Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136392e302f32342d3234203d3e203331313033.roa
File: 39352e3136392e3136392e302f32342d3234203d3e203331313033.roa (raw, json)
Hash identifier: 5TIxoP3zH/3tpzz15Z7N/c7GBu1V/m8JlGxxjOVBrRs=
Subject key identifier: 0E:EC:CE:64:CF:EE:CD:4E:05:63:72:E5:10:FB:A6:E7:B4:BC:D5:80
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 53B3FB8B91DA9CB8AF936BDCEC7E9F9B94663860
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136392e302f32342d3234203d3e203331313033.roa
Signing time: Fri 03 Apr 2026 10:46:58 +0000
ROA not before: Fri 03 Apr 2026 10:41:58 +0000
ROA not after: Fri 02 Apr 2027 10:46:58 +0000
asID: 31103
IP address blocks: 95.169.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:b3:fb:8b:91:da:9c:b8:af:93:6b:dc:ec:7e:9f:9b:94:66:38:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: Apr 3 10:41:58 2026 GMT
Not After : Apr 2 10:46:58 2027 GMT
Subject: CN=0EECCE64CFEECD4E056372E510FBA6E7B4BCD580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:89:aa:1a:c1:53:8a:bb:65:c9:1c:13:04:4e:
d5:55:2b:73:c9:db:b7:1d:be:93:87:cf:7c:bd:83:
b7:65:e9:4b:d2:0d:92:e6:a5:6f:af:4a:1d:16:2d:
c5:b2:e2:f8:4b:0e:7f:b9:45:ff:ff:5e:44:ec:d1:
a8:3a:49:2a:42:06:9b:1e:5e:2b:99:a5:c8:02:63:
00:3e:9d:64:9b:f3:1d:82:cf:2e:50:c0:5e:23:36:
c3:3e:92:22:be:3d:fe:06:81:7c:f0:50:88:36:6f:
2e:09:86:63:87:f3:60:29:03:27:3b:3d:64:a8:ab:
12:6d:b3:b5:77:9f:14:6b:ba:f5:93:89:b2:4d:bc:
b8:fd:39:25:97:c9:61:1e:23:98:28:6d:5f:ba:7d:
9b:d0:09:b4:79:9b:59:7f:23:18:9e:43:00:78:cb:
1f:3f:88:09:a7:ad:d6:b6:b4:f6:2e:a3:b8:59:ff:
61:99:65:5b:55:ce:93:70:00:b2:dd:23:cf:b1:a9:
e7:4c:f8:9c:46:41:41:db:e0:87:db:3b:11:81:66:
f3:8f:13:56:01:cc:bc:8b:9c:2d:e7:18:a4:a6:85:
f5:9d:f4:c7:83:31:cd:9d:33:ff:5e:b9:43:f1:48:
14:5a:bd:8d:76:cf:1b:ae:40:b0:0b:8f:5d:6d:d2:
a1:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:EC:CE:64:CF:EE:CD:4E:05:63:72:E5:10:FB:A6:E7:B4:BC:D5:80
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136392e302f32342d3234203d3e203331313033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.169.0/24
Signature Algorithm: sha256WithRSAEncryption
04:0f:7f:2b:22:1b:be:dd:b2:23:85:92:0e:b4:f0:b7:44:13:
3d:2e:fb:52:02:a4:99:2c:1c:26:dc:a8:e7:87:5c:ef:91:d5:
fa:2c:98:8b:dd:1f:09:a1:24:b3:db:1d:bb:91:5e:9d:c0:a4:
ca:0b:24:ec:50:5a:1d:6e:3a:c9:8e:fe:b7:69:4c:68:48:47:
61:41:0a:25:81:0d:e0:9d:5c:21:f7:db:79:ea:13:a4:2f:94:
e8:d1:c2:2c:a2:44:27:37:08:90:66:8d:c9:88:d2:15:ad:9b:
67:11:1b:1d:9d:f9:d6:3f:29:dd:7f:a0:87:33:d3:37:fc:be:
3d:ef:d4:ad:ba:a5:5f:ba:0f:5f:f7:52:17:b3:6e:64:f4:dd:
9f:16:33:18:4c:34:a5:10:6a:f2:c1:12:5b:62:92:82:67:cc:
9f:23:15:8d:b6:80:9c:30:b8:9d:06:bb:a7:02:24:c7:a6:38:
e2:b7:70:4c:91:42:e3:f6:ee:a0:42:30:5e:14:67:d9:a1:aa:
b9:f1:9e:fb:67:4d:ee:b1:8a:8a:cd:13:ec:57:91:6a:a7:6b:
45:2f:02:01:c1:7d:f2:93:46:d0:32:21:cc:46:f1:0c:b5:88:
d9:83:57:40:86:dd:38:9a:8e:18:bd:da:70:3a:1d:a7:a2:ea:
3b:14:0a:57
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUU7P7i5HanLivk2vc7H6fm5RmOGAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNjA0MDMxMDQxNThaFw0yNzA0MDIxMDQ2NThaMDMxMTAvBgNV
BAMTKDBFRUNDRTY0Q0ZFRUNENEUwNTYzNzJFNTEwRkJBNkU3QjRCQ0Q1ODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDliaoawVOKu2XJHBMETtVVK3PJ
27cdvpOHz3y9g7dl6UvSDZLmpW+vSh0WLcWy4vhLDn+5Rf//XkTs0ag6SSpCBpse
XiuZpcgCYwA+nWSb8x2Czy5QwF4jNsM+kiK+Pf4GgXzwUIg2by4JhmOH82ApAyc7
PWSoqxJts7V3nxRruvWTibJNvLj9OSWXyWEeI5gobV+6fZvQCbR5m1l/IxieQwB4
yx8/iAmnrda2tPYuo7hZ/2GZZVtVzpNwALLdI8+xqedM+JxGQUHb4IfbOxGBZvOP
E1YBzLyLnC3nGKSmhfWd9MeDMc2dM/9euUPxSBRavY12zxuuQLALj11t0qHbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUDuzOZM/uzU4FY3LlEPum57S81YAwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM2
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMxMzEzMDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X6mpMA0GCSqGSIb3DQEBCwUAA4IBAQAED38rIhu+3bIjhZIOtPC3RBM9LvtSAqSZ
LBwm3Kjnh1zvkdX6LJiL3R8JoSSz2x27kV6dwKTKCyTsUFodbjrJjv63aUxoSEdh
QQolgQ3gnVwh99t56hOkL5To0cIsokQnNwiQZo3JiNIVrZtnERsdnfnWPyndf6CH
M9M3/L4979StuqVfug9f91IXs25k9N2fFjMYTDSlEGrywRJbYpKCZ8yfIxWNtoCc
MLidBrunAiTHpjjit3BMkULj9u6gQjBeFGfZoaq58Z77Z03usYqKzRPsV5Fqp2tF
LwIBwX3yk0bQMiHMRvEMtYjZg1dAht04mo4YvdpwOh2nouo7FApX
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:45:37 2026 by rpki-client