Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/39322e3131392e31322e302f32342d3234203d3e20323131303537.roa
File: 39322e3131392e31322e302f32342d3234203d3e20323131303537.roa (raw, json)
Hash identifier: LCzRZ19Bw/c5uwr8re6X3yHmSBzCMKX1+G0o3/8NHTE=
Subject key identifier: 67:BB:00:AD:DB:58:39:46:33:D8:2B:2B:6F:03:B1:02:BC:A6:FD:C9
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 0465A4376800BE07B22D67D3599D0677B60B17E7
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/39322e3131392e31322e302f32342d3234203d3e20323131303537.roa
Signing time: Wed 18 Feb 2026 08:05:52 +0000
ROA not before: Wed 18 Feb 2026 08:00:52 +0000
ROA not after: Wed 17 Feb 2027 08:05:52 +0000
asID: 211057
IP address blocks: 92.119.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:65:a4:37:68:00:be:07:b2:2d:67:d3:59:9d:06:77:b6:0b:17:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Feb 18 08:00:52 2026 GMT
Not After : Feb 17 08:05:52 2027 GMT
Subject: CN=67BB00ADDB58394633D82B2B6F03B102BCA6FDC9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:22:cb:10:d2:ee:c3:40:f1:83:a0:b7:15:9a:
98:c8:d7:26:6e:be:7e:19:e9:66:98:8b:70:51:67:
eb:10:71:52:9a:10:3f:e2:5d:5b:09:e2:f1:ed:f6:
5c:ed:bc:1e:9c:59:ce:f4:8b:87:dc:fe:36:64:90:
46:1e:db:e5:ea:7b:95:fc:e0:58:de:b7:8c:3d:38:
e0:a7:86:b0:cd:b6:50:d7:99:23:d0:ab:82:0b:e6:
73:e1:fc:4d:c5:08:77:ad:2b:95:d1:68:39:61:70:
10:ee:3b:4e:80:cc:7b:60:83:a7:53:dd:a1:a4:7d:
d9:64:59:ec:d5:a6:70:cd:9d:f7:8d:40:f9:03:95:
c4:70:da:55:fe:85:ac:77:a9:30:8c:1c:96:0a:6e:
56:77:8d:48:59:11:5a:ec:b2:d4:68:7a:73:f6:a7:
5d:49:f8:a9:3f:ae:fe:50:de:c1:7a:66:f7:30:70:
ef:25:06:14:4f:aa:59:26:f7:5d:ca:e0:aa:9d:d6:
64:1b:3a:88:79:bc:8a:06:05:dd:f5:c3:be:9b:6d:
a6:b5:f6:21:3d:84:f3:fe:bb:04:65:87:74:e9:aa:
f9:51:4f:75:52:68:4e:5a:b1:12:fb:0c:06:10:36:
4c:6f:26:10:4b:c6:8c:d4:81:c9:8f:c1:2a:09:19:
28:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:BB:00:AD:DB:58:39:46:33:D8:2B:2B:6F:03:B1:02:BC:A6:FD:C9
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/39322e3131392e31322e302f32342d3234203d3e20323131303537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.12.0/24
Signature Algorithm: sha256WithRSAEncryption
40:c1:0f:17:45:40:ca:fc:65:f6:fd:78:6a:d2:e6:73:a6:00:
b2:65:62:bf:13:de:eb:ac:ff:c1:f1:ea:c3:cf:c3:a3:b2:23:
a2:3b:41:c7:f4:5a:91:ad:1c:1d:e0:a6:52:e2:5b:11:ad:74:
d8:97:29:dc:8a:40:fd:b1:20:57:c7:f6:a0:d0:ee:c0:0f:5c:
17:8b:14:ab:e8:02:8e:c3:2f:ba:86:3a:37:a0:d9:47:29:e6:
ca:94:44:f0:fb:cc:5f:52:27:ac:7a:02:1c:d1:bb:4f:b9:58:
f0:43:79:72:9d:40:a8:8f:d9:ed:36:e9:ea:a8:27:72:62:76:
b5:72:c8:43:9c:87:3c:b4:56:1d:2f:2e:0a:fc:ca:fe:ad:c7:
64:dc:5b:f1:bd:6a:06:96:57:0e:2a:ed:57:31:a3:b9:ae:40:
e6:01:c2:23:be:7e:7d:a7:e2:37:a7:bf:fa:bc:9d:94:a7:b0:
a4:d4:df:b3:08:32:9a:15:2a:1e:57:3d:d1:e8:47:9b:fa:04:
f0:75:96:da:1a:5b:aa:15:2c:e6:32:fc:b2:b2:52:9c:6c:c4:
bc:64:ef:e3:cc:c2:cc:ba:ca:29:47:b3:ee:8d:3d:d0:e4:e5:
5f:b2:33:b2:50:f8:ce:3d:49:5b:29:2b:9e:74:9b:fe:79:83:
78:88:d2:b5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBGWkN2gAvgeyLWfTWZ0Gd7YLF+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjAyMTgwODAwNTJaFw0yNzAyMTcwODA1NTJaMDMxMTAvBgNV
BAMTKDY3QkIwMEFEREI1ODM5NDYzM0Q4MkIyQjZGMDNCMTAyQkNBNkZEQzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChIssQ0u7DQPGDoLcVmpjI1yZu
vn4Z6WaYi3BRZ+sQcVKaED/iXVsJ4vHt9lztvB6cWc70i4fc/jZkkEYe2+Xqe5X8
4Fjet4w9OOCnhrDNtlDXmSPQq4IL5nPh/E3FCHetK5XRaDlhcBDuO06AzHtgg6dT
3aGkfdlkWezVpnDNnfeNQPkDlcRw2lX+hax3qTCMHJYKblZ3jUhZEVrsstRoenP2
p11J+Kk/rv5Q3sF6ZvcwcO8lBhRPqlkm913K4Kqd1mQbOoh5vIoGBd31w76bbaa1
9iE9hPP+uwRlh3TpqvlRT3VSaE5asRL7DAYQNkxvJhBLxozUgcmPwSoJGSg3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUZ7sArdtYOUYz2CsrbwOxArym/ckwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzkzMjJlMzEzMTM5MmUzMTMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMxMzAzNTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
XHcMMA0GCSqGSIb3DQEBCwUAA4IBAQBAwQ8XRUDK/GX2/Xhq0uZzpgCyZWK/E97r
rP/B8erDz8OjsiOiO0HH9FqRrRwd4KZS4lsRrXTYlyncikD9sSBXx/ag0O7AD1wX
ixSr6AKOwy+6hjo3oNlHKebKlETw+8xfUiesegIc0btPuVjwQ3lynUCoj9ntNunq
qCdyYna1cshDnIc8tFYdLy4K/Mr+rcdk3FvxvWoGllcOKu1XMaO5rkDmAcIjvn59
p+I3p7/6vJ2Up7Ck1N+zCDKaFSoeVz3R6Eeb+gTwdZbaGluqFSzmMvyyslKcbMS8
ZO/jzMLMusopR7PujT3Q5OVfsjOyUPjOPUlbKSuedJv+eYN4iNK1
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:05:39 2026 by rpki-client