Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137302e302f32342d3234203d3e203436353539.roa
File: 39352e3136392e3137302e302f32342d3234203d3e203436353539.roa (raw, json)
Hash identifier: bwt+okxHQpNxVqhYmN6qMDI16vhwwT0tSw8hD5zYGFI=
Subject key identifier: 60:AB:E8:8C:5B:D3:B5:89:E0:AF:A2:54:BA:61:6D:4E:1A:CC:DB:3F
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 6FB8997F9B3DC3D7B5663D00259D81DD79D7EC09
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137302e302f32342d3234203d3e203436353539.roa
Signing time: Fri 30 Jan 2026 21:33:06 +0000
ROA not before: Fri 30 Jan 2026 21:28:06 +0000
ROA not after: Fri 29 Jan 2027 21:33:06 +0000
asID: 46559
IP address blocks: 95.169.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:b8:99:7f:9b:3d:c3:d7:b5:66:3d:00:25:9d:81:dd:79:d7:ec:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: Jan 30 21:28:06 2026 GMT
Not After : Jan 29 21:33:06 2027 GMT
Subject: CN=60ABE88C5BD3B589E0AFA254BA616D4E1ACCDB3F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:fd:c9:96:02:b8:8b:2e:eb:9e:18:7d:48:45:
0c:a1:75:0e:91:9e:05:29:76:12:2a:6d:12:d7:2b:
3f:41:d4:06:c7:21:a4:91:ff:97:68:dd:e6:57:f6:
9c:4b:36:4e:e4:3a:c6:67:94:6f:da:c5:12:a0:1e:
07:5c:47:44:18:2f:2e:21:e4:73:1e:1a:0e:6f:1f:
32:75:0d:79:e6:ff:c2:d9:75:5b:00:e3:59:25:59:
fa:74:f7:69:65:3d:b6:50:cd:d6:6e:bc:d4:3c:04:
92:0f:61:f6:b3:f5:5b:95:1e:fb:9c:15:05:57:3c:
1f:47:69:5b:3c:2f:40:47:0a:34:b8:b0:03:15:39:
3c:c7:22:79:09:fc:27:8d:6d:48:65:c3:46:a0:9c:
0e:89:8a:da:f6:5d:c0:00:74:86:2e:f9:7c:7b:ce:
bd:e5:80:9b:00:0a:4c:5b:f6:68:a5:98:db:ce:c4:
6a:68:58:e6:32:11:6f:2b:01:0b:02:35:bb:af:0e:
9b:ed:2c:00:8e:b3:1e:a6:5b:76:61:1c:f9:cd:54:
66:8e:6e:0e:68:c2:10:4a:fb:c8:11:b4:e5:ee:8e:
71:c3:d5:ea:1e:6c:7c:6e:40:6e:2f:97:40:af:d9:
12:24:d2:25:67:1e:8f:2a:aa:06:23:75:4f:e4:33:
d2:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:AB:E8:8C:5B:D3:B5:89:E0:AF:A2:54:BA:61:6D:4E:1A:CC:DB:3F
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137302e302f32342d3234203d3e203436353539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.170.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:11:f4:27:4b:a5:af:54:6c:c3:db:7f:c3:c4:05:1c:5d:17:
6f:a8:d5:5d:52:c0:1b:ab:7c:e4:64:09:6c:a4:eb:c1:be:d1:
27:8d:9b:ac:1c:97:27:c4:cf:c1:47:01:d4:ab:d0:23:4a:07:
79:e2:2a:0e:98:10:ce:6f:32:c3:18:ce:42:41:54:d5:87:8f:
c4:74:74:45:36:08:31:3e:9c:32:ce:3a:96:e0:a1:50:39:e6:
11:cb:df:97:6b:e8:80:15:02:01:ce:7d:fb:6c:89:33:7f:82:
1b:63:b9:36:77:70:8a:b2:d6:9a:a9:00:39:af:e6:84:68:bb:
0b:5c:ec:20:2a:90:ad:48:37:e0:81:59:9f:1a:b8:36:c4:0b:
64:12:f9:36:46:23:14:93:f8:79:b6:df:4d:fb:6a:cc:0a:61:
d8:4e:ea:b2:7e:a8:61:9b:87:b4:25:03:ca:dc:f9:d9:dd:60:
5f:14:16:39:cd:b0:9c:07:7b:de:a1:6f:e7:88:5d:d1:ea:8d:
3d:83:3d:99:15:40:ab:5a:e9:6f:99:47:d9:e5:ef:1b:ad:8a:
77:34:78:e9:4a:4e:76:8b:76:11:90:d8:24:bf:ec:a4:bf:81:
cb:a9:7c:ea:36:ef:60:0c:33:b5:c8:69:d8:27:19:67:33:89:
f0:d0:f5:17
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUb7iZf5s9w9e1Zj0AJZ2B3XnX7AkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNjAxMzAyMTI4MDZaFw0yNzAxMjkyMTMzMDZaMDMxMTAvBgNV
BAMTKDYwQUJFODhDNUJEM0I1ODlFMEFGQTI1NEJBNjE2RDRFMUFDQ0RCM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5/cmWAriLLuueGH1IRQyhdQ6R
ngUpdhIqbRLXKz9B1AbHIaSR/5do3eZX9pxLNk7kOsZnlG/axRKgHgdcR0QYLy4h
5HMeGg5vHzJ1DXnm/8LZdVsA41klWfp092llPbZQzdZuvNQ8BJIPYfaz9VuVHvuc
FQVXPB9HaVs8L0BHCjS4sAMVOTzHInkJ/CeNbUhlw0agnA6Jitr2XcAAdIYu+Xx7
zr3lgJsACkxb9milmNvOxGpoWOYyEW8rAQsCNbuvDpvtLACOsx6mW3ZhHPnNVGaO
bg5owhBK+8gRtOXujnHD1eoebHxuQG4vl0Cv2RIk0iVnHo8qqgYjdU/kM9LvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUYKvojFvTtYngr6JUumFtThrM2z8wHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM3
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM2MzUzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X6mqMA0GCSqGSIb3DQEBCwUAA4IBAQBqEfQnS6WvVGzD23/DxAUcXRdvqNVdUsAb
q3zkZAlspOvBvtEnjZusHJcnxM/BRwHUq9AjSgd54ioOmBDObzLDGM5CQVTVh4/E
dHRFNggxPpwyzjqW4KFQOeYRy9+Xa+iAFQIBzn37bIkzf4IbY7k2d3CKstaaqQA5
r+aEaLsLXOwgKpCtSDfggVmfGrg2xAtkEvk2RiMUk/h5tt9N+2rMCmHYTuqyfqhh
m4e0JQPK3PnZ3WBfFBY5zbCcB3veoW/niF3R6o09gz2ZFUCrWulvmUfZ5e8brYp3
NHjpSk52i3YRkNgkv+ykv4HLqXzqNu9gDDO1yGnYJxlnM4nw0PUX
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:45:47 2026 by rpki-client