Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96573e88-daba-4ac7-a2ed-321c8277d25e/0/39332e39352e3131332e302f32342d3234203d3e20343032303434.roa
File: 39332e39352e3131332e302f32342d3234203d3e20343032303434.roa (raw, json)
Hash identifier: AtOuXGHz2DTlb1k/SfCWhLHsL8OPE1HWzZC1wZunOVo=
Subject key identifier: 2E:8A:E6:DD:A6:98:33:5E:F7:DD:B0:31:57:19:4E:6A:02:E7:58:B0
Certificate issuer: /CN=b172548fa3c460e26cb519ee524361bca6c7132e
Certificate serial: 6F17AE8D00E5EC3868E78394344831E9FA3FACB0
Authority key identifier: B1:72:54:8F:A3:C4:60:E2:6C:B5:19:EE:52:43:61:BC:A6:C7:13:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sXJUj6PEYOJstRnuUkNhvKbHEy4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96573e88-daba-4ac7-a2ed-321c8277d25e/0/39332e39352e3131332e302f32342d3234203d3e20343032303434.roa
Signing time: Fri 06 Mar 2026 10:10:12 +0000
ROA not before: Fri 06 Mar 2026 10:05:12 +0000
ROA not after: Fri 05 Mar 2027 10:10:12 +0000
asID: 402044
IP address blocks: 93.95.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96573e88-daba-4ac7-a2ed-321c8277d25e/0/B172548FA3C460E26CB519EE524361BCA6C7132E.crl
rsync://rsync.paas.rpki.ripe.net/repository/96573e88-daba-4ac7-a2ed-321c8277d25e/0/B172548FA3C460E26CB519EE524361BCA6C7132E.mft
rsync://rpki.ripe.net/repository/DEFAULT/sXJUj6PEYOJstRnuUkNhvKbHEy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 17:59:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:17:ae:8d:00:e5:ec:38:68:e7:83:94:34:48:31:e9:fa:3f:ac:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b172548fa3c460e26cb519ee524361bca6c7132e
Validity
Not Before: Mar 6 10:05:12 2026 GMT
Not After : Mar 5 10:10:12 2027 GMT
Subject: CN=2E8AE6DDA698335EF7DDB03157194E6A02E758B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:31:9a:b0:fb:e6:12:be:ae:86:b7:f9:28:ab:
96:fb:fd:24:aa:97:e1:37:11:67:42:51:78:9b:0a:
99:e8:d2:21:8c:7f:db:e7:b9:2e:c7:6c:b2:fb:15:
ec:93:20:a5:6b:e4:f7:5d:4d:18:91:fa:63:be:8e:
64:6f:5b:27:c3:8f:9e:5d:a9:6d:59:f8:8d:9c:2f:
33:bc:7a:93:85:e2:fd:80:8c:05:03:a0:e2:f5:ce:
ca:53:4b:19:3e:b7:da:e7:a8:f2:7d:73:2e:0b:58:
71:3b:79:d6:31:34:21:05:7d:de:00:58:70:7f:49:
18:1c:8c:5e:9d:3c:68:90:94:aa:88:dd:9a:fd:d8:
ff:f9:0e:75:2c:f1:22:97:fa:ce:12:2a:4a:b7:46:
a9:4e:c4:ce:9b:6e:da:d5:9f:b9:d1:2c:80:7d:39:
25:4d:fb:dc:78:4b:b3:98:e5:bb:c9:51:e7:39:b2:
44:6e:e4:89:48:92:5b:3f:8f:d5:49:57:99:a7:4b:
de:8f:0c:ea:45:b3:5d:1f:a0:d5:d2:bd:1f:72:8c:
75:93:27:93:0b:d2:d9:2c:68:c3:c6:6d:00:27:e6:
63:b9:0e:9d:d0:1e:ff:7b:3f:49:89:c5:98:d0:d5:
68:01:1a:2d:a9:dd:8b:f3:12:14:04:2a:c5:89:b5:
29:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:8A:E6:DD:A6:98:33:5E:F7:DD:B0:31:57:19:4E:6A:02:E7:58:B0
X509v3 Authority Key Identifier:
