Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3138322e302f32342d3234203d3e20323132333834.roa
File: 39352e3231342e3138322e302f32342d3234203d3e20323132333834.roa (raw, json)
Hash identifier: 9sHNJMiehNbP1O+jWpsdoBoSI67XbsxRM7NeVaaB37s=
Subject key identifier: 45:7C:D3:D0:A0:41:DC:1B:76:A1:1B:33:9B:02:2D:CB:C9:A6:16:AA
Certificate issuer: /CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Certificate serial: 458CA20298165898665853016E0FE2899B8B34C9
Authority key identifier: 92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3138322e302f32342d3234203d3e20323132333834.roa
Signing time: Mon 06 Apr 2026 12:47:02 +0000
ROA not before: Mon 06 Apr 2026 12:42:02 +0000
ROA not after: Mon 05 Apr 2027 12:47:02 +0000
asID: 212384
IP address blocks: 95.214.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.mft
rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 11:31:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:8c:a2:02:98:16:58:98:66:58:53:01:6e:0f:e2:89:9b:8b:34:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Validity
Not Before: Apr 6 12:42:02 2026 GMT
Not After : Apr 5 12:47:02 2027 GMT
Subject: CN=457CD3D0A041DC1B76A11B339B022DCBC9A616AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:75:4a:f3:28:3d:b8:15:70:b3:5d:3b:1f:47:
30:dc:60:8b:70:63:2c:79:95:db:0c:0b:09:a3:ae:
b1:fa:fe:6d:49:77:19:b6:41:ab:35:f9:f3:5b:35:
27:8c:e0:86:ca:cb:1f:f6:9a:c0:9d:a3:21:eb:db:
7e:c6:1c:02:60:30:ef:3a:27:65:60:7a:25:e7:4e:
44:45:5e:c2:f3:90:c7:fc:92:6d:ce:83:74:7f:d1:
83:8d:1a:38:60:4a:f1:33:8e:22:e2:af:6b:50:e7:
a0:df:39:ad:e5:10:cf:da:17:54:63:12:c6:61:9a:
20:a6:d1:9b:63:2f:01:cf:1e:35:d3:3e:a1:11:58:
ef:30:e6:2a:e5:6d:a2:fc:10:97:4a:5e:b3:f9:54:
c7:7a:2d:8b:f9:38:af:30:78:2b:4e:6e:ae:d6:1c:
da:4f:a4:cb:01:dc:77:02:d2:e0:c4:5f:97:71:7c:
c6:2b:69:5e:04:7b:91:18:7f:ee:a0:d6:bb:27:d3:
5e:fe:95:ba:a7:ac:62:e1:ad:02:b5:e9:0f:c2:6e:
2f:be:db:9d:a3:41:57:f5:c4:54:12:0d:c3:4e:36:
ac:05:3d:d8:b7:20:e8:bd:0a:b5:6f:b3:c2:e8:31:
54:46:7d:11:7a:a3:41:84:fc:23:11:a9:a9:24:99:
c8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:7C:D3:D0:A0:41:DC:1B:76:A1:1B:33:9B:02:2D:CB:C9:A6:16:AA
X509v3 Authority Key Identifier:
keyid:92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3138322e302f32342d3234203d3e20323132333834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.182.0/24
Signature Algorithm: sha256WithRSAEncryption
35:02:31:f5:bc:ff:3b:2d:75:69:83:b7:97:17:fa:4a:a7:86:
75:ac:eb:8b:6d:56:e1:f8:c7:77:b8:87:12:5e:21:5d:8a:44:
