Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/39322e3131392e31352e302f32342d3234203d3e20323131303537.roa
File: 39322e3131392e31352e302f32342d3234203d3e20323131303537.roa (raw, json)
Hash identifier: njTQpS1ayaCngakFkafq8xJvTjCC2WmYss1Z//oyqD4=
Subject key identifier: B2:8C:D2:D2:BB:EF:9D:1B:FB:23:59:68:18:19:B2:A7:DA:48:72:E8
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 203CA0CF5A7CA8B19BAAE160770931F62D0D0136
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/39322e3131392e31352e302f32342d3234203d3e20323131303537.roa
Signing time: Wed 18 Feb 2026 08:05:15 +0000
ROA not before: Wed 18 Feb 2026 08:00:15 +0000
ROA not after: Wed 17 Feb 2027 08:05:15 +0000
asID: 211057
IP address blocks: 92.119.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:3c:a0:cf:5a:7c:a8:b1:9b:aa:e1:60:77:09:31:f6:2d:0d:01:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Feb 18 08:00:15 2026 GMT
Not After : Feb 17 08:05:15 2027 GMT
Subject: CN=B28CD2D2BBEF9D1BFB2359681819B2A7DA4872E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:47:45:01:6c:2f:0f:a6:a3:c0:b1:6a:dd:7f:
76:ea:52:27:a0:44:67:76:19:58:6c:cf:7b:0a:c4:
99:66:52:cf:fe:3f:42:97:4a:56:43:d5:52:bb:be:
f3:d2:05:60:f2:1e:74:e1:48:f4:d9:f5:4d:bb:86:
c2:60:3e:4b:f8:14:de:27:98:fd:00:bd:e9:f6:5a:
7e:83:e7:9f:79:f7:ab:48:7a:e6:60:cb:fc:cc:78:
7f:ef:ed:6a:be:c6:8d:6b:b8:83:b5:e2:2a:5f:c4:
d3:c2:1c:28:df:e0:a9:4a:8f:b0:55:f8:e1:0b:85:
12:2b:a8:89:5b:7f:a5:7a:b4:bc:4e:2c:0f:11:43:
6f:60:42:c9:be:a1:93:16:44:94:1b:c8:47:48:5d:
88:3b:7c:2d:b9:9d:90:00:c9:6a:2d:da:db:04:65:
75:0d:c6:92:e4:a1:10:92:6e:88:ef:ec:56:05:97:
6a:dd:3b:a5:91:34:16:63:85:9b:a7:cc:a3:2b:26:
c1:52:1e:45:23:b5:09:1d:01:1c:3e:7c:e8:b8:86:
c2:43:53:8d:bb:90:ba:b9:19:e9:59:13:07:d4:60:
58:7d:68:bc:40:a1:23:1d:7a:2c:31:1f:2d:cf:1d:
32:58:1b:56:f1:0c:b1:d0:03:7b:9b:f2:c6:9b:46:
1e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:8C:D2:D2:BB:EF:9D:1B:FB:23:59:68:18:19:B2:A7:DA:48:72:E8
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/39322e3131392e31352e302f32342d3234203d3e20323131303537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.15.0/24
Signature Algorithm: sha256WithRSAEncryption
68:48:cf:95:82:2b:7c:e2:ff:9b:c7:a4:c1:51:05:34:c9:0a:
61:66:f6:40:b2:79:74:34:c3:e1:55:0c:bb:54:5f:6a:b3:4f:
6b:df:f1:f2:5f:70:8a:a4:a6:ec:74:d6:b6:f0:ca:07:da:9f:
bf:c4:dc:42:e2:31:9c:13:f8:6b:1f:74:99:50:85:c5:48:1e:
fa:44:6b:1d:c4:7e:68:c1:cd:72:24:3a:39:04:7f:ac:e8:4d:
92:52:89:59:bf:3d:e6:9c:ab:db:18:a3:86:22:2d:8b:49:14:
d5:30:80:4e:b3:31:24:cf:b6:e6:9e:54:73:d8:23:10:95:14:
b1:63:40:0c:4a:9e:d5:74:b0:d6:00:c3:bc:78:df:b2:cf:59:
23:8e:1e:c7:d9:9f:6c:51:44:66:a9:65:f1:21:89:d0:2c:50:
c5:40:e9:fd:86:4b:1c:52:29:88:17:29:b8:b6:0b:6e:9a:ff:
86:ff:33:15:f7:b6:e0:71:a2:a9:2a:3e:93:1f:8b:fc:87:ea:
f4:e9:fd:de:8e:69:51:a2:3e:de:18:d4:c4:f2:1b:fd:53:1a:
65:2b:bc:ba:58:7e:d0:46:39:94:d6:e6:05:9e:8e:ac:a4:2e:
c9:82:5e:5e:a7:dc:5f:1e:a2:06:59:c0:09:e0:a9:1b:dc:39:
c1:62:f6:b8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIDygz1p8qLGbquFgdwkx9i0NATYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjAyMTgwODAwMTVaFw0yNzAyMTcwODA1MTVaMDMxMTAvBgNV
BAMTKEIyOENEMkQyQkJFRjlEMUJGQjIzNTk2ODE4MTlCMkE3REE0ODcyRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClR0UBbC8PpqPAsWrdf3bqUieg
RGd2GVhsz3sKxJlmUs/+P0KXSlZD1VK7vvPSBWDyHnThSPTZ9U27hsJgPkv4FN4n
mP0Aven2Wn6D559596tIeuZgy/zMeH/v7Wq+xo1ruIO14ipfxNPCHCjf4KlKj7BV
+OELhRIrqIlbf6V6tLxOLA8RQ29gQsm+oZMWRJQbyEdIXYg7fC25nZAAyWot2tsE
ZXUNxpLkoRCSbojv7FYFl2rdO6WRNBZjhZunzKMrJsFSHkUjtQkdARw+fOi4hsJD
U427kLq5GelZEwfUYFh9aLxAoSMdeiwxHy3PHTJYG1bxDLHQA3ub8sabRh6JAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUsozS0rvvnRv7I1loGBmyp9pIcugwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzkzMjJlMzEzMTM5MmUzMTM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMxMzAzNTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
XHcPMA0GCSqGSIb3DQEBCwUAA4IBAQBoSM+Vgit84v+bx6TBUQU0yQphZvZAsnl0
NMPhVQy7VF9qs09r3/HyX3CKpKbsdNa28MoH2p+/xNxC4jGcE/hrH3SZUIXFSB76
RGsdxH5owc1yJDo5BH+s6E2SUolZvz3mnKvbGKOGIi2LSRTVMIBOszEkz7bmnlRz
2CMQlRSxY0AMSp7VdLDWAMO8eN+yz1kjjh7H2Z9sUURmqWXxIYnQLFDFQOn9hksc
UimIFym4tgtumv+G/zMV97bgcaKpKj6TH4v8h+r06f3ejmlRoj7eGNTE8hv9Uxpl
K7y6WH7QRjmU1uYFno6spC7Jgl5ep9xfHqIGWcAJ4Kkb3DnBYva4
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:05:58 2026 by rpki-client