Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136322e302f32342d3234203d3e20343030383130.roa
File: 39352e3136392e3136322e302f32342d3234203d3e20343030383130.roa (raw, json)
Hash identifier: twnUw+h+nvEkUvESIwakkxSwyObti4EeGwb282j/Hy8=
Subject key identifier: 4F:13:7D:57:0E:5A:B6:38:88:D6:04:2D:7D:5B:B6:24:F2:38:36:BD
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 56DBB893659B916744CADAECAA201DFE20C0CF13
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136322e302f32342d3234203d3e20343030383130.roa
Signing time: Mon 26 Jan 2026 16:59:28 +0000
ROA not before: Mon 26 Jan 2026 16:54:28 +0000
ROA not after: Mon 25 Jan 2027 16:59:28 +0000
asID: 400810
IP address blocks: 95.169.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:db:b8:93:65:9b:91:67:44:ca:da:ec:aa:20:1d:fe:20:c0:cf:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: Jan 26 16:54:28 2026 GMT
Not After : Jan 25 16:59:28 2027 GMT
Subject: CN=4F137D570E5AB63888D6042D7D5BB624F23836BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4b:9d:37:d3:cd:5a:f7:e8:6d:21:f2:47:86:
b9:b4:41:57:05:04:92:90:03:dc:a1:ce:48:b1:b7:
22:91:17:1b:57:5d:cd:9d:0d:7b:d1:30:56:41:8e:
7d:af:27:f6:b3:78:66:0c:56:5f:b5:5d:17:a6:c1:
5d:e2:5a:75:fb:11:a2:d7:fe:86:9e:cd:d1:96:22:
ba:1b:01:b1:64:73:64:14:0c:65:51:7c:ce:98:d8:
b6:42:55:30:60:60:27:25:0c:b2:e7:d2:fa:03:68:
8e:98:f1:09:d2:02:54:e6:d4:bd:94:0a:63:a2:d1:
cd:e1:cd:c2:9d:b5:be:ee:a3:1a:eb:d8:59:4f:77:
19:94:d9:10:aa:d8:af:36:c1:b5:aa:9d:ad:92:d2:
cf:2b:f9:ff:52:bf:70:18:85:b7:dd:2d:1e:28:7b:
0d:b6:2b:0d:97:a7:77:12:2e:8c:e5:5f:58:ec:ac:
64:90:8d:e7:c3:a5:2a:05:ba:d7:ec:ca:55:58:83:
b4:d4:73:30:c1:7e:a8:da:cf:8e:90:36:57:12:81:
48:a6:33:66:b6:92:fd:dc:ae:f6:6f:b8:5f:e4:0a:
85:57:a9:63:36:ee:f0:f5:a9:90:2c:79:86:e7:58:
7e:6b:63:fc:53:21:c2:38:9f:70:1c:1f:34:3d:f6:
c0:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:13:7D:57:0E:5A:B6:38:88:D6:04:2D:7D:5B:B6:24:F2:38:36:BD
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136322e302f32342d3234203d3e20343030383130.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.162.0/24
Signature Algorithm: sha256WithRSAEncryption
80:20:ac:d8:cf:f3:67:d1:e7:a2:ec:74:d8:63:ee:f3:12:d0:
25:08:d1:1b:45:dd:92:46:13:53:64:08:22:3a:a8:18:66:6a:
ea:c9:52:dc:88:86:0a:05:1c:f9:47:81:dc:22:6d:b0:df:65:
f3:36:f9:49:bc:26:aa:23:11:44:8b:d1:95:f5:16:66:7a:60:
6e:99:f0:12:b1:b3:15:39:3b:7b:dc:1d:c3:ce:65:bd:0e:f2:
06:8c:7e:7b:59:74:29:ab:a6:96:41:80:09:bb:69:68:c9:69:
3d:28:bd:a1:e2:e5:87:fc:7c:e9:70:25:ec:f2:65:da:79:92:
55:f8:4b:a6:7e:81:fa:82:06:cb:4e:59:40:f0:54:ca:bf:6f:
18:f3:5c:3b:10:85:6d:3b:71:a8:79:0c:7a:50:94:38:4d:60:
d6:72:96:9b:75:8f:a1:48:e2:1a:78:ab:ca:40:20:26:ed:be:
3f:5f:25:3c:cc:af:a8:4a:e7:98:0f:ac:85:bd:1a:74:37:e4:
d1:fa:9a:7c:13:10:74:76:a1:4e:02:5b:39:f8:04:42:a0:3e:
63:2e:b4:84:62:cc:2d:65:8d:63:38:2f:e8:e8:9d:9e:07:11:
18:3f:f0:44:88:9a:89:ab:5c:f3:80:8f:43:a5:84:95:6d:89:
cb:fa:5a:94
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVtu4k2WbkWdEytrsqiAd/iDAzxMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNjAxMjYxNjU0MjhaFw0yNzAxMjUxNjU5MjhaMDMxMTAvBgNV
BAMTKDRGMTM3RDU3MEU1QUI2Mzg4OEQ2MDQyRDdENUJCNjI0RjIzODM2QkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyS503081a9+htIfJHhrm0QVcF
BJKQA9yhzkixtyKRFxtXXc2dDXvRMFZBjn2vJ/azeGYMVl+1XRemwV3iWnX7EaLX
/oaezdGWIrobAbFkc2QUDGVRfM6Y2LZCVTBgYCclDLLn0voDaI6Y8QnSAlTm1L2U
CmOi0c3hzcKdtb7uoxrr2FlPdxmU2RCq2K82wbWqna2S0s8r+f9Sv3AYhbfdLR4o
ew22Kw2Xp3cSLozlX1jsrGSQjefDpSoFutfsylVYg7TUczDBfqjaz46QNlcSgUim
M2a2kv3crvZvuF/kCoVXqWM27vD1qZAseYbnWH5rY/xTIcI4n3AcHzQ99sArAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUTxN9Vw5atjiI1gQtfVu2JPI4Nr0wHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM2
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzAzODMxMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABfqaIwDQYJKoZIhvcNAQELBQADggEBAIAgrNjP82fR56LsdNhj7vMS0CUI0RtF
3ZJGE1NkCCI6qBhmaurJUtyIhgoFHPlHgdwibbDfZfM2+Um8JqojEUSL0ZX1FmZ6
YG6Z8BKxsxU5O3vcHcPOZb0O8gaMfntZdCmrppZBgAm7aWjJaT0ovaHi5Yf8fOlw
JezyZdp5klX4S6Z+gfqCBstOWUDwVMq/bxjzXDsQhW07cah5DHpQlDhNYNZylpt1
j6FI4hp4q8pAICbtvj9fJTzMr6hK55gPrIW9GnQ35NH6mnwTEHR2oU4CWzn4BEKg
PmMutIRizC1ljWM4L+jonZ4HERg/8ESImomrXPOAj0OlhJVticv6WpQ=
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:33:33 2026 by rpki-client