Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3139302e302f32332d3233203d3e203331313033.roa
File: 39352e3136392e3139302e302f32332d3233203d3e203331313033.roa (raw, json)
Hash identifier: m/tDzlsxBTeJ28XnXygy13CpdnuuR64r/As8GHZMQw4=
Subject key identifier: 90:64:F8:7B:57:D0:06:D6:46:59:95:69:BF:34:36:AC:2B:E1:5A:E3
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 13ECADF67378C004CD8CF8DEAF547172C72966A1
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3139302e302f32332d3233203d3e203331313033.roa
Signing time: Fri 03 Apr 2026 10:46:58 +0000
ROA not before: Fri 03 Apr 2026 10:41:58 +0000
ROA not after: Fri 02 Apr 2027 10:46:58 +0000
asID: 31103
IP address blocks: 95.169.190.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:ec:ad:f6:73:78:c0:04:cd:8c:f8:de:af:54:71:72:c7:29:66:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: Apr 3 10:41:58 2026 GMT
Not After : Apr 2 10:46:58 2027 GMT
Subject: CN=9064F87B57D006D646599569BF3436AC2BE15AE3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3b:4e:3c:93:60:28:b6:da:93:ac:4b:79:6c:
c9:28:81:bb:49:ae:af:40:a7:a6:1b:5f:40:97:58:
5e:58:c4:b0:45:f0:95:b7:70:7e:ca:3c:b2:a4:b2:
45:98:72:ae:88:37:c7:84:81:ca:62:4c:18:82:a6:
c3:70:12:ee:15:d9:e9:d4:e9:59:20:85:53:c4:0e:
10:2f:14:09:b2:d0:a8:f1:79:00:1f:82:74:02:09:
cd:0d:03:9b:27:36:01:0f:20:81:02:30:80:ed:ed:
72:ae:3e:59:43:8c:8d:84:05:68:88:05:37:de:25:
20:32:00:31:36:50:c8:82:e4:55:f4:27:da:a0:b8:
0a:ec:8c:bd:ed:16:34:c0:5e:f3:cf:e9:68:d1:74:
81:75:77:38:4b:2b:30:3d:f3:9f:33:cd:66:2d:71:
3f:93:53:fb:12:fb:2d:fa:33:0e:84:41:81:02:4b:
62:b3:c5:ca:3d:00:7a:f6:c9:44:80:b8:a4:54:d2:
80:0d:b7:0f:9e:a5:cf:10:bd:9a:9b:a2:87:0a:cb:
01:00:ac:4b:e3:de:ac:f9:22:2c:da:2d:19:07:e1:
ee:25:39:2e:58:3d:6e:0a:2b:a5:3a:96:32:e4:4b:
f6:f3:68:2e:49:84:0b:0b:a1:d6:13:56:33:41:24:
ee:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:64:F8:7B:57:D0:06:D6:46:59:95:69:BF:34:36:AC:2B:E1:5A:E3
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3139302e302f32332d3233203d3e203331313033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.190.0/23
Signature Algorithm: sha256WithRSAEncryption
a3:9c:37:b1:69:3c:52:5c:90:bf:04:23:62:55:4a:10:48:7c:
16:44:ab:45:be:07:61:35:9a:b8:3a:88:48:8a:42:7f:01:66:
47:a6:50:63:08:26:14:aa:be:00:5a:4c:26:2b:da:72:28:1a:
7a:bf:5b:b5:34:9d:23:1b:62:04:e8:30:9e:c3:53:f7:52:e8:
11:9c:39:c1:8f:51:e8:0a:5b:87:3c:7a:82:9d:2f:21:8d:bf:
14:3c:91:7e:8d:17:2d:b4:f4:6f:62:a1:5d:67:f7:f2:c9:b9:
5d:4f:4d:f9:e4:5e:c2:41:f8:1f:77:5d:8c:ea:fc:04:c1:0f:
f7:b9:5b:f1:9b:dc:bf:c7:e2:a6:b1:59:b0:b1:a3:9b:4e:30:
87:3e:9c:d6:c9:fe:a3:be:fa:b6:42:3b:de:fd:4b:d3:e5:22:
d8:ec:01:9d:30:d5:3e:e0:a7:b0:58:a3:ee:22:7a:de:b6:b8:
79:b0:1f:33:7f:86:68:90:24:76:48:33:f4:06:82:52:56:c2:
0b:5d:c4:40:58:10:06:d0:27:4a:77:fd:06:d4:ea:f1:42:39:
23:78:f2:1e:aa:35:d6:50:19:5c:ef:95:0f:54:1d:a8:11:6f:
cd:74:69:6f:84:7a:64:78:f6:22:6c:ec:ff:a7:a5:e3:24:51:
e1:63:70:b8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUE+yt9nN4wATNjPjer1RxcscpZqEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNjA0MDMxMDQxNThaFw0yNzA0MDIxMDQ2NThaMDMxMTAvBgNV
BAMTKDkwNjRGODdCNTdEMDA2RDY0NjU5OTU2OUJGMzQzNkFDMkJFMTVBRTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMO048k2AottqTrEt5bMkogbtJ
rq9Ap6YbX0CXWF5YxLBF8JW3cH7KPLKkskWYcq6IN8eEgcpiTBiCpsNwEu4V2enU
6VkghVPEDhAvFAmy0KjxeQAfgnQCCc0NA5snNgEPIIECMIDt7XKuPllDjI2EBWiI
BTfeJSAyADE2UMiC5FX0J9qguArsjL3tFjTAXvPP6WjRdIF1dzhLKzA9858zzWYt
cT+TU/sS+y36Mw6EQYECS2Kzxco9AHr2yUSAuKRU0oANtw+epc8QvZqboocKywEA
rEvj3qz5IizaLRkH4e4lOS5YPW4KK6U6ljLkS/bzaC5JhAsLodYTVjNBJO5rAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUkGT4e1fQBtZGWZVpvzQ2rCvhWuMwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM5
MzAyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMzMxMzEzMDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
X6m+MA0GCSqGSIb3DQEBCwUAA4IBAQCjnDexaTxSXJC/BCNiVUoQSHwWRKtFvgdh
NZq4OohIikJ/AWZHplBjCCYUqr4AWkwmK9pyKBp6v1u1NJ0jG2IE6DCew1P3UugR
nDnBj1HoCluHPHqCnS8hjb8UPJF+jRcttPRvYqFdZ/fyybldT0355F7CQfgfd12M
6vwEwQ/3uVvxm9y/x+KmsVmwsaObTjCHPpzWyf6jvvq2Qjve/UvT5SLY7AGdMNU+
4KewWKPuInretrh5sB8zf4ZokCR2SDP0BoJSVsILXcRAWBAG0CdKd/0G1OrxQjkj
ePIeqjXWUBlc75UPVB2oEW/NdGlvhHpkePYibOz/p6XjJFHhY3C4
-----END CERTIFICATE-----
Generated at Sat Apr 18 00:03:54 2026 by rpki-client