Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3138392e302f32342d3234203d3e203331313033.roa
File: 39352e3136392e3138392e302f32342d3234203d3e203331313033.roa (raw, json)
Hash identifier: ut975HWxrJJVprUw24NLhBr8BngBepJ1hQwkfejhcnw=
Subject key identifier: 56:E4:DA:AC:A4:CC:19:B3:6C:AC:BD:A9:BF:2A:B4:04:54:54:BF:2E
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 2F7CF01F18AAD633FB1B31FD2E1241440FF4C765
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3138392e302f32342d3234203d3e203331313033.roa
Signing time: Fri 03 Apr 2026 10:46:59 +0000
ROA not before: Fri 03 Apr 2026 10:41:59 +0000
ROA not after: Fri 02 Apr 2027 10:46:59 +0000
asID: 31103
IP address blocks: 95.169.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:7c:f0:1f:18:aa:d6:33:fb:1b:31:fd:2e:12:41:44:0f:f4:c7:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: Apr 3 10:41:59 2026 GMT
Not After : Apr 2 10:46:59 2027 GMT
Subject: CN=56E4DAACA4CC19B36CACBDA9BF2AB4045454BF2E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:09:c8:8c:84:81:7a:1f:6f:49:41:30:15:50:
92:3d:85:bd:58:ba:19:3b:7c:84:3d:83:8e:f7:b7:
35:12:1a:db:67:89:90:bd:e1:3d:22:13:01:12:50:
22:7f:71:af:99:d4:bb:4d:e5:7c:48:50:69:7f:58:
08:07:ca:0b:5d:97:d7:97:b8:39:79:d7:4d:c0:7a:
8e:bd:1e:eb:9f:76:f6:0b:b7:39:ec:3d:7c:61:30:
95:65:05:5d:a2:57:19:ef:e0:34:e9:87:17:fb:b6:
93:db:92:b7:60:24:64:74:ab:8f:3c:76:3e:f4:9d:
85:95:b7:48:72:21:76:ef:1a:3e:ea:2a:5d:43:d8:
0b:3d:9b:a9:7b:d9:51:f0:95:3e:b8:2e:7f:02:d2:
97:c5:e7:53:7e:f0:bb:a7:15:45:d1:cf:e4:f6:b9:
2f:df:a5:8c:54:05:4c:93:f6:54:d2:79:8d:4b:49:
29:57:8a:5f:11:6b:57:ff:c3:ef:14:e2:f1:ee:49:
f3:0f:0f:e1:09:40:fa:08:9a:b8:4a:1f:13:9b:be:
7b:64:f3:0d:67:46:72:f6:91:b3:e1:cf:51:15:d1:
b3:1b:62:42:da:18:72:ce:8e:9d:a0:97:e2:76:6a:
a3:47:16:71:f2:75:70:d9:e5:d1:ae:39:b0:99:ea:
85:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:E4:DA:AC:A4:CC:19:B3:6C:AC:BD:A9:BF:2A:B4:04:54:54:BF:2E
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3138392e302f32342d3234203d3e203331313033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.189.0/24
Signature Algorithm: sha256WithRSAEncryption
94:d1:f6:38:82:73:81:3e:32:6a:6c:cf:f5:c6:04:95:94:16:
cb:30:34:e5:15:f0:c0:04:98:5d:aa:cf:c0:42:ae:22:02:cd:
8c:84:39:15:c1:99:45:71:2f:b3:80:ea:3b:f8:e0:e9:48:66:
d6:27:dd:6b:b6:07:c3:26:b3:48:28:94:07:01:7f:61:b1:7b:
62:2c:7a:b7:65:ba:6f:b0:5b:38:99:5d:45:9a:25:5c:eb:47:
99:e1:cd:a8:df:a4:03:6f:c0:c1:d3:71:90:34:f9:df:c0:d5:
27:aa:50:aa:69:17:83:68:4a:66:ce:40:c6:84:94:aa:58:ee:
0a:17:e2:82:b5:ea:aa:e6:60:90:2e:00:c6:2a:14:9c:54:51:
66:27:f7:27:d2:ce:fd:be:05:aa:37:cd:c1:a4:72:b1:af:8d:
79:c3:cc:6f:76:be:b3:81:bb:28:d2:36:f7:31:00:c7:13:35:
81:c1:44:ae:cb:01:bb:61:5e:e2:d1:f5:a6:32:34:c2:e8:1d:
05:5e:83:ba:b1:e0:6d:3a:8b:d2:fe:ab:51:d9:ce:8d:1f:9b:
26:09:3c:62:55:ce:1a:5d:78:8f:5e:da:b0:c9:28:ea:4a:63:
30:b6:9d:df:fe:ba:de:60:7d:45:85:c0:cf:bb:59:ec:a2:aa:
a0:45:91:2f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUL3zwHxiq1jP7GzH9LhJBRA/0x2UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNjA0MDMxMDQxNTlaFw0yNzA0MDIxMDQ2NTlaMDMxMTAvBgNV
BAMTKDU2RTREQUFDQTRDQzE5QjM2Q0FDQkRBOUJGMkFCNDA0NTQ1NEJGMkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxCciMhIF6H29JQTAVUJI9hb1Y
uhk7fIQ9g473tzUSGttniZC94T0iEwESUCJ/ca+Z1LtN5XxIUGl/WAgHygtdl9eX
uDl5103Aeo69HuufdvYLtznsPXxhMJVlBV2iVxnv4DTphxf7tpPbkrdgJGR0q488
dj70nYWVt0hyIXbvGj7qKl1D2As9m6l72VHwlT64Ln8C0pfF51N+8LunFUXRz+T2
uS/fpYxUBUyT9lTSeY1LSSlXil8Ra1f/w+8U4vHuSfMPD+EJQPoImrhKHxObvntk
8w1nRnL2kbPhz1EV0bMbYkLaGHLOjp2gl+J2aqNHFnHydXDZ5dGuObCZ6oX/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUVuTarKTMGbNsrL2pvyq0BFRUvy4wHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM4
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMxMzEzMDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X6m9MA0GCSqGSIb3DQEBCwUAA4IBAQCU0fY4gnOBPjJqbM/1xgSVlBbLMDTlFfDA
BJhdqs/AQq4iAs2MhDkVwZlFcS+zgOo7+ODpSGbWJ91rtgfDJrNIKJQHAX9hsXti
LHq3ZbpvsFs4mV1FmiVc60eZ4c2o36QDb8DB03GQNPnfwNUnqlCqaReDaEpmzkDG
hJSqWO4KF+KCteqq5mCQLgDGKhScVFFmJ/cn0s79vgWqN83BpHKxr415w8xvdr6z
gbso0jb3MQDHEzWBwUSuywG7YV7i0fWmMjTC6B0FXoO6seBtOovS/qtR2c6NH5sm
CTxiVc4aXXiPXtqwySjqSmMwtp3f/rreYH1FhcDPu1nsoqqgRZEv
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:45:11 2026 by rpki-client