keyid:B1:72:54:8F:A3:C4:60:E2:6C:B5:19:EE:52:43:61:BC:A6:C7:13:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96573e88-daba-4ac7-a2ed-321c8277d25e/0/B172548FA3C460E26CB519EE524361BCA6C7132E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXJUj6PEYOJstRnuUkNhvKbHEy4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96573e88-daba-4ac7-a2ed-321c8277d25e/0/39332e39352e3131332e302f32342d3234203d3e20343032303434.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.95.113.0/24
Signature Algorithm: sha256WithRSAEncryption
de:84:2b:d4:32:54:26:a4:60:86:b3:4a:e2:7f:3a:6d:1f:45:
c2:b8:20:ff:e4:f9:54:d8:40:ed:99:90:61:5c:9a:d3:f5:a9:
51:43:da:07:1a:07:f4:77:dc:83:66:dd:d6:b9:95:a2:a4:39:
99:c5:b4:36:53:1b:47:ae:4b:81:df:bb:67:d9:2d:95:bb:ab:
f6:22:9c:67:97:fe:00:6e:47:d1:9a:9c:37:56:09:91:62:ae:
13:b3:4d:27:1c:1d:05:ec:7e:5f:69:f7:e7:06:aa:12:b1:3e:
a6:7e:5b:2e:79:a2:71:66:19:3c:fd:01:a8:1a:69:f1:5f:d4:
b2:55:fc:5f:be:b7:cd:52:7e:89:d4:24:24:89:27:a4:21:ea:
2c:38:88:89:e7:c4:b4:bb:16:36:e9:49:71:8e:1e:71:6c:2a:
56:e9:26:6e:36:4e:62:b6:e7:db:c5:49:dd:d1:7e:8f:59:f9:
0e:29:87:1e:2a:6b:f2:e2:a8:de:4e:6d:47:f9:f1:cd:1d:1d:
e9:9c:09:40:1d:bf:49:d1:81:6c:9a:98:70:20:dd:72:f7:f1:
cf:a8:4c:44:35:62:be:3f:8d:f7:88:7c:be:58:34:05:a2:10:
a5:9b:4e:1e:05:41:85:a9:e5:41:8c:3f:ea:7d:23:30:51:bb:
61:f9:ca:73
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbxeujQDl7Dho54OUNEgx6fo/rLAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjE3MjU0OGZhM2M0NjBlMjZjYjUxOWVlNTI0MzYxYmNh
NmM3MTMyZTAeFw0yNjAzMDYxMDA1MTJaFw0yNzAzMDUxMDEwMTJaMDMxMTAvBgNV
BAMTKDJFOEFFNkREQTY5ODMzNUVGN0REQjAzMTU3MTk0RTZBMDJFNzU4QjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHMZqw++YSvq6Gt/koq5b7/SSq
l+E3EWdCUXibCpno0iGMf9vnuS7HbLL7FeyTIKVr5PddTRiR+mO+jmRvWyfDj55d
qW1Z+I2cLzO8epOF4v2AjAUDoOL1zspTSxk+t9rnqPJ9cy4LWHE7edYxNCEFfd4A
WHB/SRgcjF6dPGiQlKqI3Zr92P/5DnUs8SKX+s4SKkq3RqlOxM6bbtrVn7nRLIB9
OSVN+9x4S7OY5bvJUec5skRu5IlIkls/j9VJV5mnS96PDOpFs10foNXSvR9yjHWT
J5ML0tksaMPGbQAn5mO5Dp3QHv97P0mJxZjQ1WgBGi2p3YvzEhQEKsWJtSltAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQULorm3aaYM1733bAxVxlOagLnWLAwHwYDVR0j
BBgwFoAUsXJUj6PEYOJstRnuUkNhvKbHEy4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTY1NzNlODgtZGFiYS00YWM3LWEyZWQtMzIxYzgyNzdk
MjVlLzAvQjE3MjU0OEZBM0M0NjBFMjZDQjUxOUVFNTI0MzYxQkNBNkM3MTMyRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NYSlVqNlBFWU9Kc3RSbnVVa05odkti
SEV5NC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTY1NzNlODgt
ZGFiYS00YWM3LWEyZWQtMzIxYzgyNzdkMjVlLzAvMzkzMzJlMzkzNTJlMzEzMTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMyMzAzNDM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
XV9xMA0GCSqGSIb3DQEBCwUAA4IBAQDehCvUMlQmpGCGs0rifzptH0XCuCD/5PlU
2EDtmZBhXJrT9alRQ9oHGgf0d9yDZt3WuZWipDmZxbQ2UxtHrkuB37tn2S2Vu6v2
Ipxnl/4AbkfRmpw3VgmRYq4Ts00nHB0F7H5faffnBqoSsT6mflsueaJxZhk8/QGo
GmnxX9SyVfxfvrfNUn6J1CQkiSekIeosOIiJ58S0uxY26Ulxjh5xbCpW6SZuNk5i
tufbxUnd0X6PWfkOKYceKmvy4qjeTm1H+fHNHR3pnAlAHb9J0YFsmphwIN1y9/HP
qExENWK+P433iHy+WDQFohClm04eBUGFqeVBjD/qfSMwUbth+cpz
-----END CERTIFICATE-----
Generated at Sat Mar 14 07:51:35 2026 by rpki-client