Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3138362e302f32342d3234203d3e203331313033.roa
File: 39352e3136392e3138362e302f32342d3234203d3e203331313033.roa (raw, json)
Hash identifier: 8daVoJE88pbacwjpEBJsidwrwg2219SsmQVK6HKFYj4=
Subject key identifier: 3A:85:3F:26:17:15:BA:FC:32:9D:ED:DE:92:B7:6C:F9:49:48:39:D1
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 65B813C7C663DE2B8BAFC4DF50C20980DCE10B4C
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3138362e302f32342d3234203d3e203331313033.roa
Signing time: Fri 03 Apr 2026 10:46:58 +0000
ROA not before: Fri 03 Apr 2026 10:41:58 +0000
ROA not after: Fri 02 Apr 2027 10:46:58 +0000
asID: 31103
IP address blocks: 95.169.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 17:50:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:b8:13:c7:c6:63:de:2b:8b:af:c4:df:50:c2:09:80:dc:e1:0b:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: Apr 3 10:41:58 2026 GMT
Not After : Apr 2 10:46:58 2027 GMT
Subject: CN=3A853F261715BAFC329DEDDE92B76CF9494839D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:e7:cc:a3:46:88:75:bb:a1:81:7a:63:02:5f:
14:bd:11:13:89:13:67:40:41:bd:87:46:90:9a:4f:
e1:22:ed:5e:31:95:b5:bf:5e:f3:6d:4b:86:07:2a:
ed:e0:3f:9e:83:2a:2c:47:b8:f7:de:42:c7:b3:48:
e1:fd:70:27:e0:51:11:3d:ea:97:91:44:56:6e:e6:
84:9f:b0:56:83:b3:25:1f:8b:41:c9:da:79:8e:59:
03:38:80:f3:a3:7e:8e:eb:57:b0:88:6b:51:ff:c8:
5b:f5:bd:45:8d:94:4a:58:66:55:f6:50:88:f9:24:
f2:08:e0:2e:88:e6:77:5b:eb:72:b0:5f:b5:01:59:
e3:7d:c1:d0:b7:9a:0b:23:fc:f1:5d:d6:dc:c8:76:
a3:62:3e:e0:73:81:0c:79:a6:17:92:2d:25:4d:3f:
36:7b:13:6f:26:6e:ba:80:bc:2e:7d:2e:63:2c:c9:
a6:8b:28:cd:98:3e:cd:86:4f:2e:ef:81:a1:51:e4:
57:14:a8:db:dc:f1:22:56:41:c0:0d:bc:80:ba:90:
94:a8:71:6f:d4:f2:29:fa:81:cd:b5:10:45:9c:03:
f0:94:a7:79:81:3b:a4:ac:3d:ff:4a:9b:58:1b:91:
4e:39:ab:a2:d7:63:72:67:8a:3f:59:5a:09:65:3a:
cc:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:85:3F:26:17:15:BA:FC:32:9D:ED:DE:92:B7:6C:F9:49:48:39:D1
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3138362e302f32342d3234203d3e203331313033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.186.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:83:16:e4:00:14:99:92:99:c0:c7:3d:50:27:77:b8:bf:18:
53:75:56:18:5e:9b:b8:9a:b0:ff:ca:61:b5:7c:d4:34:68:4b:
da:19:d2:17:a0:e0:1f:14:3a:42:43:af:95:87:9f:62:a4:56:
e2:90:7e:2b:40:c3:1f:3e:64:f3:5f:1f:1d:fc:db:74:52:0c:
a3:bb:37:6e:e5:dc:6c:db:d4:18:33:fc:60:48:ac:0a:5f:fb:
b1:16:14:c5:43:be:3e:b1:c2:b6:ad:14:59:d2:bb:fd:48:4f:
fb:fd:ee:79:80:75:0c:fb:77:aa:a5:cf:e3:6b:42:a7:82:08:
f4:95:5b:71:81:8e:6e:cd:f9:97:81:d2:25:92:c8:15:01:65:
36:7f:1c:e9:bb:57:60:41:84:3a:31:40:4c:06:3e:3d:7d:a7:
1d:7f:24:92:61:f2:9a:41:c6:db:55:d6:9f:11:e3:df:59:ee:
9d:d0:4b:5e:4b:d5:b1:c8:d2:8d:44:41:cb:80:5c:18:20:aa:
10:d3:47:2c:57:af:d6:1c:af:d7:77:c2:79:a3:b5:70:9b:0e:
c9:fe:5e:60:2d:af:dd:d1:24:fc:54:d6:7e:6b:f4:a8:41:18:
bb:78:76:15:48:16:af:15:1f:e4:f1:39:d6:df:0e:0c:d9:e3:
46:ff:47:c3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZbgTx8Zj3iuLr8TfUMIJgNzhC0wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNjA0MDMxMDQxNThaFw0yNzA0MDIxMDQ2NThaMDMxMTAvBgNV
BAMTKDNBODUzRjI2MTcxNUJBRkMzMjlERURERTkyQjc2Q0Y5NDk0ODM5RDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDn58yjRoh1u6GBemMCXxS9EROJ
E2dAQb2HRpCaT+Ei7V4xlbW/XvNtS4YHKu3gP56DKixHuPfeQsezSOH9cCfgURE9
6peRRFZu5oSfsFaDsyUfi0HJ2nmOWQM4gPOjfo7rV7CIa1H/yFv1vUWNlEpYZlX2
UIj5JPII4C6I5ndb63KwX7UBWeN9wdC3mgsj/PFd1tzIdqNiPuBzgQx5pheSLSVN
PzZ7E28mbrqAvC59LmMsyaaLKM2YPs2GTy7vgaFR5FcUqNvc8SJWQcANvIC6kJSo
cW/U8in6gc21EEWcA/CUp3mBO6SsPf9Km1gbkU45q6LXY3Jnij9ZWgllOswBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUOoU/JhcVuvwyne3ekrds+UlIOdEwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM4
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMxMzEzMDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X6m6MA0GCSqGSIb3DQEBCwUAA4IBAQANgxbkABSZkpnAxz1QJ3e4vxhTdVYYXpu4
mrD/ymG1fNQ0aEvaGdIXoOAfFDpCQ6+Vh59ipFbikH4rQMMfPmTzXx8d/Nt0Ugyj
uzdu5dxs29QYM/xgSKwKX/uxFhTFQ74+scK2rRRZ0rv9SE/7/e55gHUM+3eqpc/j
a0Knggj0lVtxgY5uzfmXgdIlksgVAWU2fxzpu1dgQYQ6MUBMBj49facdfySSYfKa
QcbbVdafEePfWe6d0EteS9WxyNKNREHLgFwYIKoQ00csV6/WHK/Xd8J5o7Vwmw7J
/l5gLa/d0ST8VNZ+a/SoQRi7eHYVSBavFR/k8TnW3w4M2eNG/0fD
-----END CERTIFICATE-----
Generated at Sat Apr 18 03:04:26 2026 by rpki-client