6b:83:84:47:71:fc:cc:a9:41:f5:91:dc:9e:a6:6c:e1:6b:01:
79:d7:86:85:38:4e:a6:88:c3:43:4b:6a:a8:7f:9a:84:3c:be:
77:a7:86:2d:d0:58:a7:b6:0d:df:e8:ac:17:64:53:f1:21:83:
d2:10:09:63:17:4f:fd:f8:2e:72:df:55:3c:e5:e3:61:20:49:
3c:18:88:54:d3:e0:d5:3e:77:3a:85:ab:4b:ec:2b:c0:81:3c:
25:5b:00:bf:b3:48:c1:8f:18:5b:ba:9e:af:68:77:e4:7c:20:
d9:ac:69:b5:43:9e:62:c1:27:23:03:92:17:0f:22:48:cd:a9:
13:84:1e:d1:f8:d0:b9:eb:40:3e:c5:4b:12:3c:30:97:87:f7:
46:e2:de:86:9c:4c:72:e9:28:15:86:4c:85:21:5c:18:c4:19:
ae:52:1d:06:44:cf:9a:26:44:5e:d4:1c:f5:c6:29:19:58:34:
fd:a3:09:e0:b9:e8:25:f2:ea:cf:d4:b6:75:1b:85:4b:aa:fc:
77:c6:7e:56:88:1a:3c:b7:b7:6e:03:67:9a:f6:27:89:a0:4e:
ab:a0:14:73
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURYyiApgWWJhmWFMBbg/iiZuLNMkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTJmNDlkZTg2ODRmMTI4N2Y0ZjZjYjE4NWQ1Y2Y3ZGU4
MGM5MGI5NDAeFw0yNjA0MDYxMjQyMDJaFw0yNzA0MDUxMjQ3MDJaMDMxMTAvBgNV
BAMTKDQ1N0NEM0QwQTA0MURDMUI3NkExMUIzMzlCMDIyRENCQzlBNjE2QUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLdUrzKD24FXCzXTsfRzDcYItw
Yyx5ldsMCwmjrrH6/m1Jdxm2Qas1+fNbNSeM4IbKyx/2msCdoyHr237GHAJgMO86
J2VgeiXnTkRFXsLzkMf8km3Og3R/0YONGjhgSvEzjiLir2tQ56DfOa3lEM/aF1Rj
EsZhmiCm0ZtjLwHPHjXTPqERWO8w5irlbaL8EJdKXrP5VMd6LYv5OK8weCtObq7W
HNpPpMsB3HcC0uDEX5dxfMYraV4Ee5EYf+6g1rsn017+lbqnrGLhrQK16Q/Cbi++
252jQVf1xFQSDcNONqwFPdi3IOi9CrVvs8LoMVRGfRF6o0GE/CMRqakkmcgjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQURXzT0KBB3Bt2oRszmwIty8mmFqowHwYDVR0j
BBgwFoAUkvSd6GhPEof09ssYXVz33oDJC5QwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjA5MjMzODktMmJkZS00M2UwLWIwZDUtZmMyNDRhNjMw
M2QwLzAvOTJGNDlERTg2ODRGMTI4N0Y0RjZDQjE4NUQ1Q0Y3REU4MEM5MEI5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2t2U2Q2R2hQRW9mMDlzc1lYVnozM29E
SkM1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjA5MjMzODkt
MmJkZS00M2UwLWIwZDUtZmMyNDRhNjMwM2QwLzAvMzkzNTJlMzIzMTM0MmUzMTM4
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMzM4MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABf1rYwDQYJKoZIhvcNAQELBQADggEBADUCMfW8/zstdWmDt5cX+kqnhnWs64tt
VuH4x3e4hxJeIV2KRGuDhEdx/MypQfWR3J6mbOFrAXnXhoU4TqaIw0NLaqh/moQ8
vnenhi3QWKe2Dd/orBdkU/Ehg9IQCWMXT/34LnLfVTzl42EgSTwYiFTT4NU+dzqF
q0vsK8CBPCVbAL+zSMGPGFu6nq9od+R8INmsabVDnmLBJyMDkhcPIkjNqROEHtH4
0LnrQD7FSxI8MJeH90bi3oacTHLpKBWGTIUhXBjEGa5SHQZEz5omRF7UHPXGKRlY
NP2jCeC56CXy6s/UtnUbhUuq/HfGflaIGjy3t24DZ5r2J4mgTqugFHM=
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:30:58 2026 by rpki-client