Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/3139352e39352e3134392e302f32342d3234203d3e203331383938.roa
File: 3139352e39352e3134392e302f32342d3234203d3e203331383938.roa (raw, json)
Hash identifier: nIlM4wp0iNBT5SN8C9VsrwDGSOsVnjaNLplEtHDOmPI=
Subject key identifier: 9E:B1:37:CF:D5:91:E5:27:1A:1D:AA:ED:DC:D8:95:A2:72:15:2E:4D
Certificate issuer: /CN=42e508fba8960f48071b119accbf57bdbf3a8057
Certificate serial: 5698D6CD7D75744E4A1E5A6AF6F40DC8952E72AF
Authority key identifier: 42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/3139352e39352e3134392e302f32342d3234203d3e203331383938.roa
Signing time: Thu 26 Feb 2026 00:46:50 +0000
ROA not before: Thu 26 Feb 2026 00:41:50 +0000
ROA not after: Thu 25 Feb 2027 00:46:50 +0000
asID: 31898
IP address blocks: 195.95.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft
rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Feb 2026 20:53:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:98:d6:cd:7d:75:74:4e:4a:1e:5a:6a:f6:f4:0d:c8:95:2e:72:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42e508fba8960f48071b119accbf57bdbf3a8057
Validity
Not Before: Feb 26 00:41:50 2026 GMT
Not After : Feb 25 00:46:50 2027 GMT
Subject: CN=9EB137CFD591E5271A1DAAEDDCD895A272152E4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e0:4e:64:08:a9:6b:1a:d8:fd:21:29:08:af:
f1:78:4a:a4:c3:bb:35:78:7e:5d:87:94:b5:80:ce:
4b:7e:05:d8:c4:1c:25:8b:29:85:55:16:28:8f:2e:
cc:d9:f4:6c:fa:70:28:d3:0e:22:ef:3c:62:83:ed:
c8:90:ed:a3:f9:e4:74:2a:58:00:91:22:13:cb:3e:
d2:05:9a:61:08:27:dc:a7:e1:2c:a6:cc:3a:a8:be:
98:e5:43:11:33:25:3f:b6:24:10:42:b6:55:d8:38:
11:7a:61:58:be:87:04:6c:29:24:8a:dd:53:c0:f9:
99:3b:17:95:f8:4c:53:50:f8:24:6e:ab:ff:9e:fc:
6a:b3:49:0c:db:33:9b:6a:d2:fc:71:5c:18:c3:f4:
12:e3:46:cc:c7:f6:93:db:96:3f:c9:f9:d4:a8:b1:
fd:ac:b1:bb:0c:54:84:53:70:95:66:28:14:94:7f:
3e:c6:78:0d:63:2e:3c:63:f5:46:10:e7:84:3c:28:
37:3a:9c:9a:4f:44:fe:d1:d4:f1:c5:aa:06:2c:3a:
70:4d:42:f8:02:d1:b8:e7:68:12:77:98:19:30:4b:
a3:72:6a:18:f0:4e:44:d4:ec:08:f9:2a:7d:cf:11:
2f:e7:c9:33:12:c2:34:20:48:66:19:84:bd:54:47:
16:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:B1:37:CF:D5:91:E5:27:1A:1D:AA:ED:DC:D8:95:A2:72:15:2E:4D
X509v3 Authority Key Identifier:
keyid:42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/3139352e39352e3134392e302f32342d3234203d3e203331383938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.95.149.0/24
Signature Algorithm: sha256WithRSAEncryption
62:c1:92:7c:84:12:c3:a7:3b:f0:46:0b:ab:0a:45:0c:2f:c1:
