Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/28f7ae6d-c53d-4574-9668-28479db83643/0/39312e3233332e392e302f32342d3234203d3e203633373933.roa
File: 39312e3233332e392e302f32342d3234203d3e203633373933.roa (raw, json)
Hash identifier: bupPmkoZJ+XbnfG0zE3WFzVAXQhEXiEfPunTZAewDxg=
Subject key identifier: D8:D0:4D:A7:C7:9D:A8:33:73:8D:F2:6E:1A:20:05:21:DD:2A:A7:EE
Certificate issuer: /CN=9944737a024fe1405d0b4cf6b53df38938d85b42
Certificate serial: 277D36666CDE84923559B5E79FBD824F6AE25AC5
Authority key identifier: 99:44:73:7A:02:4F:E1:40:5D:0B:4C:F6:B5:3D:F3:89:38:D8:5B:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mURzegJP4UBdC0z2tT3ziTjYW0I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/28f7ae6d-c53d-4574-9668-28479db83643/0/39312e3233332e392e302f32342d3234203d3e203633373933.roa
Signing time: Sat 07 Mar 2026 09:58:40 +0000
ROA not before: Sat 07 Mar 2026 09:53:40 +0000
ROA not after: Sat 06 Mar 2027 09:58:40 +0000
asID: 63793
IP address blocks: 91.233.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/28f7ae6d-c53d-4574-9668-28479db83643/0/9944737A024FE1405D0B4CF6B53DF38938D85B42.crl
rsync://rsync.paas.rpki.ripe.net/repository/28f7ae6d-c53d-4574-9668-28479db83643/0/9944737A024FE1405D0B4CF6B53DF38938D85B42.mft
rsync://rpki.ripe.net/repository/DEFAULT/mURzegJP4UBdC0z2tT3ziTjYW0I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:7d:36:66:6c:de:84:92:35:59:b5:e7:9f:bd:82:4f:6a:e2:5a:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9944737a024fe1405d0b4cf6b53df38938d85b42
Validity
Not Before: Mar 7 09:53:40 2026 GMT
Not After : Mar 6 09:58:40 2027 GMT
Subject: CN=D8D04DA7C79DA833738DF26E1A200521DD2AA7EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:08:e3:7d:12:17:8c:20:0e:bd:93:93:c0:af:
f7:26:e0:b8:42:55:38:fa:d5:58:b0:a6:72:02:26:
be:46:7f:88:00:ff:cd:68:5d:51:b8:33:62:9e:fd:
ab:58:e5:f9:84:31:da:b3:5c:c5:9b:05:72:2b:4f:
f6:a2:b4:6b:95:9a:c2:37:d7:84:e9:89:f9:51:57:
22:6b:a7:6f:93:a8:71:2a:eb:15:dd:d8:24:bc:4c:
6d:0e:89:1d:9b:30:e8:95:d5:93:9e:48:79:db:57:
30:97:71:22:c5:2e:92:a9:80:e8:a0:ad:2c:c6:48:
69:3e:3e:43:32:ae:65:4d:15:b3:98:13:50:75:b3:
a9:18:ee:8c:e2:40:1b:0d:a8:4f:35:07:2b:1c:05:
ce:80:f8:bc:eb:48:b7:0b:15:17:05:bd:f7:6b:c5:
7c:93:fd:f3:67:de:78:fa:e1:a5:78:5d:c6:6c:28:
3f:90:79:35:4b:ae:24:73:1f:7d:d4:d6:f8:a3:e6:
d9:ff:f0:26:0a:5b:1f:82:ac:79:89:a3:79:1a:9d:
0b:3a:5f:6f:5c:7a:1f:d2:7a:5f:fb:36:5e:df:ed:
e8:aa:75:ab:ff:e1:48:33:31:3b:98:50:84:b8:15:
0c:d5:98:08:a6:9f:2d:98:a0:06:7b:4b:29:18:e9:
de:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D0:4D:A7:C7:9D:A8:33:73:8D:F2:6E:1A:20:05:21:DD:2A:A7:EE
X509v3 Authority Key Identifier:
keyid:99:44:73:7A:02:4F:E1:40:5D:0B:4C:F6:B5:3D:F3:89:38:D8:5B:42
