Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136302e302f32342d3234203d3e203331313033.roa
File: 39352e3136392e3136302e302f32342d3234203d3e203331313033.roa (raw, json)
Hash identifier: k+Z//rmLk6h7NuifvvAZE61QoFNP3aQgEtJmbZYj3E0=
Subject key identifier: FF:CB:C8:5C:BE:BD:73:E8:32:5A:6E:AD:DD:D8:0C:29:6C:0D:66:68
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 2668EE0BBB7F8C62AB5EFB8D9A14D40072605A
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136302e302f32342d3234203d3e203331313033.roa
Signing time: Fri 03 Apr 2026 10:46:59 +0000
ROA not before: Fri 03 Apr 2026 10:41:59 +0000
ROA not after: Fri 02 Apr 2027 10:46:59 +0000
asID: 31103
IP address blocks: 95.169.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:68:ee:0b:bb:7f:8c:62:ab:5e:fb:8d:9a:14:d4:00:72:60:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: Apr 3 10:41:59 2026 GMT
Not After : Apr 2 10:46:59 2027 GMT
Subject: CN=FFCBC85CBEBD73E8325A6EADDDD80C296C0D6668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5e:6e:c8:a1:70:6b:28:76:c7:b5:dd:8a:f7:
70:3b:43:42:55:6c:be:13:77:a6:e1:78:89:e2:94:
4d:b0:79:50:9c:d9:27:ad:2f:8a:76:2b:95:8f:55:
99:bd:c8:09:67:20:3c:86:35:ca:52:fc:d3:fe:50:
71:78:1b:be:77:a7:d1:9f:c2:ce:53:0c:da:b2:9f:
e8:f0:03:1a:21:36:8c:02:bc:ab:44:95:93:88:05:
e5:dd:32:ab:3b:80:cf:5d:5d:9c:51:67:fd:82:77:
88:a6:6e:05:1e:67:f9:0b:a8:e1:f1:be:72:6b:d8:
63:8e:a8:15:d5:72:b5:dd:17:a2:91:4c:08:65:51:
8e:cf:7b:7a:71:07:f9:bf:8d:7d:cd:eb:48:91:ed:
4d:16:aa:37:d7:6e:32:46:dd:6d:ef:ae:4e:91:a0:
73:a8:a2:67:ce:cc:3d:06:6a:62:f6:39:fb:37:36:
5c:ab:1e:c1:61:5c:01:c3:b1:da:ec:36:57:49:f8:
b2:76:85:be:48:c6:44:af:b3:96:7b:ac:57:e4:b5:
b4:84:21:4e:6d:29:69:56:03:43:69:e6:c0:57:0d:
12:f6:8e:08:e5:97:36:33:31:2e:a0:4e:fe:06:68:
a6:f1:1d:ae:4c:30:9a:84:5b:81:74:89:91:ce:30:
50:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:CB:C8:5C:BE:BD:73:E8:32:5A:6E:AD:DD:D8:0C:29:6C:0D:66:68
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136302e302f32342d3234203d3e203331313033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.160.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:e6:1c:9d:05:b7:39:1d:c6:80:95:10:2a:9a:39:c0:26:ea:
a4:ff:b6:ef:30:ca:37:c6:eb:78:d9:21:c3:e8:05:81:3c:cf:
85:74:dd:b3:23:c5:51:99:18:31:82:06:fd:11:14:03:5c:7f:
f3:ae:2a:27:d3:99:f7:c9:0a:a6:c8:37:57:06:5c:98:ce:90:
a0:e7:cf:b7:ea:04:e2:cd:f8:c4:e5:e1:7c:ef:2c:1c:17:29:
