Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137322e302f32342d3234203d3e20313937343737.roa
File: 39352e3231342e3137322e302f32342d3234203d3e20313937343737.roa (raw, json)
Hash identifier: 0Nw79EMxO4DuYLh23x86SyP3DqFJicDqK5+0xzSE8zA=
Subject key identifier: 15:89:9D:BA:3E:4B:49:94:AC:1C:42:17:98:74:08:BC:83:0F:EC:FA
Certificate issuer: /CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Certificate serial: 5EA0015078622C16E7151CF6A43D8D8AFFA6AAC0
Authority key identifier: 92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137322e302f32342d3234203d3e20313937343737.roa
Signing time: Thu 09 Apr 2026 17:40:59 +0000
ROA not before: Thu 09 Apr 2026 17:35:59 +0000
ROA not after: Thu 08 Apr 2027 17:40:59 +0000
asID: 197477
IP address blocks: 95.214.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.mft
rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 11:31:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:a0:01:50:78:62:2c:16:e7:15:1c:f6:a4:3d:8d:8a:ff:a6:aa:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Validity
Not Before: Apr 9 17:35:59 2026 GMT
Not After : Apr 8 17:40:59 2027 GMT
Subject: CN=15899DBA3E4B4994AC1C4217987408BC830FECFA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:27:9c:2d:e9:3a:e0:4f:5c:6e:dc:50:3d:7e:
5e:82:b0:ab:83:3b:0b:c4:a6:30:32:23:64:c1:d5:
21:f7:f3:5a:1f:fb:42:9b:e8:18:bb:de:67:d4:ac:
d7:3d:18:c3:d3:c3:cb:5d:6d:cb:67:01:11:d6:ae:
e9:2f:c3:78:5e:58:e0:4b:a8:15:08:c1:8b:46:1c:
79:2a:2a:38:8d:1d:7f:5c:5a:74:03:39:5f:94:bb:
3f:a4:ae:b8:66:d3:25:7a:06:c0:f1:1e:7e:d9:e8:
d6:2e:55:f3:38:af:0a:e9:4f:62:f6:f9:60:d5:70:
88:f5:38:b6:a7:b8:5a:b3:7f:00:bd:1e:7c:73:9c:
58:a1:cc:f8:57:09:bf:ea:e4:91:6e:02:11:06:28:
ee:1f:09:16:58:96:80:00:bb:f6:4a:6c:4b:73:fe:
a4:4f:e8:97:c2:93:f5:3d:90:e5:23:e8:72:65:2f:
71:7a:f9:19:d5:36:28:38:23:07:c2:34:0b:0a:c4:
01:50:38:83:e9:20:8e:14:a6:25:fa:93:bb:58:72:
fe:57:25:c1:f4:70:6c:d6:40:a0:c2:91:ff:3a:a6:
c2:d3:7c:af:bb:7c:57:fc:62:70:96:6a:c2:f0:70:
f0:33:2d:33:fe:86:e3:82:38:81:2a:c0:c5:79:52:
06:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:89:9D:BA:3E:4B:49:94:AC:1C:42:17:98:74:08:BC:83:0F:EC:FA
X509v3 Authority Key Identifier:
keyid:92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137322e302f32342d3234203d3e20313937343737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.172.0/24
Signature Algorithm: sha256WithRSAEncryption
69:3d:0b:f2:30:0a:fa:44:af:51:35:ba:82:b5:22:40:da:9d:
c4:3f:8b:11:cd:4c:44:88:59:69:d8:35:70:0e:04:d0:e0:fb:
