Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137302e302f32342d3234203d3e203436353539.roa
File: 39352e3136392e3137302e302f32342d3234203d3e203436353539.roa (raw, json)
Hash identifier: oNzKGS7xOvu8k7L/ZwEBNmnCfzRs9OdLbUqXNjP8RfQ=
Subject key identifier: 29:13:6F:09:0B:B8:C6:3E:F1:E5:AD:6A:62:6F:10:AD:32:CF:93:56
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 5F95DF0E96E3644E25C665D2D5840C3453E640C1
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137302e302f32342d3234203d3e203436353539.roa
Signing time: Mon 30 Mar 2026 21:44:59 +0000
ROA not before: Mon 30 Mar 2026 21:39:59 +0000
ROA not after: Mon 29 Mar 2027 21:44:59 +0000
asID: 46559
IP address blocks: 95.169.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:95:df:0e:96:e3:64:4e:25:c6:65:d2:d5:84:0c:34:53:e6:40:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: Mar 30 21:39:59 2026 GMT
Not After : Mar 29 21:44:59 2027 GMT
Subject: CN=29136F090BB8C63EF1E5AD6A626F10AD32CF9356
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3d:42:e6:a2:9b:14:d2:6c:69:c1:35:9d:e1:
21:9b:52:c2:48:6f:3b:12:33:b1:a2:c3:90:d6:7c:
13:d6:29:23:65:25:26:7a:42:73:9f:aa:fb:5b:64:
99:90:ad:5d:bf:cb:b9:87:b0:55:7b:d4:1b:51:82:
d1:29:60:67:13:c3:44:a5:35:12:cd:ae:e4:44:99:
20:27:ab:22:db:ff:9f:0d:2e:cc:34:4f:d0:9f:28:
a3:e8:1c:8b:79:3d:d1:f8:2f:96:c3:8d:38:f5:9c:
04:a4:08:74:9a:fa:3d:79:1c:25:5a:c8:0e:b9:de:
28:23:49:83:51:d3:c7:98:4a:b1:16:3e:6a:b7:69:
db:4b:6e:c5:5b:89:e5:94:22:2b:68:1c:d8:5e:1a:
4e:83:f2:5e:3b:b1:cc:7b:ec:27:ad:c2:2e:74:3e:
9e:d2:29:07:aa:cf:87:c4:db:17:9b:fd:e3:2d:8d:
20:29:80:9e:66:a8:ca:f5:d0:4e:d3:76:f7:a9:d3:
f0:16:eb:45:83:80:b3:b2:24:00:84:f9:14:e7:b4:
22:0c:e9:08:71:33:4b:ef:3b:d4:81:92:35:64:cb:
87:af:ad:b1:3a:b3:b6:50:09:78:ce:09:78:a7:31:
0f:0f:1b:e0:19:ff:9e:7f:8a:b4:37:5b:52:e1:e1:
f7:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:13:6F:09:0B:B8:C6:3E:F1:E5:AD:6A:62:6F:10:AD:32:CF:93:56
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137302e302f32342d3234203d3e203436353539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.170.0/24
Signature Algorithm: sha256WithRSAEncryption
56:9d:82:c8:ee:92:e8:24:0f:f3:dd:e5:4e:23:29:d6:b8:89:
28:01:51:3d:97:31:b5:52:4e:4f:71:ac:0c:2d:ed:a4:fb:66:
9e:a0:67:b1:37:cd:b4:4a:94:ec:4d:91:f9:b3:8c:88:9e:ce:
3d:20:f4:e2:99:9f:de:35:00:06:f6:0e:f8:18:45:2a:e1:d3:
dc:30:c3:11:f2:67:fd:5e:9c:4e:8d:b7:fe:dc:57:98:be:08:
1f:47:d4:ff:94:f6:3a:0e:16:97:e8:77:c4:43:5a:ab:34:4a:
77:fb:51:44:3e:18:9f:50:e1:92:f4:c8:fa:69:93:89:a6:ed:
97:bd:0b:21:e8:31:f3:06:3f:4e:bd:04:a3:5f:0d:43:58:19:
63:24:10:2a:9c:3a:45:5b:98:cf:55:b0:1a:9d:fe:9c:f0:74:
56:aa:cd:f8:2b:e7:2d:c6:98:d5:4a:13:c4:ee:8b:37:aa:e5:
f5:7b:7f:eb:64:ba:8a:b2:7d:f4:17:3b:cb:13:8d:19:0d:06:
75:2b:5a:0a:cb:78:3d:43:90:97:a3:dc:41:75:f9:40:7d:98:
7e:9b:13:1a:07:78:32:82:b6:57:40:88:b8:4a:ed:71:99:79:
ce:1f:03:e2:f7:80:1a:86:6c:22:ba:a5:b8:5a:06:87:db:bc:
c1:8d:57:36
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUX5XfDpbjZE4lxmXS1YQMNFPmQMEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNjAzMzAyMTM5NTlaFw0yNzAzMjkyMTQ0NTlaMDMxMTAvBgNV
BAMTKDI5MTM2RjA5MEJCOEM2M0VGMUU1QUQ2QTYyNkYxMEFEMzJDRjkzNTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqPULmopsU0mxpwTWd4SGbUsJI
bzsSM7Giw5DWfBPWKSNlJSZ6QnOfqvtbZJmQrV2/y7mHsFV71BtRgtEpYGcTw0Sl
NRLNruREmSAnqyLb/58NLsw0T9CfKKPoHIt5PdH4L5bDjTj1nASkCHSa+j15HCVa
yA653igjSYNR08eYSrEWPmq3adtLbsVbieWUIitoHNheGk6D8l47scx77Cetwi50
Pp7SKQeqz4fE2xeb/eMtjSApgJ5mqMr10E7Tdvep0/AW60WDgLOyJACE+RTntCIM
6QhxM0vvO9SBkjVky4evrbE6s7ZQCXjOCXinMQ8PG+AZ/55/irQ3W1Lh4fcfAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUKRNvCQu4xj7x5a1qYm8QrTLPk1YwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM3
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM2MzUzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X6mqMA0GCSqGSIb3DQEBCwUAA4IBAQBWnYLI7pLoJA/z3eVOIynWuIkoAVE9lzG1
Uk5PcawMLe2k+2aeoGexN820SpTsTZH5s4yIns49IPTimZ/eNQAG9g74GEUq4dPc
MMMR8mf9XpxOjbf+3FeYvggfR9T/lPY6DhaX6HfEQ1qrNEp3+1FEPhifUOGS9Mj6
aZOJpu2XvQsh6DHzBj9OvQSjXw1DWBljJBAqnDpFW5jPVbAanf6c8HRWqs34K+ct
xpjVShPE7os3quX1e3/rZLqKsn30FzvLE40ZDQZ1K1oKy3g9Q5CXo9xBdflAfZh+
mxMaB3gygrZXQIi4Su1xmXnOHwPi94AahmwiuqW4WgaH27zBjVc2
-----END CERTIFICATE-----
Generated at Fri Apr 17 21:03:52 2026 by rpki-client