51:9e:40:1c:4f:e1:c9:e9:69:a0:be:51:7a:f6:1d:64:52:03:
6e:98:66:2d:2f:93:25:62:0f:4c:84:34:6f:4c:d1:16:fb:a6:
4b:7b:41:24:51:c3:f2:2b:b6:0c:ac:3d:42:7d:07:64:b3:13:
ff:a7:cc:81:e1:d9:ac:40:65:74:55:4d:ea:80:e1:d9:48:f0:
a1:11:5c:fd:28:dd:54:9b:6a:81:48:8b:8d:a3:49:b7:ff:28:
19:1d:dd:02:82:fa:c1:63:09:da:5a:10:95:b4:99:69:2e:93:
a5:5f:e8:25:77:51:d2:e3:ec:ef:4a:e6:15:87:a2:53:47:b0:
2d:e2:9a:84:7f:10:52:29:3e:ff:b7:49:61:11:cf:ba:15:66:
90:b5:5b:67:e7:5f:aa:b5:5f:d7:80:22:6a:95:7f:e2:e9:ff:
aa:34:bd:3c:70:8d:cb:16:68:f5:4e:28:d8:e1:ab:26:3e:92:
4f:ab:52:95:0f:56:86:33:b3:2a:6a:a7:e8:da:84:9c:f7:d9:
d0:f1:20:18:5a:c4:e6:1f:28:61:90:8a:c2:57:5f:3f:3e:5a:
04:b9:6e:11:03:2c:4d:d0:fe:1b:40:64:a5:f2:ac:a8:77:71:
01:b5:06:28
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUVpjWzX11dE5KHlpq9vQNyJUucq8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDJlNTA4ZmJhODk2MGY0ODA3MWIxMTlhY2NiZjU3YmRi
ZjNhODA1NzAeFw0yNjAyMjYwMDQxNTBaFw0yNzAyMjUwMDQ2NTBaMDMxMTAvBgNV
BAMTKDlFQjEzN0NGRDU5MUU1MjcxQTFEQUFFRERDRDg5NUEyNzIxNTJFNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+4E5kCKlrGtj9ISkIr/F4SqTD
uzV4fl2HlLWAzkt+BdjEHCWLKYVVFiiPLszZ9Gz6cCjTDiLvPGKD7ciQ7aP55HQq
WACRIhPLPtIFmmEIJ9yn4SymzDqovpjlQxEzJT+2JBBCtlXYOBF6YVi+hwRsKSSK
3VPA+Zk7F5X4TFNQ+CRuq/+e/GqzSQzbM5tq0vxxXBjD9BLjRszH9pPblj/J+dSo
sf2ssbsMVIRTcJVmKBSUfz7GeA1jLjxj9UYQ54Q8KDc6nJpPRP7R1PHFqgYsOnBN
QvgC0bjnaBJ3mBkwS6NyahjwTkTU7Aj5Kn3PES/nyTMSwjQgSGYZhL1URxYJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUnrE3z9WR5ScaHart3NiVonIVLk0wHwYDVR0j
BBgwFoAUQuUI+6iWD0gHGxGazL9Xvb86gFcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzNiOGVjMDEtOGJhNS00NzlmLWEyMjktMGFiNzBlNDgx
NWJiLzAvNDJFNTA4RkJBODk2MEY0ODA3MUIxMTlBQ0NCRjU3QkRCRjNBODA1Ny5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1F1VUktNmlXRDBnSEd4R2F6TDlYdmI4
NmdGYy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzNiOGVjMDEt
OGJhNS00NzlmLWEyMjktMGFiNzBlNDgxNWJiLzAvMzEzOTM1MmUzOTM1MmUzMTM0
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMxMzgzOTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
w1+VMA0GCSqGSIb3DQEBCwUAA4IBAQBiwZJ8hBLDpzvwRgurCkUML8FRnkAcT+HJ
6WmgvlF69h1kUgNumGYtL5MlYg9MhDRvTNEW+6ZLe0EkUcPyK7YMrD1CfQdksxP/
p8yB4dmsQGV0VU3qgOHZSPChEVz9KN1Um2qBSIuNo0m3/ygZHd0CgvrBYwnaWhCV
tJlpLpOlX+gld1HS4+zvSuYVh6JTR7At4pqEfxBSKT7/t0lhEc+6FWaQtVtn51+q
tV/XgCJqlX/i6f+qNL08cI3LFmj1TijY4asmPpJPq1KVD1aGM7Mqaqfo2oSc99nQ
8SAYWsTmHyhhkIrCV18/PloEuW4RAyxN0P4bQGSl8qyod3EBtQYo
-----END CERTIFICATE-----
Generated at Thu Feb 26 03:25:52 2026 by rpki-client