4c:f9:b8:81:0e:f9:61:86:e1:50:3a:01:61:d9:00:13:fa:d4:
28:5f:30:98:51:16:cd:a8:82:16:d4:cf:bf:09:af:72:fa:77:
ae:24:20:9d:bd:b8:fe:f1:55:6d:e1:4d:0e:c1:81:46:87:e9:
a2:63:45:d1:28:13:2a:42:90:f4:fc:38:9c:3e:4d:79:ac:4d:
79:7a:50:37:ed:68:7b:b6:e1:5c:cd:a5:b2:21:f4:e8:93:c0:
a5:1d:6e:c5:b4:42:50:e4:a4:92:47:87:7c:be:a3:fb:0d:c4:
7d:a2:1f:ad:50:58:7b:a7:5d:b2:c9:a5:1f:73:53:c0:a1:c6:
c8:b6:da:3b:29:8c:4e:16:0d:a9:83:db:43:2f:7f:20:14:0c:
01:72:b8:dd:77:0c:1c:66:04:a0:1f:da:8c:cc:89:e1:41:bb:
a1:a4:4b:2b
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgITJmjuC7t/jGKrXvuNmhTUAHJgWjANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg5ZTU3Njk5NjM4OGU5NGI4YzdhYjIwZWZmYjIzYmQxMWJl
Y2I0MTA4MB4XDTI2MDQwMzEwNDE1OVoXDTI3MDQwMjEwNDY1OVowMzExMC8GA1UE
AxMoRkZDQkM4NUNCRUJENzNFODMyNUE2RUFEREREODBDMjk2QzBENjY2ODCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKRebsihcGsodse13Yr3cDtDQlVs
vhN3puF4ieKUTbB5UJzZJ60vinYrlY9Vmb3ICWcgPIY1ylL80/5QcXgbvnen0Z/C
zlMM2rKf6PADGiE2jAK8q0SVk4gF5d0yqzuAz11dnFFn/YJ3iKZuBR5n+Quo4fG+
cmvYY46oFdVytd0XopFMCGVRjs97enEH+b+Nfc3rSJHtTRaqN9duMkbdbe+uTpGg
c6iiZ87MPQZqYvY5+zc2XKsewWFcAcOx2uw2V0n4snaFvkjGRK+zlnusV+S1tIQh
Tm0paVYDQ2nmwFcNEvaOCOWXNjMxLqBO/gZopvEdrkwwmoRbgXSJkc4wUHkCAwEA
AaOCAj0wggI5MB0GA1UdDgQWBBT/y8hcvr1z6DJabq3d2AwpbA1maDAfBgNVHSME
GDAWgBSeV2mWOI6UuMerIO/7I70RvstBCDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS9mNWU2NDAzMC0yZjI4LTQyYzktYjAwNC0zNTRiYjI4ZjYx
MjMvMC85RTU3Njk5NjM4OEU5NEI4QzdBQjIwRUZGQjIzQkQxMUJFQ0I0MTA4LmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvbmxkcGxqaU9sTGpIcXlEdi15TzlFYjdM
UVFnLmNlcjCBrQYIKwYBBQUHAQsEgaAwgZ0wgZoGCCsGAQUFBzALhoGNcnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mNWU2NDAzMC0y
ZjI4LTQyYzktYjAwNC0zNTRiYjI4ZjYxMjMvMC8zOTM1MmUzMTM2MzkyZTMxMzYz
MDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzEzMTMwMzMucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABf
qaAwDQYJKoZIhvcNAQELBQADggEBAHvmHJ0FtzkdxoCVECqaOcAm6qT/tu8wyjfG
63jZIcPoBYE8z4V03bMjxVGZGDGCBv0RFANcf/OuKifTmffJCqbIN1cGXJjOkKDn
z7fqBOLN+MTl4XzvLBwXKUz5uIEO+WGG4VA6AWHZABP61ChfMJhRFs2oghbUz78J
r3L6d64kIJ29uP7xVW3hTQ7BgUaH6aJjRdEoEypCkPT8OJw+TXmsTXl6UDftaHu2
4VzNpbIh9OiTwKUdbsW0QlDkpJJHh3y+o/sNxH2iH61QWHunXbLJpR9zU8Chxsi2
2jspjE4WDamD20MvfyAUDAFyuN13DBxmBKAf2ozMieFBu6GkSys=
-----END CERTIFICATE-----
Generated at Fri Apr 17 21:03:49 2026 by rpki-client