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/28f7ae6d-c53d-4574-9668-28479db83643/0/9944737A024FE1405D0B4CF6B53DF38938D85B42.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mURzegJP4UBdC0z2tT3ziTjYW0I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/28f7ae6d-c53d-4574-9668-28479db83643/0/39312e3233332e392e302f32342d3234203d3e203633373933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.9.0/24
Signature Algorithm: sha256WithRSAEncryption
24:37:e4:98:ed:63:15:d5:05:1e:14:57:da:24:dd:a4:db:3d:
21:d8:ae:ec:24:2a:f9:60:8f:21:06:e7:2f:6a:38:0d:81:02:
5a:24:b2:3d:55:c5:6a:68:97:b4:1a:29:d5:4d:5d:99:b3:31:
3e:71:c9:81:e7:a5:ab:85:2f:cd:00:11:4f:38:ab:58:7b:6d:
25:3c:7c:92:2a:ff:78:0b:d6:b9:43:7a:03:29:e2:c1:5f:4c:
3f:c3:ce:05:59:98:e1:d0:5f:f7:6d:01:ad:dc:4a:3c:35:48:
65:ee:36:b6:3c:d6:d3:e3:1b:3c:67:48:00:f5:40:87:77:60:
28:97:82:96:e8:5e:7e:d1:aa:dd:c4:a0:06:d1:4e:90:86:ed:
1a:1d:61:5d:ce:73:6c:cf:e2:03:1e:d5:3e:8e:8e:de:4b:1d:
42:c3:39:2f:80:2a:be:e6:77:ab:04:bd:33:5b:8f:76:ff:21:
fa:9d:28:9a:5a:e4:b1:f5:62:95:16:9d:84:8c:29:63:37:2c:
f3:cf:26:79:e3:e9:78:88:75:70:a5:e8:92:69:de:75:28:da:
b6:1a:3a:14:8d:a4:d4:28:f5:fd:a6:97:4b:c4:28:6e:d3:da:
45:c3:05:ee:60:e2:46:a4:44:ab:fe:b6:69:ff:83:d9:58:09:
ff:08:5a:37
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUJ302ZmzehJI1WbXnn72CT2riWsUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTk0NDczN2EwMjRmZTE0MDVkMGI0Y2Y2YjUzZGYzODkz
OGQ4NWI0MjAeFw0yNjAzMDcwOTUzNDBaFw0yNzAzMDYwOTU4NDBaMDMxMTAvBgNV
BAMTKEQ4RDA0REE3Qzc5REE4MzM3MzhERjI2RTFBMjAwNTIxREQyQUE3RUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClCON9EheMIA69k5PAr/cm4LhC
VTj61ViwpnICJr5Gf4gA/81oXVG4M2Ke/atY5fmEMdqzXMWbBXIrT/aitGuVmsI3
14TpiflRVyJrp2+TqHEq6xXd2CS8TG0OiR2bMOiV1ZOeSHnbVzCXcSLFLpKpgOig
rSzGSGk+PkMyrmVNFbOYE1B1s6kY7oziQBsNqE81ByscBc6A+LzrSLcLFRcFvfdr
xXyT/fNn3nj64aV4XcZsKD+QeTVLriRzH33U1vij5tn/8CYKWx+CrHmJo3kanQs6
X29ceh/Sel/7Nl7f7eiqdav/4UgzMTuYUIS4FQzVmAimny2YoAZ7SykY6d6zAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU2NBNp8edqDNzjfJuGiAFId0qp+4wHwYDVR0j
BBgwFoAUmURzegJP4UBdC0z2tT3ziTjYW0IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjhmN2FlNmQtYzUzZC00NTc0LTk2NjgtMjg0NzlkYjgz
NjQzLzAvOTk0NDczN0EwMjRGRTE0MDVEMEI0Q0Y2QjUzREYzODkzOEQ4NUI0Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21VUnplZ0pQNFVCZEMwejJ0VDN6aVRq
WVcwSS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjhmN2FlNmQt
YzUzZC00NTc0LTk2NjgtMjg0NzlkYjgzNjQzLzAvMzkzMTJlMzIzMzMzMmUzOTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzMzNzM5MzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABb6Qkw
DQYJKoZIhvcNAQELBQADggEBACQ35JjtYxXVBR4UV9ok3aTbPSHYruwkKvlgjyEG
5y9qOA2BAloksj1VxWpol7QaKdVNXZmzMT5xyYHnpauFL80AEU84q1h7bSU8fJIq
/3gL1rlDegMp4sFfTD/DzgVZmOHQX/dtAa3cSjw1SGXuNrY81tPjGzxnSAD1QId3
YCiXgpboXn7Rqt3EoAbRTpCG7RodYV3Oc2zP4gMe1T6Ojt5LHULDOS+AKr7md6sE
vTNbj3b/IfqdKJpa5LH1YpUWnYSMKWM3LPPPJnnj6XiIdXCl6JJp3nUo2rYaOhSN
pNQo9f2ml0vEKG7T2kXDBe5g4kakRKv+tmn/g9lYCf8IWjc=
-----END CERTIFICATE-----
Generated at Sat Mar 14 08:52:17 2026 by rpki-client