Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/39352e3231342e33392e302f32342d3234203d3e2036303739.roa
File: 39352e3231342e33392e302f32342d3234203d3e2036303739.roa (raw, json)
Hash identifier: 3ikuXKhrekU7JPthDzzq4X7OcNKM7FQT8B43vVc+Z/A=
Subject key identifier: 6D:BC:3B:07:7F:74:E5:0B:A3:A0:AB:2C:66:F1:02:C2:B1:B6:9D:4B
Certificate issuer: /CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Certificate serial: 432D200686B88756418B0C8CCE9E7EF09BF00C1E
Authority key identifier: 7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/39352e3231342e33392e302f32342d3234203d3e2036303739.roa
Signing time: Fri 13 Feb 2026 02:59:27 +0000
ROA not before: Fri 13 Feb 2026 02:54:27 +0000
ROA not after: Fri 12 Feb 2027 02:59:27 +0000
asID: 6079
IP address blocks: 95.214.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 13:50:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:2d:20:06:86:b8:87:56:41:8b:0c:8c:ce:9e:7e:f0:9b:f0:0c:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Validity
Not Before: Feb 13 02:54:27 2026 GMT
Not After : Feb 12 02:59:27 2027 GMT
Subject: CN=6DBC3B077F74E50BA3A0AB2C66F102C2B1B69D4B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:03:35:67:9d:d1:15:5e:0b:ff:54:ac:33:06:
95:77:b4:46:f3:e1:a1:98:8f:2d:f6:f4:a7:c9:e0:
c0:ee:65:2e:e5:b1:ba:38:21:17:c8:6a:c3:fa:1a:
cd:de:5c:02:b2:d7:e7:a0:b7:a9:0b:da:79:88:4d:
7a:a0:34:44:85:86:b6:40:e3:cb:67:54:d4:af:ac:
aa:ff:11:4c:e3:1f:98:7a:91:95:29:11:f7:d8:a4:
f7:de:9d:2f:6a:d4:9a:39:06:a1:63:66:7a:fe:01:
c9:ce:3d:cd:81:38:a6:1f:ad:85:fe:86:87:84:c3:
50:b5:ed:2a:da:73:67:85:bc:72:b7:b9:59:0b:16:
b0:eb:cd:c8:2b:ca:ff:8c:5c:ef:d4:ef:ef:8c:e1:
27:1b:26:43:6a:23:3a:09:01:2e:45:11:f4:35:b8:
df:28:ab:93:e8:30:89:d0:7f:fe:e0:d9:50:2a:df:
b8:fb:52:93:8e:55:0c:38:60:de:96:aa:39:ae:3d:
aa:52:24:83:1b:56:e8:3b:f9:e1:90:66:a5:63:ed:
6b:62:28:5b:8d:71:9e:1b:53:3c:4b:bd:24:44:35:
9a:29:a6:23:90:7c:65:dd:db:4f:fc:be:99:de:02:
19:32:e6:b4:96:10:f4:99:cc:ed:52:e5:1b:5f:c6:
d6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:BC:3B:07:7F:74:E5:0B:A3:A0:AB:2C:66:F1:02:C2:B1:B6:9D:4B
X509v3 Authority Key Identifier:
keyid:7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/39352e3231342e33392e302f32342d3234203d3e2036303739.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.39.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:bc:b0:ff:95:cc:10:7b:c9:2d:c0:10:0c:a5:76:38:b4:91:
9e:f0:c5:e3:90:40:0a:78:1b:b4:ec:ee:2f:06:db:ba:05:43:
