Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137322e302f32342d3234203d3e203239303134.roa
File: 39352e3136392e3137322e302f32342d3234203d3e203239303134.roa (raw, json)
Hash identifier: vOQ2CJDOAV09jGCVDUsBwTiMAv1pXrciagC9EaYFihM=
Subject key identifier: 44:7A:26:24:CF:84:B5:6C:AA:60:6D:46:7A:42:3B:61:74:0E:B6:00
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 20E6282CBCDADA772D40A98857C208A3066C3124
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137322e302f32342d3234203d3e203239303134.roa
Signing time: Tue 27 Jan 2026 05:55:35 +0000
ROA not before: Tue 27 Jan 2026 05:50:35 +0000
ROA not after: Tue 26 Jan 2027 05:55:35 +0000
asID: 29014
IP address blocks: 95.169.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:e6:28:2c:bc:da:da:77:2d:40:a9:88:57:c2:08:a3:06:6c:31:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: Jan 27 05:50:35 2026 GMT
Not After : Jan 26 05:55:35 2027 GMT
Subject: CN=447A2624CF84B56CAA606D467A423B61740EB600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a5:c6:24:d7:0f:b1:b9:bb:c9:6a:a8:58:92:
f9:7d:64:1b:90:8b:cd:c1:1b:d3:82:86:02:f9:9e:
d4:a5:70:04:9e:18:c3:5a:f0:fe:5d:47:f8:ee:4f:
51:19:bc:a8:40:d9:a0:6b:bc:fe:cb:92:0c:52:b6:
b7:5b:41:d5:92:bb:c7:2b:4a:0d:4a:22:3a:d2:3b:
46:2a:15:1b:7d:3b:fe:1e:22:1e:27:cf:7b:65:d1:
b8:12:32:5e:01:17:cc:cb:4f:cf:6e:5c:7f:75:6e:
b4:f3:4a:8e:c6:57:75:29:ee:ff:c2:cd:1c:fb:91:
08:63:eb:92:a0:40:ae:91:3a:6c:ed:77:10:98:54:
66:4c:f0:32:ff:3f:3f:69:00:66:16:d5:d9:f0:ec:
b0:f3:09:48:5b:62:e6:f1:73:d9:34:18:b5:41:ec:
e0:ec:63:70:4e:f2:0e:03:1e:78:5d:d6:33:79:a5:
33:ad:4b:31:ac:20:26:c4:17:fa:fd:6b:4b:de:fe:
19:b9:ae:f7:b3:9d:1d:2b:cd:2b:2a:a7:28:20:55:
7e:4f:c6:d7:a1:23:34:70:34:a7:ec:88:3d:4f:a6:
4c:a5:23:47:54:97:97:0a:46:2f:b0:9b:1b:77:1b:
9d:da:35:97:10:97:d6:0d:80:ee:27:a4:a4:ef:1b:
28:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:7A:26:24:CF:84:B5:6C:AA:60:6D:46:7A:42:3B:61:74:0E:B6:00
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137322e302f32342d3234203d3e203239303134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.172.0/24
Signature Algorithm: sha256WithRSAEncryption
09:b1:ee:8b:0d:cc:fd:cf:b3:49:c2:d9:11:83:44:47:3c:aa:
9c:2d:49:9e:92:41:d2:88:28:36:c8:d2:75:ee:99:5b:01:9d:
bd:07:79:12:48:30:e3:21:71:be:2e:df:21:28:81:08:9f:56:
b4:e7:4d:5e:34:58:f5:d3:28:a6:38:f9:8d:ca:bd:74:a0:2c:
2c:26:1f:94:42:d4:95:45:a5:96:80:54:d5:64:b0:15:aa:83:
0e:b6:54:0d:c9:97:6f:29:cd:5b:94:85:3e:0b:1b:8c:d8:19:
d8:91:37:96:0c:46:e0:e8:83:67:8d:68:d0:eb:e0:6c:db:25:
c0:68:bd:0a:09:21:be:03:4c:9a:21:c4:75:03:00:4c:18:83:
f2:de:19:e8:d3:df:bb:34:1a:21:d8:fa:07:98:3a:d6:22:39:
7e:5f:ab:f8:c5:a8:2f:61:57:bc:11:4f:2d:f5:b9:da:c0:ca:
92:fd:0d:85:72:9e:7c:88:75:51:74:71:ca:9b:81:1a:4a:97:
c3:39:f0:65:8d:f2:a9:48:68:8e:0b:0d:10:d5:2b:e6:8d:7b:
d5:51:03:0e:dd:34:e3:99:39:b2:8f:a2:d6:30:50:15:d4:c6:
c9:f9:a7:4a:a7:04:02:d3:8d:cd:17:01:f3:a9:a1:f3:2b:dd:
64:57:c4:4b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIOYoLLza2nctQKmIV8IIowZsMSQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNjAxMjcwNTUwMzVaFw0yNzAxMjYwNTU1MzVaMDMxMTAvBgNV
BAMTKDQ0N0EyNjI0Q0Y4NEI1NkNBQTYwNkQ0NjdBNDIzQjYxNzQwRUI2MDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCipcYk1w+xubvJaqhYkvl9ZBuQ
i83BG9OChgL5ntSlcASeGMNa8P5dR/juT1EZvKhA2aBrvP7LkgxStrdbQdWSu8cr
Sg1KIjrSO0YqFRt9O/4eIh4nz3tl0bgSMl4BF8zLT89uXH91brTzSo7GV3Up7v/C
zRz7kQhj65KgQK6ROmztdxCYVGZM8DL/Pz9pAGYW1dnw7LDzCUhbYubxc9k0GLVB
7ODsY3BO8g4DHnhd1jN5pTOtSzGsICbEF/r9a0ve/hm5rveznR0rzSsqpyggVX5P
xtehIzRwNKfsiD1PpkylI0dUl5cKRi+wmxt3G53aNZcQl9YNgO4npKTvGyiHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQURHomJM+EtWyqYG1GekI7YXQOtgAwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM3
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM5MzAzMTM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X6msMA0GCSqGSIb3DQEBCwUAA4IBAQAJse6LDcz9z7NJwtkRg0RHPKqcLUmekkHS
iCg2yNJ17plbAZ29B3kSSDDjIXG+Lt8hKIEIn1a0501eNFj10yimOPmNyr10oCws
Jh+UQtSVRaWWgFTVZLAVqoMOtlQNyZdvKc1blIU+CxuM2BnYkTeWDEbg6INnjWjQ
6+Bs2yXAaL0KCSG+A0yaIcR1AwBMGIPy3hno09+7NBoh2PoHmDrWIjl+X6v4xagv
YVe8EU8t9bnawMqS/Q2Fcp58iHVRdHHKm4EaSpfDOfBljfKpSGiOCw0Q1SvmjXvV
UQMO3TTjmTmyj6LWMFAV1MbJ+adKpwQC043NFwHzqaHzK91kV8RL
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:24:09 2026 by rpki-client