21:46:6b:e9:67:4e:d6:9e:3b:75:b3:e8:03:ce:63:51:7b:d9:
dc:12:56:6b:f4:b5:82:ea:de:25:09:61:16:bc:8f:58:20:6e:
14:ae:84:8a:cf:71:22:e0:cf:97:cf:a5:af:aa:0b:95:8a:6c:
4d:ec:8e:35:3c:d4:07:e2:11:de:fe:91:33:1f:07:dd:3c:18:
9d:52:3a:c0:e9:75:02:07:23:49:e5:a4:37:45:27:35:da:6c:
eb:46:e0:d8:43:2c:59:bb:2c:e2:ca:6a:13:59:20:53:f0:8d:
52:51:f3:c9:0d:14:32:f1:58:4e:bf:8e:d9:ee:09:a8:1e:6a:
65:ee:8e:b2:c1:6f:d3:07:f5:8e:d1:bd:b1:1d:95:7c:51:bb:
08:89:3a:e9:59:5a:21:51:21:76:ca:ef:30:23:e9:9e:a7:76:
2e:3c:66:1f:17:48:43:44:ab:90:db:89:6f:6d:6d:38:f7:a0:
f9:0c:da:16:e7:b3:ec:a4:87:30:0e:bc:80:fe:d8:96:b8:b8:
de:07:a5:3d:b8:c3:a1:69:24:4e:7a:3f:da:68:3e:5b:9d:32:
2b:63:99:6a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXqABUHhiLBbnFRz2pD2Niv+mqsAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTJmNDlkZTg2ODRmMTI4N2Y0ZjZjYjE4NWQ1Y2Y3ZGU4
MGM5MGI5NDAeFw0yNjA0MDkxNzM1NTlaFw0yNzA0MDgxNzQwNTlaMDMxMTAvBgNV
BAMTKDE1ODk5REJBM0U0QjQ5OTRBQzFDNDIxNzk4NzQwOEJDODMwRkVDRkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdJ5wt6TrgT1xu3FA9fl6CsKuD
OwvEpjAyI2TB1SH381of+0Kb6Bi73mfUrNc9GMPTw8tdbctnARHWrukvw3heWOBL
qBUIwYtGHHkqKjiNHX9cWnQDOV+Uuz+krrhm0yV6BsDxHn7Z6NYuVfM4rwrpT2L2
+WDVcIj1OLanuFqzfwC9HnxznFihzPhXCb/q5JFuAhEGKO4fCRZYloAAu/ZKbEtz
/qRP6JfCk/U9kOUj6HJlL3F6+RnVNig4IwfCNAsKxAFQOIPpII4UpiX6k7tYcv5X
JcH0cGzWQKDCkf86psLTfK+7fFf8YnCWasLwcPAzLTP+huOCOIEqwMV5UgajAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUFYmduj5LSZSsHEIXmHQIvIMP7PowHwYDVR0j
BBgwFoAUkvSd6GhPEof09ssYXVz33oDJC5QwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjA5MjMzODktMmJkZS00M2UwLWIwZDUtZmMyNDRhNjMw
M2QwLzAvOTJGNDlERTg2ODRGMTI4N0Y0RjZDQjE4NUQ1Q0Y3REU4MEM5MEI5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2t2U2Q2R2hQRW9mMDlzc1lYVnozM29E
SkM1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjA5MjMzODkt
MmJkZS00M2UwLWIwZDUtZmMyNDRhNjMwM2QwLzAvMzkzNTJlMzIzMTM0MmUzMTM3
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzczNDM3Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABf1qwwDQYJKoZIhvcNAQELBQADggEBAGk9C/IwCvpEr1E1uoK1IkDancQ/ixHN
TESIWWnYNXAOBNDg+yFGa+lnTtaeO3Wz6APOY1F72dwSVmv0tYLq3iUJYRa8j1gg
bhSuhIrPcSLgz5fPpa+qC5WKbE3sjjU81AfiEd7+kTMfB908GJ1SOsDpdQIHI0nl
pDdFJzXabOtG4NhDLFm7LOLKahNZIFPwjVJR88kNFDLxWE6/jtnuCageamXujrLB
b9MH9Y7RvbEdlXxRuwiJOulZWiFRIXbK7zAj6Z6ndi48Zh8XSENEq5DbiW9tbTj3
oPkM2hbns+ykhzAOvID+2Ja4uN4HpT24w6FpJE56P9poPludMitjmWo=
-----END CERTIFICATE-----
Generated at Sat Apr 18 02:33:18 2026 by rpki-client