5a:bd:e5:0d:2c:3e:02:7a:c2:61:9a:c8:bc:e7:10:bd:f4:a4:
71:67:84:0a:80:a3:be:d3:a8:87:e1:4b:f7:50:58:1e:8f:d4:
37:13:37:fa:be:78:23:f2:6d:e5:74:e8:5f:59:c4:b8:b8:9f:
4b:a0:1a:94:27:b5:31:d6:85:25:91:8a:d0:9d:81:6a:54:ba:
aa:8e:c7:35:da:1f:26:a3:d4:48:34:eb:0c:01:72:35:0f:bc:
f6:5c:dd:51:da:77:dd:ef:63:2f:0b:4c:42:4a:6f:98:f6:23:
34:c9:4a:89:38:4d:f3:6a:2b:77:44:bb:59:2e:cc:61:3f:4f:
ce:b8:e7:46:aa:ca:99:a1:cc:74:42:ae:0a:d3:a9:2e:21:79:
2a:11:eb:c9:f9:28:04:aa:7b:43:26:1e:4d:95:76:2b:98:5c:
72:cc:40:0d:27:5d:b1:3f:83:0a:cb:4c:fa:66:2b:db:2b:a5:
77:70:20:70:ff:f8:65:6e:6e:45:ea:24:6b:3d:fa:d0:88:f4:
30:c3:30:b9:6d:e0:c5:18:18:33:7c:25:33:67:29:05:5a:4c:
ab:96:9c:6f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUQy0gBoa4h1ZBiwyMzp5+8JvwDB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2ZlYTM3ZmRmZTI5YjM0MTczZTk3ZjFiNjM3YTQ0ZWM0
MWFjZWJiODAeFw0yNjAyMTMwMjU0MjdaFw0yNzAyMTIwMjU5MjdaMDMxMTAvBgNV
BAMTKDZEQkMzQjA3N0Y3NEU1MEJBM0EwQUIyQzY2RjEwMkMyQjFCNjlENEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0AzVnndEVXgv/VKwzBpV3tEbz
4aGYjy329KfJ4MDuZS7lsbo4IRfIasP6Gs3eXAKy1+egt6kL2nmITXqgNESFhrZA
48tnVNSvrKr/EUzjH5h6kZUpEffYpPfenS9q1Jo5BqFjZnr+AcnOPc2BOKYfrYX+
hoeEw1C17Srac2eFvHK3uVkLFrDrzcgryv+MXO/U7++M4ScbJkNqIzoJAS5FEfQ1
uN8oq5PoMInQf/7g2VAq37j7UpOOVQw4YN6WqjmuPapSJIMbVug7+eGQZqVj7Wti
KFuNcZ4bUzxLvSRENZoppiOQfGXd20/8vpneAhky5rSWEPSZzO1S5RtfxtZHAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUbbw7B3905QujoKssZvECwrG2nUswHwYDVR0j
BBgwFoAUf+o3/f4ps0Fz6X8bY3pE7EGs67gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWItZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkz
YTlkLzAvN0ZFQTM3RkRGRTI5QjM0MTczRTk3RjFCNjM3QTQ0RUM0MUFDRUJCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YtbzNfZjRwczBGejZYOGJZM3BFN0VH
czY3Zy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWIt
ZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkzYTlkLzAvMzkzNTJlMzIzMTM0MmUzMzM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMDM3Mzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABf1icw
DQYJKoZIhvcNAQELBQADggEBAM68sP+VzBB7yS3AEAyldji0kZ7wxeOQQAp4G7Ts
7i8G27oFQ1q95Q0sPgJ6wmGayLznEL30pHFnhAqAo77TqIfhS/dQWB6P1DcTN/q+
eCPybeV06F9ZxLi4n0ugGpQntTHWhSWRitCdgWpUuqqOxzXaHyaj1Eg06wwBcjUP
vPZc3VHad93vYy8LTEJKb5j2IzTJSok4TfNqK3dEu1kuzGE/T86450aqypmhzHRC
rgrTqS4heSoR68n5KASqe0MmHk2VdiuYXHLMQA0nXbE/gwrLTPpmK9srpXdwIHD/
+GVubkXqJGs9+tCI9DDDMLlt4MUYGDN8JTNnKQVaTKuWnG8=
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:59:03 2026 by rpki-client