Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137352e302f32342d3234203d3e20323133333139.roa
File: 39352e3136392e3137352e302f32342d3234203d3e20323133333139.roa (raw, json)
Hash identifier: dS2LuRYQAUbAW6hHMhpL306RVrDayVVIz//Vlq4u7k8=
Subject key identifier: B2:20:64:F2:33:BD:E6:BE:EA:8D:C3:86:5B:55:E7:EC:47:27:0E:D8
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 0CFAB78B03B645D33034A5C117501107E7751FFE
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137352e302f32342d3234203d3e20323133333139.roa
Signing time: Tue 03 Mar 2026 14:46:45 +0000
ROA not before: Tue 03 Mar 2026 14:41:45 +0000
ROA not after: Tue 02 Mar 2027 14:46:45 +0000
asID: 213319
IP address blocks: 95.169.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Mar 2026 04:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:fa:b7:8b:03:b6:45:d3:30:34:a5:c1:17:50:11:07:e7:75:1f:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: Mar 3 14:41:45 2026 GMT
Not After : Mar 2 14:46:45 2027 GMT
Subject: CN=B22064F233BDE6BEEA8DC3865B55E7EC47270ED8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:72:36:a9:59:91:03:48:2f:54:9f:81:52:e4:
4b:9e:8c:46:4c:52:46:7b:77:ea:2b:29:06:83:74:
73:bf:b7:62:03:1e:50:2b:24:c0:a5:6d:47:03:55:
e9:11:2e:f6:c6:99:69:98:32:9a:62:70:2c:df:78:
b7:0f:18:d5:09:76:2e:f3:59:46:b6:95:2d:53:ff:
7b:3f:9d:29:6a:09:4c:20:33:cf:63:8f:12:9f:4f:
f5:58:00:a6:f9:f8:68:d7:cc:a3:31:59:40:9c:93:
2d:f3:c2:5c:f9:3a:8b:37:dc:45:7d:ab:9a:72:1b:
d9:44:8a:42:2f:2c:81:31:c6:0e:32:61:ba:84:a5:
30:3a:e5:d7:5b:af:f4:d4:be:4b:12:e7:56:6a:e0:
1b:b9:fe:6f:da:06:05:20:dc:60:cd:5b:c3:e4:9d:
9c:76:26:88:7b:38:63:53:8a:95:0d:c8:a9:91:b9:
3b:f4:cc:47:95:b5:e6:58:fe:56:d3:5e:1a:df:57:
02:b0:d2:f9:11:ce:9e:65:c9:37:aa:d6:b2:3a:33:
96:5b:c9:43:6f:19:68:1c:e3:ab:74:e4:49:cd:3f:
15:9d:cf:ab:2b:e5:45:03:b7:c1:83:68:24:79:40:
dc:bc:69:09:69:20:c4:68:6c:7c:24:b8:eb:4f:97:
5f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:20:64:F2:33:BD:E6:BE:EA:8D:C3:86:5B:55:E7:EC:47:27:0E:D8
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137352e302f32342d3234203d3e20323133333139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:79:c7:a3:b0:f7:28:c1:45:d5:c0:be:d7:f2:d8:ae:b5:fc:
8f:0d:30:e1:5e:4d:44:e7:93:05:0d:14:b4:87:89:43:d3:b0:
99:09:54:64:6c:7a:2f:0d:b1:70:b2:3b:8c:59:2a:8c:ec:aa:
98:13:e2:43:bb:bf:63:76:81:17:a8:7b:79:5a:9a:fe:ee:22:
3f:ea:6f:8f:51:d6:99:25:e5:f8:41:3c:a3:b8:ff:ae:57:f2:
51:c9:5d:18:f8:c2:0f:d5:12:5c:d4:ef:c9:79:ff:45:ed:4a:
ef:b2:59:3f:a9:22:8d:04:6b:32:ac:13:7f:f5:36:22:ed:bb:
32:c3:83:fa:6d:68:2a:25:f0:4f:c4:7d:40:17:44:c9:f4:9c:
75:fc:69:cd:84:02:99:fb:0e:ba:ac:57:cf:f4:80:9c:b8:0c:
29:7a:fe:dc:af:73:b3:9b:5b:80:f5:da:81:a1:66:7b:cd:cf:
84:fb:ed:47:bc:3f:49:51:4e:46:f5:1b:38:bd:92:0f:70:e8:
8b:18:05:37:de:9c:0b:0f:a7:30:82:62:22:a3:be:20:ec:b9:
2a:16:3e:0a:3c:e9:97:ad:35:fe:fd:af:8c:6c:52:c5:67:00:
75:43:4b:25:ee:7d:34:61:71:62:41:64:d1:9c:6c:92:6f:27:
a6:26:01:3c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDPq3iwO2RdMwNKXBF1ARB+d1H/4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNjAzMDMxNDQxNDVaFw0yNzAzMDIxNDQ2NDVaMDMxMTAvBgNV
BAMTKEIyMjA2NEYyMzNCREU2QkVFQThEQzM4NjVCNTVFN0VDNDcyNzBFRDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfcjapWZEDSC9Un4FS5EuejEZM
UkZ7d+orKQaDdHO/t2IDHlArJMClbUcDVekRLvbGmWmYMppicCzfeLcPGNUJdi7z
WUa2lS1T/3s/nSlqCUwgM89jjxKfT/VYAKb5+GjXzKMxWUCcky3zwlz5Oos33EV9
q5pyG9lEikIvLIExxg4yYbqEpTA65ddbr/TUvksS51Zq4Bu5/m/aBgUg3GDNW8Pk
nZx2Joh7OGNTipUNyKmRuTv0zEeVteZY/lbTXhrfVwKw0vkRzp5lyTeq1rI6M5Zb
yUNvGWgc46t05EnNPxWdz6sr5UUDt8GDaCR5QNy8aQlpIMRobHwkuOtPl193AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUsiBk8jO95r7qjcOGW1Xn7EcnDtgwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM3
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzMzMzMxMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABfqa8wDQYJKoZIhvcNAQELBQADggEBAB95x6Ow9yjBRdXAvtfy2K61/I8NMOFe
TUTnkwUNFLSHiUPTsJkJVGRsei8NsXCyO4xZKozsqpgT4kO7v2N2gReoe3lamv7u
Ij/qb49R1pkl5fhBPKO4/65X8lHJXRj4wg/VElzU78l5/0XtSu+yWT+pIo0EazKs
E3/1NiLtuzLDg/ptaCol8E/EfUAXRMn0nHX8ac2EApn7DrqsV8/0gJy4DCl6/tyv
c7ObW4D12oGhZnvNz4T77Ue8P0lRTkb1Gzi9kg9w6IsYBTfenAsPpzCCYiKjviDs
uSoWPgo86ZetNf79r4xsUsVnAHVDSyXufTRhcWJBZNGcbJJvJ6YmATw=
-----END CERTIFICATE-----
Generated at Sat Mar 7 13:57:10 2026 by rpki-client