Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136322e302f32342d3234203d3e20313335343032.roa
File: 39352e3136392e3136322e302f32342d3234203d3e20313335343032.roa (raw, json)
Hash identifier: IRPp/o6WjLbM7I6TAmvy1XPWpYZxFEVo5v8a4h0dyCE=
Subject key identifier: FB:5B:14:B4:B3:59:84:91:E0:6A:5C:0F:61:E3:7A:9A:09:9C:1B:49
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 28959AD28F03A841AC9CFDAD4A2D60E5CC5A32AE
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136322e302f32342d3234203d3e20313335343032.roa
Signing time: Wed 01 Apr 2026 10:25:41 +0000
ROA not before: Wed 01 Apr 2026 10:20:41 +0000
ROA not after: Wed 31 Mar 2027 10:25:41 +0000
asID: 135402
IP address blocks: 95.169.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:47:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:95:9a:d2:8f:03:a8:41:ac:9c:fd:ad:4a:2d:60:e5:cc:5a:32:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: Apr 1 10:20:41 2026 GMT
Not After : Mar 31 10:25:41 2027 GMT
Subject: CN=FB5B14B4B3598491E06A5C0F61E37A9A099C1B49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:82:2d:91:ea:fe:61:cb:d5:30:26:5c:51:1e:
49:94:de:c8:c7:87:42:6c:d2:8a:7a:19:b1:07:e6:
09:4b:fc:93:c7:ac:0c:e6:c4:93:28:8f:7e:b8:35:
4c:46:95:c6:84:91:08:60:d4:01:33:fe:a8:66:a5:
bc:9a:ea:d8:af:86:22:73:5e:d8:ec:9d:d9:1c:0e:
48:85:05:bd:d8:c0:96:b1:fb:85:34:29:7d:f3:c7:
4f:0c:a1:e0:6f:53:f6:5e:b5:8f:f8:e0:93:39:cb:
73:e8:0e:d3:7e:91:4d:22:4a:1d:ed:7a:f8:4d:1a:
61:88:57:4d:c0:0e:1a:a9:dd:a8:28:77:be:59:ed:
ee:b8:bc:97:94:a4:03:1a:82:b1:01:51:57:ee:88:
b0:45:af:06:80:27:9e:60:f0:68:fa:2e:f0:f4:ad:
a7:d9:15:2d:4b:cd:52:0a:da:eb:1e:af:2e:d6:da:
d5:be:b6:f6:da:55:95:3d:61:6b:05:e0:36:5d:e4:
e1:84:a9:f4:af:41:3a:08:d4:b7:7f:66:f2:d6:2c:
87:04:87:43:e5:ea:3a:2a:bc:97:23:b5:88:01:7d:
ae:50:15:ab:7a:62:62:97:b4:07:e0:fb:e6:fb:b0:
02:a6:a8:66:34:94:79:e3:51:b5:d3:ce:bb:38:1f:
db:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:5B:14:B4:B3:59:84:91:E0:6A:5C:0F:61:E3:7A:9A:09:9C:1B:49
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136322e302f32342d3234203d3e20313335343032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.162.0/24
Signature Algorithm: sha256WithRSAEncryption
40:a0:9c:cf:c9:05:86:03:10:81:8e:45:3b:ba:0d:9e:19:fb:
eb:fb:4a:d3:e9:c4:fe:da:e7:fd:13:3f:d0:bc:e4:75:7e:60:
c2:75:4e:70:89:c8:3f:73:b4:56:19:63:6e:19:f9:9c:94:d4:
20:85:27:f8:e1:c2:ba:0e:dc:b1:53:37:4d:07:68:9d:40:f5:
18:ac:26:aa:69:dc:f1:4c:87:89:62:6c:30:a7:ce:c7:dd:ce:
a8:61:98:f4:42:5a:18:cd:70:c7:90:7c:a8:61:03:e3:78:1c:
40:cb:68:32:20:61:07:97:be:e5:2c:ef:c2:88:a4:4d:9e:9f:
ce:d2:bd:bd:5e:48:ec:c1:31:23:73:c1:db:69:25:91:22:34:
74:9e:b7:2d:8a:d3:bb:82:b9:01:67:a1:f0:ba:ac:d3:6b:76:
89:5f:18:06:d8:89:e0:2e:7e:f1:39:f0:fc:af:2a:2e:6f:af:
77:d6:8e:42:0f:2e:4d:ea:5b:16:ad:aa:44:1e:42:ef:7e:2c:
a8:1c:b8:ef:2a:8d:0b:29:43:41:c8:c0:2a:74:b2:37:b5:c3:
70:c6:ce:37:d6:1d:ba:47:1b:1f:bb:6e:2d:34:fc:54:45:5a:
0e:a6:5b:6f:c2:cc:c1:2c:52:cc:e9:29:67:17:04:ee:35:38:
f7:09:f7:9d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKJWa0o8DqEGsnP2tSi1g5cxaMq4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNjA0MDExMDIwNDFaFw0yNzAzMzExMDI1NDFaMDMxMTAvBgNV
BAMTKEZCNUIxNEI0QjM1OTg0OTFFMDZBNUMwRjYxRTM3QTlBMDk5QzFCNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrgi2R6v5hy9UwJlxRHkmU3sjH
h0Js0op6GbEH5glL/JPHrAzmxJMoj364NUxGlcaEkQhg1AEz/qhmpbya6tivhiJz
XtjsndkcDkiFBb3YwJax+4U0KX3zx08MoeBvU/ZetY/44JM5y3PoDtN+kU0iSh3t
evhNGmGIV03ADhqp3agod75Z7e64vJeUpAMagrEBUVfuiLBFrwaAJ55g8Gj6LvD0
rafZFS1LzVIK2usery7W2tW+tvbaVZU9YWsF4DZd5OGEqfSvQToI1Ld/ZvLWLIcE
h0Pl6joqvJcjtYgBfa5QFat6YmKXtAfg++b7sAKmqGY0lHnjUbXTzrs4H9vrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU+1sUtLNZhJHgalwPYeN6mgmcG0kwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM2
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzUzNDMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABfqaIwDQYJKoZIhvcNAQELBQADggEBAECgnM/JBYYDEIGORTu6DZ4Z++v7StPp
xP7a5/0TP9C85HV+YMJ1TnCJyD9ztFYZY24Z+ZyU1CCFJ/jhwroO3LFTN00HaJ1A
9RisJqpp3PFMh4libDCnzsfdzqhhmPRCWhjNcMeQfKhhA+N4HEDLaDIgYQeXvuUs
78KIpE2en87Svb1eSOzBMSNzwdtpJZEiNHSety2K07uCuQFnofC6rNNrdolfGAbY
ieAufvE58PyvKi5vr3fWjkIPLk3qWxatqkQeQu9+LKgcuO8qjQspQ0HIwCp0sje1
w3DGzjfWHbpHGx+7bi00/FRFWg6mW2/CzMEsUszpKWcXBO41OPcJ950=
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:13:22 2026 by rpki-client