Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137372e302f32342d3234203d3e20323133323530.roa
File: 39352e3136392e3137372e302f32342d3234203d3e20323133323530.roa (raw, json)
Hash identifier: KhIgyDQBUI0rDOYr6KFK3W5xahsrdfLlExr/x8BC9vA=
Subject key identifier: 07:1A:5D:FE:27:32:D6:31:61:39:FF:51:7F:EA:7E:B4:A3:A6:C7:50
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 662BCFB7E9D2485CF2A680610612D3759D5E8D85
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137372e302f32342d3234203d3e20323133323530.roa
Signing time: Mon 25 May 2026 09:47:16 +0000
ROA not before: Mon 25 May 2026 09:42:16 +0000
ROA not after: Mon 24 May 2027 09:47:16 +0000
asID: 213250
IP address blocks: 95.169.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:2b:cf:b7:e9:d2:48:5c:f2:a6:80:61:06:12:d3:75:9d:5e:8d:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: May 25 09:42:16 2026 GMT
Not After : May 24 09:47:16 2027 GMT
Subject: CN=071A5DFE2732D6316139FF517FEA7EB4A3A6C750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0a:89:7f:fa:cc:44:0f:03:ed:b7:77:e0:ad:
4a:a5:62:96:34:09:9e:5e:56:bb:56:1a:e4:57:02:
6a:ae:d7:32:a2:85:06:6e:a6:4d:c3:1e:52:9a:5e:
11:b3:d9:f5:2e:c4:43:6f:68:e0:7f:b5:40:a1:6a:
2f:f8:f5:c8:64:2b:af:ec:d7:72:37:b7:fe:36:16:
65:74:17:68:f7:8c:37:bd:91:4c:0e:f1:7b:62:8b:
ef:be:0a:92:33:d1:1f:fb:ef:5b:06:7e:b9:a6:9a:
45:ef:5d:ac:2d:85:26:4c:ae:26:bc:38:ae:fd:32:
b8:3a:f3:63:fe:5e:06:e8:b6:40:2f:1e:e2:28:c3:
69:6a:26:80:e7:71:0c:08:6c:ee:de:93:35:f0:4f:
81:4f:42:80:a3:5a:58:a8:d4:34:f0:94:6e:75:15:
63:4e:16:4c:3a:5b:4b:ec:04:2a:ca:20:00:44:da:
ac:21:21:c2:01:2f:d4:f0:1c:27:e0:37:ca:c9:34:
eb:31:92:71:36:f7:a7:52:22:2d:e0:b5:62:f9:0c:
e9:87:be:37:09:7b:ef:f1:d0:db:ee:89:3f:f4:6e:
4a:3f:ce:23:e5:2d:9b:82:a3:b4:da:8c:95:6d:5b:
dc:5b:1d:d4:91:99:db:59:7b:f4:05:be:5f:87:06:
14:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:1A:5D:FE:27:32:D6:31:61:39:FF:51:7F:EA:7E:B4:A3:A6:C7:50
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137372e302f32342d3234203d3e20323133323530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.177.0/24
Signature Algorithm: sha256WithRSAEncryption
54:37:4f:c8:6b:f6:99:45:20:71:58:cf:a1:a4:c8:05:7f:45:
99:74:41:1d:77:d5:46:cd:00:49:02:bb:cb:83:ad:c5:88:f8:
c2:96:cc:2c:ed:33:ae:30:6b:cc:aa:32:70:01:f7:4f:a9:23:
ec:5a:e9:2e:3d:9d:5d:dc:86:be:d3:b8:cf:10:20:1d:b4:34:
9f:2e:9e:a8:32:3e:d5:86:7f:6d:96:45:6f:c7:be:61:6b:0b:
ee:a8:57:b9:72:46:90:bd:f0:ce:3a:21:81:99:6f:fb:ed:1c:
f7:16:2a:fb:2f:c9:61:58:3c:d2:6c:f0:17:22:93:14:d6:63:
05:8e:65:25:f2:01:dd:d3:bd:b6:30:5a:62:d6:f6:32:7a:4c:
30:1d:e8:a2:40:c8:a8:86:f2:d8:54:10:76:78:d9:15:5c:06:
04:14:2f:ee:b1:70:06:4f:e0:be:de:32:a0:e9:fd:69:9f:13:
e6:53:a5:76:12:46:30:69:c4:40:71:08:f7:b3:89:ad:3d:ae:
cb:7f:0a:fd:28:fe:a2:60:4c:76:a7:3c:7b:7f:77:dc:11:b8:
d3:62:30:50:46:47:cc:da:88:96:0b:d7:1d:1f:92:3e:3b:ec:
ed:86:93:2e:18:d6:fd:2c:3b:b8:b2:b1:b9:32:c5:cb:a5:1a:
59:c9:b3:57
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZivPt+nSSFzypoBhBhLTdZ1ejYUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNjA1MjUwOTQyMTZaFw0yNzA1MjQwOTQ3MTZaMDMxMTAvBgNV
BAMTKDA3MUE1REZFMjczMkQ2MzE2MTM5RkY1MTdGRUE3RUI0QTNBNkM3NTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZCol/+sxEDwPtt3fgrUqlYpY0
CZ5eVrtWGuRXAmqu1zKihQZupk3DHlKaXhGz2fUuxENvaOB/tUChai/49chkK6/s
13I3t/42FmV0F2j3jDe9kUwO8Xtii+++CpIz0R/771sGfrmmmkXvXawthSZMria8
OK79Mrg682P+XgbotkAvHuIow2lqJoDncQwIbO7ekzXwT4FPQoCjWlio1DTwlG51
FWNOFkw6W0vsBCrKIABE2qwhIcIBL9TwHCfgN8rJNOsxknE296dSIi3gtWL5DOmH
vjcJe+/x0NvuiT/0bko/ziPlLZuCo7TajJVtW9xbHdSRmdtZe/QFvl+HBhSBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUBxpd/icy1jFhOf9Rf+p+tKOmx1AwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM3
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzMzMjM1MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABfqbEwDQYJKoZIhvcNAQELBQADggEBAFQ3T8hr9plFIHFYz6GkyAV/RZl0QR13
1UbNAEkCu8uDrcWI+MKWzCztM64wa8yqMnAB90+pI+xa6S49nV3chr7TuM8QIB20
NJ8unqgyPtWGf22WRW/HvmFrC+6oV7lyRpC98M46IYGZb/vtHPcWKvsvyWFYPNJs
8BcikxTWYwWOZSXyAd3TvbYwWmLW9jJ6TDAd6KJAyKiG8thUEHZ42RVcBgQUL+6x
cAZP4L7eMqDp/WmfE+ZTpXYSRjBpxEBxCPezia09rst/Cv0o/qJgTHanPHt/d9wR
uNNiMFBGR8zaiJYL1x0fkj477O2Gky4Y1v0sO7iysbkyxculGlnJs1c=
-----END CERTIFICATE-----
Generated at Sat Jun 6 08:32:41 2026 by rpki-client