Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3138372e302f32342d3234203d3e203331313033.roa
File: 39352e3136392e3138372e302f32342d3234203d3e203331313033.roa (raw, json)
Hash identifier: pySxHVQtYN782X6XDfBZ9zkxvLdpxdQLnlGZe0ySJ+8=
Subject key identifier: 0A:F2:FC:96:0F:C9:0F:8F:E5:48:40:3B:1E:2F:EC:28:9A:88:A6:85
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 603D29D3321E0B2F108C566C8AF19186DD759582
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3138372e302f32342d3234203d3e203331313033.roa
Signing time: Fri 03 Apr 2026 10:46:58 +0000
ROA not before: Fri 03 Apr 2026 10:41:58 +0000
ROA not after: Fri 02 Apr 2027 10:46:58 +0000
asID: 31103
IP address blocks: 95.169.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:3d:29:d3:32:1e:0b:2f:10:8c:56:6c:8a:f1:91:86:dd:75:95:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: Apr 3 10:41:58 2026 GMT
Not After : Apr 2 10:46:58 2027 GMT
Subject: CN=0AF2FC960FC90F8FE548403B1E2FEC289A88A685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1a:8d:43:4f:fa:7a:fa:55:0b:d1:82:7c:59:
78:21:ad:95:55:9b:3e:b6:57:fc:8c:06:e7:46:ab:
5a:d9:42:c1:b1:62:07:1c:99:9e:1e:de:a9:21:74:
e3:d4:aa:54:8c:24:6c:3d:06:32:e4:00:a7:ac:29:
a2:5d:cd:9c:5d:52:9a:f9:2e:47:1b:df:67:aa:08:
21:d7:6c:bf:cf:fc:ce:03:c7:e4:3c:53:bb:0c:9d:
8a:e4:7c:e4:8d:62:ab:1e:d4:35:18:51:0e:e5:6c:
6f:03:c8:1e:1d:65:55:c9:25:d5:1e:09:14:bb:5d:
03:43:e6:d5:6a:43:f9:56:8f:25:d6:95:f0:c5:00:
7c:4a:01:6e:d3:84:5e:24:47:19:80:f3:27:79:17:
dc:d7:5f:9a:76:4e:f5:57:f8:6c:b7:24:29:77:ee:
e6:91:23:cd:48:87:36:fa:d5:e4:9d:7d:52:b7:7c:
b4:ec:0f:58:4c:bc:84:3e:e1:d9:d2:13:3e:10:64:
ea:74:f1:e2:f1:03:c9:5f:f3:84:94:29:b5:0c:af:
60:d0:5c:5e:8d:b8:32:d2:b9:fa:57:c1:5b:11:03:
73:3f:1a:34:b5:c4:0a:4b:1f:69:c6:5b:e8:66:d7:
7e:aa:06:6b:e4:93:45:b3:cf:cf:b1:ab:d6:73:89:
a0:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:F2:FC:96:0F:C9:0F:8F:E5:48:40:3B:1E:2F:EC:28:9A:88:A6:85
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3138372e302f32342d3234203d3e203331313033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.187.0/24
Signature Algorithm: sha256WithRSAEncryption
56:6c:76:69:ce:4c:ef:c8:99:2d:28:7c:4a:cb:78:5c:ef:37:
69:88:9d:27:27:35:a7:58:b6:88:f5:81:8a:69:36:2a:80:d7:
6c:46:50:ee:1b:7b:07:a6:68:2a:6f:d6:04:81:20:b2:73:51:
42:5e:34:0b:1d:60:18:99:88:9d:4f:ce:2f:af:ce:79:4e:fb:
b7:54:93:66:b9:48:70:60:0a:4b:ca:b1:bb:e1:22:c1:47:1f:
02:3e:de:12:35:2b:67:d4:e5:24:4f:ff:9d:40:a7:81:ef:e2:
6f:a4:c0:c2:7b:2e:bd:c4:d9:70:60:4a:12:00:d0:b8:0e:a6:
bf:9c:0b:3b:c1:71:36:7a:94:53:73:30:02:49:e2:92:dc:d2:
92:e7:66:14:3f:b2:79:81:14:91:3c:91:d1:27:af:8d:b5:e9:
6d:fa:ed:4a:0a:c8:6e:2e:23:ad:7b:33:02:7b:17:ee:70:fb:
ca:02:dd:8d:00:78:62:9f:22:12:05:f9:4b:7c:09:ef:f7:39:
5c:8f:26:a9:04:4e:64:b3:db:db:95:a6:f8:21:fe:00:ac:e7:
34:94:d2:34:b7:53:5d:74:72:8c:5e:a2:89:83:60:fe:e9:fe:
f0:ea:a5:4f:de:f2:4b:9d:8d:dc:6d:23:2f:27:ec:29:31:0e:
85:6f:fe:7b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYD0p0zIeCy8QjFZsivGRht11lYIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNjA0MDMxMDQxNThaFw0yNzA0MDIxMDQ2NThaMDMxMTAvBgNV
BAMTKDBBRjJGQzk2MEZDOTBGOEZFNTQ4NDAzQjFFMkZFQzI4OUE4OEE2ODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuGo1DT/p6+lUL0YJ8WXghrZVV
mz62V/yMBudGq1rZQsGxYgccmZ4e3qkhdOPUqlSMJGw9BjLkAKesKaJdzZxdUpr5
Lkcb32eqCCHXbL/P/M4Dx+Q8U7sMnYrkfOSNYqse1DUYUQ7lbG8DyB4dZVXJJdUe
CRS7XQND5tVqQ/lWjyXWlfDFAHxKAW7ThF4kRxmA8yd5F9zXX5p2TvVX+Gy3JCl3
7uaRI81Ihzb61eSdfVK3fLTsD1hMvIQ+4dnSEz4QZOp08eLxA8lf84SUKbUMr2DQ
XF6NuDLSufpXwVsRA3M/GjS1xApLH2nGW+hm136qBmvkk0Wzz8+xq9ZziaB1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUCvL8lg/JD4/lSEA7Hi/sKJqIpoUwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM4
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMxMzEzMDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X6m7MA0GCSqGSIb3DQEBCwUAA4IBAQBWbHZpzkzvyJktKHxKy3hc7zdpiJ0nJzWn
WLaI9YGKaTYqgNdsRlDuG3sHpmgqb9YEgSCyc1FCXjQLHWAYmYidT84vr855Tvu3
VJNmuUhwYApLyrG74SLBRx8CPt4SNStn1OUkT/+dQKeB7+JvpMDCey69xNlwYEoS
ANC4Dqa/nAs7wXE2epRTczACSeKS3NKS52YUP7J5gRSRPJHRJ6+Ntelt+u1KCshu
LiOtezMCexfucPvKAt2NAHhinyISBflLfAnv9zlcjyapBE5ks9vblab4If4ArOc0
lNI0t1NddHKMXqKJg2D+6f7w6qVP3vJLnY3cbSMvJ+wpMQ6Fb/57
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:44:08 2026 by rpki-client