
j4d+PLKxCp4cb9Mf24xYJ3gVUD/xIeCFpBrf306VPKhifF/kiRGsPkkDgSrtbdNp
u0hM4pxusIFsw0upAyar44E9JgJ8GXY1CgL7qBEXml2AyFqHG0zX4x3veztHAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUk5XCOntTdKZyopfOgfJuaQlgQgswHwYDVR0j
BBgwFoAUmURzegJP4UBdC0z2tT3ziTjYW0IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjhmN2FlNmQtYzUzZC00NTc0LTk2NjgtMjg0NzlkYjgz
NjQzLzAvOTk0NDczN0EwMjRGRTE0MDVEMEI0Q0Y2QjUzREYzODkzOEQ4NUI0Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21VUnplZ0pQNFVCZEMwejJ0VDN6aVRq
WVcwSS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjhmN2FlNmQt
YzUzZC00NTc0LTk2NjgtMjg0NzlkYjgzNjQzLzAvMzkzMTJlMzIzMzMzMmUzMTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNjMyMzczNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvp
CzANBgkqhkiG9w0BAQsFAAOCAQEATURjv5SFA2zIkVvo05Rd1e7hlpNIaCxctzVs
KQpmLz1XwKsQBhY4TV5BvrRHu9uPoHpKwi7cbKQelWuvaTORWfzFUTCS7wKf3azU
AuztgpFCd7G8T6c/LTIcMw0c6pC/KlKTahTuondqCHXYUBHwTdH01sFD/heRsNu2
KdQoNqoFd98cUOCWfZJoCrenSxhLedwkEHwYYpgSFjD0non1Hoz+Ai+fmUtmGa/s
UAK7rCj6iUECwKx+AEFeqQmEdHvAbpECdF41yC2K+aXaXKAMnEaOJLs4mpp7F0M2
j4/MocmRskGjksL6X+37cZYJbyjcYXh5tbMqA1aKcenDbRGJ0w==
-----END CERTIFICATE-----
Generated at Sat Mar 14 06:18:02 2026 by rpki-client