Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136322e302f32342d3234203d3e203136323736.roa
File: 39352e3136392e3136322e302f32342d3234203d3e203136323736.roa (raw, json)
Hash identifier: CyFZbziieFrknuvl00hV/+9L9WpJTTjbeehkVgI608g=
Subject key identifier: 3A:8D:5C:EC:76:14:8F:93:B1:AE:9C:0D:7A:95:DD:EB:B8:A3:9F:A6
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 0EC86C35C0AD12E87BC7218FF62F99444587D599
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136322e302f32342d3234203d3e203136323736.roa
Signing time: Wed 22 Oct 2025 03:55:09 +0000
ROA not before: Wed 22 Oct 2025 03:50:09 +0000
ROA not after: Wed 21 Oct 2026 03:55:09 +0000
asID: 16276
IP address blocks: 95.169.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 05:51:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:c8:6c:35:c0:ad:12:e8:7b:c7:21:8f:f6:2f:99:44:45:87:d5:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: Oct 22 03:50:09 2025 GMT
Not After : Oct 21 03:55:09 2026 GMT
Subject: CN=3A8D5CEC76148F93B1AE9C0D7A95DDEBB8A39FA6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:34:12:34:a5:a0:ac:c6:07:56:ea:36:cf:e7:
5d:d7:fe:45:0f:be:43:f5:2c:4f:3e:d2:a2:35:75:
7d:57:48:f7:32:62:ec:55:48:d9:52:46:60:a9:9b:
3e:fe:f1:a0:7a:0d:6e:d0:e7:97:3d:9d:e9:a6:b8:
e4:0a:c2:a2:b1:86:a9:07:92:ee:32:61:b4:c8:d4:
5d:fd:11:fc:d7:1a:58:59:e7:17:29:3a:2e:77:e9:
ef:35:e8:98:e1:a3:d1:da:21:7e:9d:d6:f0:1f:d6:
e1:4f:e6:86:9d:1e:6b:b3:99:03:ea:8e:be:4b:d8:
72:6b:e5:96:35:9f:d3:d7:21:42:aa:b6:e6:20:7d:
dd:4a:4e:a7:09:df:5a:08:8d:26:31:3a:2e:bd:3c:
a7:fe:7f:2f:a6:45:fa:56:f7:0d:e1:11:26:d0:6b:
cb:ad:ea:4b:8d:69:27:57:7d:19:b8:eb:2a:62:53:
32:03:8c:2a:40:e1:a4:27:14:fd:86:4f:87:4d:46:
d1:ac:bd:0f:64:32:7a:c7:ad:2d:28:07:e7:af:14:
47:8b:65:8e:ee:74:1e:61:a7:74:53:c8:ab:a7:5f:
7a:85:7b:a0:d4:d3:ab:6c:85:dd:e1:16:78:a4:1e:
dc:7f:8b:c5:3b:e3:c5:72:d5:3f:15:cc:4c:4e:e6:
03:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:8D:5C:EC:76:14:8F:93:B1:AE:9C:0D:7A:95:DD:EB:B8:A3:9F:A6
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136322e302f32342d3234203d3e203136323736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.162.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:b3:58:b3:da:79:2b:42:da:26:17:24:3d:fa:a1:00:51:60:
37:d4:9e:65:93:3e:f5:f3:8f:06:e3:a6:14:80:d9:ab:7b:a3:
5d:3f:d5:e3:f4:37:8e:1e:f4:b7:48:0f:b4:ec:c1:34:5c:a0:
f3:02:16:d6:28:a0:97:6b:08:f2:da:4c:44:bb:c4:8f:f0:7c:
5b:44:83:5d:69:3c:eb:44:18:7a:16:a0:99:f9:25:ab:a9:9c:
70:51:3a:43:50:6f:a6:00:da:09:9d:a8:3c:3f:5a:d0:cb:be:
5e:67:99:70:8c:a6:2f:9a:bb:88:74:3a:c6:48:57:70:90:13:
9d:27:03:6e:45:3e:0b:7d:8d:c3:a0:bc:27:10:c6:ac:b0:10:
ab:d2:2c:e7:e8:58:5d:dc:fa:0e:6d:0b:21:49:96:0a:d0:d2:
cf:2e:17:c4:70:03:fc:7d:5b:1f:f2:b3:72:80:7c:37:c4:6b:
d5:16:e5:3e:07:0d:02:92:85:30:b7:5f:1e:39:b8:c2:e8:87:
ae:9b:9a:ee:b7:8a:37:e9:bb:6b:49:28:b5:bd:b5:bf:3f:b9:
e9:b5:40:aa:c1:5b:64:45:69:05:51:9d:ab:b6:26:bd:f1:46:
84:5c:d4:b1:b7:b4:84:b2:5a:c0:83:13:a9:19:0a:c8:f6:e7:
a7:4f:14:83
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDshsNcCtEuh7xyGP9i+ZREWH1ZkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNTEwMjIwMzUwMDlaFw0yNjEwMjEwMzU1MDlaMDMxMTAvBgNV
BAMTKDNBOEQ1Q0VDNzYxNDhGOTNCMUFFOUMwRDdBOTVEREVCQjhBMzlGQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBNBI0paCsxgdW6jbP513X/kUP
vkP1LE8+0qI1dX1XSPcyYuxVSNlSRmCpmz7+8aB6DW7Q55c9nemmuOQKwqKxhqkH
ku4yYbTI1F39EfzXGlhZ5xcpOi536e816Jjho9HaIX6d1vAf1uFP5oadHmuzmQPq
jr5L2HJr5ZY1n9PXIUKqtuYgfd1KTqcJ31oIjSYxOi69PKf+fy+mRfpW9w3hESbQ
a8ut6kuNaSdXfRm46ypiUzIDjCpA4aQnFP2GT4dNRtGsvQ9kMnrHrS0oB+evFEeL
ZY7udB5hp3RTyKunX3qFe6DU06tshd3hFnikHtx/i8U748Vy1T8VzExO5gPjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUOo1c7HYUj5OxrpwNepXd67ijn6YwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM2
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM2MzIzNzM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X6miMA0GCSqGSIb3DQEBCwUAA4IBAQCps1iz2nkrQtomFyQ9+qEAUWA31J5lkz71
848G46YUgNmre6NdP9Xj9DeOHvS3SA+07ME0XKDzAhbWKKCXawjy2kxEu8SP8Hxb
RINdaTzrRBh6FqCZ+SWrqZxwUTpDUG+mANoJnag8P1rQy75eZ5lwjKYvmruIdDrG
SFdwkBOdJwNuRT4LfY3DoLwnEMassBCr0izn6Fhd3PoObQshSZYK0NLPLhfEcAP8
fVsf8rNygHw3xGvVFuU+Bw0CkoUwt18eObjC6Ieum5rut4o36btrSSi1vbW/P7np
tUCqwVtkRWkFUZ2rtia98UaEXNSxt7SEslrAgxOpGQrI9uenTxSD
-----END CERTIFICATE-----
Generated at Wed Oct 22 22:08:56 2025 by rpki-client