Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/39322e3131392e31332e302f32342d3234203d3e20323032363733.roa
File: 39322e3131392e31332e302f32342d3234203d3e20323032363733.roa (raw, json)
Hash identifier: Xh4lGDKa8achAMnE+JCb9dwhJjmK0hh4xdAa9uh73B4=
Subject key identifier: 23:44:A6:17:E4:15:32:78:66:22:F7:E9:75:5A:70:8F:CD:84:E0:E5
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 73B4E1CBB6FE7D3A0B6F087893E0F9F9ACBAE141
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/39322e3131392e31332e302f32342d3234203d3e20323032363733.roa
Signing time: Mon 30 Mar 2026 09:24:26 +0000
ROA not before: Mon 30 Mar 2026 09:19:26 +0000
ROA not after: Mon 29 Mar 2027 09:24:26 +0000
asID: 202673
IP address blocks: 92.119.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:b4:e1:cb:b6:fe:7d:3a:0b:6f:08:78:93:e0:f9:f9:ac:ba:e1:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 30 09:19:26 2026 GMT
Not After : Mar 29 09:24:26 2027 GMT
Subject: CN=2344A617E41532786622F7E9755A708FCD84E0E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7b:0c:3f:68:a7:ed:8c:b7:93:53:8f:68:82:
fb:bf:9d:54:32:e9:b6:15:55:a0:4b:b3:c1:62:e8:
4f:a9:53:91:d0:c5:2b:08:0e:61:75:94:ec:88:9a:
b2:99:e0:7a:c5:d0:6a:1d:dd:44:26:5d:2d:de:2f:
6f:75:33:06:8a:73:06:be:b9:72:41:b5:6c:cd:b8:
40:d5:63:4b:e8:27:2a:96:b9:d6:c7:91:20:07:18:
38:1c:a0:46:7e:61:a6:fa:91:25:77:02:46:ed:ba:
fc:45:a6:e3:06:03:69:c1:9a:0a:ab:f3:e9:2b:e7:
25:56:fc:12:cb:b3:4a:f0:e2:d4:e4:87:0e:c0:97:
04:cb:23:9c:77:3e:d8:f4:e8:71:57:c2:21:5c:ad:
78:54:7a:99:33:29:bb:55:f0:7d:4e:58:81:55:63:
b4:b0:fa:52:20:92:e8:47:3d:95:c0:b7:14:f4:39:
0b:99:24:6a:49:96:a8:16:5c:cc:99:49:3c:c9:ab:
32:fe:90:81:2c:c9:61:72:dd:43:cb:d4:b3:5f:3f:
9d:a9:7f:0b:16:ca:f7:56:31:a4:42:a8:df:48:73:
5e:fd:b5:1a:7b:70:7a:42:c4:fc:72:81:8f:90:a6:
21:7e:0a:a6:3f:e5:00:4a:bb:fb:71:28:a9:42:e8:
bc:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:44:A6:17:E4:15:32:78:66:22:F7:E9:75:5A:70:8F:CD:84:E0:E5
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/39322e3131392e31332e302f32342d3234203d3e20323032363733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.13.0/24
Signature Algorithm: sha256WithRSAEncryption
79:af:16:a5:ea:44:7b:b9:dc:25:eb:3b:b9:39:fe:2c:aa:dd:
07:e3:87:17:61:3b:56:34:58:d0:15:63:fa:97:64:d8:48:ad:
77:d8:c0:27:39:47:9b:33:5b:e5:d8:85:bc:27:af:29:d3:06:
35:f1:81:89:28:d7:2f:d7:a1:46:a6:76:cd:3c:52:b0:26:89:
a7:2d:f4:f8:56:02:70:c4:39:86:ad:e5:84:8e:0a:3c:64:62:
83:3f:29:7d:1b:b4:80:73:44:d1:aa:13:0b:25:12:57:bb:53:
3c:1d:ab:fe:dc:98:87:41:70:5e:79:99:29:bc:e6:37:aa:9d:
a6:40:0b:35:c3:93:a9:f0:10:92:35:bd:5c:f1:7a:9c:76:b7:
e2:ff:34:1b:65:da:c7:2e:fb:df:cb:aa:e4:f6:63:97:9a:b4:
f8:15:3d:50:b2:50:b3:38:4e:c5:70:64:e3:7e:57:b9:c8:f9:
99:1b:a0:c3:4c:28:ac:d9:70:3a:d8:58:a0:c2:95:d3:6a:9d:
fd:ca:d1:96:76:e6:c3:f8:88:a2:1c:d9:1c:b4:ed:68:2a:46:
67:31:39:5a:de:54:9c:14:98:76:ee:ef:c9:02:d8:f0:b8:46:
75:83:e4:b2:2b:db:b0:ef:e2:0c:92:42:33:32:51:51:5f:b2:
e4:40:b9:12
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUc7Thy7b+fToLbwh4k+D5+ay64UEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjAzMzAwOTE5MjZaFw0yNzAzMjkwOTI0MjZaMDMxMTAvBgNV
BAMTKDIzNDRBNjE3RTQxNTMyNzg2NjIyRjdFOTc1NUE3MDhGQ0Q4NEUwRTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4eww/aKftjLeTU49ogvu/nVQy
6bYVVaBLs8Fi6E+pU5HQxSsIDmF1lOyImrKZ4HrF0God3UQmXS3eL291MwaKcwa+
uXJBtWzNuEDVY0voJyqWudbHkSAHGDgcoEZ+Yab6kSV3AkbtuvxFpuMGA2nBmgqr
8+kr5yVW/BLLs0rw4tTkhw7AlwTLI5x3Ptj06HFXwiFcrXhUepkzKbtV8H1OWIFV
Y7Sw+lIgkuhHPZXAtxT0OQuZJGpJlqgWXMyZSTzJqzL+kIEsyWFy3UPL1LNfP52p
fwsWyvdWMaRCqN9Ic179tRp7cHpCxPxygY+QpiF+CqY/5QBKu/txKKlC6LwrAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUI0SmF+QVMnhmIvfpdVpwj82E4OUwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzkzMjJlMzEzMTM5MmUzMTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMyMzYzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
XHcNMA0GCSqGSIb3DQEBCwUAA4IBAQB5rxal6kR7udwl6zu5Of4sqt0H44cXYTtW
NFjQFWP6l2TYSK132MAnOUebM1vl2IW8J68p0wY18YGJKNcv16FGpnbNPFKwJomn
LfT4VgJwxDmGreWEjgo8ZGKDPyl9G7SAc0TRqhMLJRJXu1M8Hav+3JiHQXBeeZkp
vOY3qp2mQAs1w5Op8BCSNb1c8Xqcdrfi/zQbZdrHLvvfy6rk9mOXmrT4FT1QslCz
OE7FcGTjfle5yPmZG6DDTCis2XA62FigwpXTap39ytGWdubD+IiiHNkctO1oKkZn
MTla3lScFJh27u/JAtjwuEZ1g+SyK9uw7+IMkkIzMlFRX7LkQLkS
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:30:41 2026 by rpki-client