Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137322e302f32342d3234203d3e20313937343737.roa
File: 39352e3231342e3137322e302f32342d3234203d3e20313937343737.roa (raw, json)
Hash identifier: y8hcJrulcRceTx871qhtDNBcbMxDEQZoJON7Dc+UpGA=
Subject key identifier: BE:94:56:49:1A:0F:D3:61:3F:E4:88:D2:C5:E6:CC:56:F5:38:F5:A9
Certificate issuer: /CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Certificate serial: 165567E34DBF816D637ED04C1C688AC22C614B44
Authority key identifier: 92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137322e302f32342d3234203d3e20313937343737.roa
Signing time: Mon 08 Sep 2025 15:38:15 +0000
ROA not before: Mon 08 Sep 2025 15:33:15 +0000
ROA not after: Mon 07 Sep 2026 15:38:15 +0000
asID: 197477
IP address blocks: 95.214.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.mft
rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 05:57:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:55:67:e3:4d:bf:81:6d:63:7e:d0:4c:1c:68:8a:c2:2c:61:4b:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Validity
Not Before: Sep 8 15:33:15 2025 GMT
Not After : Sep 7 15:38:15 2026 GMT
Subject: CN=BE9456491A0FD3613FE488D2C5E6CC56F538F5A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:22:cf:89:bc:8f:33:7f:33:7d:d2:59:67:d0:
3a:20:14:cb:d7:1b:3c:b1:c3:83:58:f1:f4:38:1c:
44:c7:61:c4:85:a7:56:bb:c3:6c:16:c4:d3:87:8f:
46:23:fc:e1:c5:d4:b3:c1:63:27:dc:8c:58:59:31:
d1:f7:27:57:a7:ea:2f:3b:83:a9:62:ec:35:4e:a0:
dd:16:3c:2e:1f:71:1d:e5:f8:19:a2:42:7f:0e:0a:
af:75:20:2d:41:f6:e9:38:58:62:dd:90:46:ef:cf:
5f:7b:e2:f9:35:4a:28:a5:1d:5e:52:15:23:81:e4:
be:25:ed:23:98:e7:70:59:3e:28:33:0f:4d:9a:a2:
d2:00:06:9f:07:df:66:81:ea:5d:29:d9:94:3b:7a:
87:c2:f6:43:28:6c:09:49:b6:1e:fc:4a:5b:1d:4e:
c0:e9:18:be:29:68:4d:47:09:d8:15:57:49:f3:fe:
f5:56:a2:ee:f7:b3:de:b5:60:58:7e:f7:0c:01:25:
51:a6:27:fa:c8:01:c6:b5:e1:1f:25:2a:16:84:a7:
5d:48:4a:4d:fe:36:07:ef:49:8c:d5:6a:22:45:1d:
07:63:27:51:d7:b2:7c:ce:e0:04:de:cf:5b:75:07:
05:61:83:47:6f:24:21:62:6b:79:c3:0b:da:98:4c:
96:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:94:56:49:1A:0F:D3:61:3F:E4:88:D2:C5:E6:CC:56:F5:38:F5:A9
X509v3 Authority Key Identifier:
keyid:92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137322e302f32342d3234203d3e20313937343737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.172.0/24
Signature Algorithm: sha256WithRSAEncryption
67:4d:71:e9:44:92:06:8a:00:ab:99:ce:8e:4c:81:ec:df:5d:
8f:96:92:7f:09:3f:2f:d9:67:b2:05:5b:71:98:ba:19:ef:df:
8c:f8:51:f9:92:01:35:ca:8c:71:54:60:0e:e6:9c:9b:a5:35:
d4:00:36:7c:7a:03:8f:e3:40:2c:39:ee:0f:7c:b6:64:f0:25:
fe:30:44:03:bd:66:bb:c0:aa:31:1e:be:4a:45:6d:3c:ac:7b:
db:16:31:df:06:de:66:96:d5:87:e2:4e:9d:97:34:fb:0d:86:
27:c2:df:44:65:e9:59:b7:12:26:5e:7a:06:8f:92:02:58:81:
f7:00:e2:46:b6:24:e4:e0:45:64:4b:9b:22:f6:cc:bd:b3:92:
47:49:5d:aa:22:d9:ae:b8:93:6f:24:22:6f:7f:47:44:82:c4:
32:85:6a:dc:cc:01:fa:ce:37:65:65:40:91:fc:ca:86:cf:f6:
34:a3:80:a2:33:4a:15:75:9a:bf:27:15:ab:e0:c7:ff:4f:1d:
b8:34:78:0d:0b:89:68:6d:73:ad:03:d0:76:7d:7a:1d:ed:39:
0e:03:32:72:1a:00:1e:96:86:4d:56:f0:47:fd:5b:2f:0e:01:
c4:51:d9:22:83:53:ca:bd:83:a7:84:d2:55:27:5a:f6:ba:63:
63:5a:d1:7e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFlVn402/gW1jftBMHGiKwixhS0QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTJmNDlkZTg2ODRmMTI4N2Y0ZjZjYjE4NWQ1Y2Y3ZGU4
MGM5MGI5NDAeFw0yNTA5MDgxNTMzMTVaFw0yNjA5MDcxNTM4MTVaMDMxMTAvBgNV
BAMTKEJFOTQ1NjQ5MUEwRkQzNjEzRkU0ODhEMkM1RTZDQzU2RjUzOEY1QTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoIs+JvI8zfzN90lln0DogFMvX
Gzyxw4NY8fQ4HETHYcSFp1a7w2wWxNOHj0Yj/OHF1LPBYyfcjFhZMdH3J1en6i87
g6li7DVOoN0WPC4fcR3l+BmiQn8OCq91IC1B9uk4WGLdkEbvz1974vk1SiilHV5S
FSOB5L4l7SOY53BZPigzD02aotIABp8H32aB6l0p2ZQ7eofC9kMobAlJth78Slsd
TsDpGL4paE1HCdgVV0nz/vVWou73s961YFh+9wwBJVGmJ/rIAca14R8lKhaEp11I
Sk3+NgfvSYzVaiJFHQdjJ1HXsnzO4ATez1t1BwVhg0dvJCFia3nDC9qYTJadAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUvpRWSRoP02E/5IjSxebMVvU49akwHwYDVR0j
BBgwFoAUkvSd6GhPEof09ssYXVz33oDJC5QwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjA5MjMzODktMmJkZS00M2UwLWIwZDUtZmMyNDRhNjMw
M2QwLzAvOTJGNDlERTg2ODRGMTI4N0Y0RjZDQjE4NUQ1Q0Y3REU4MEM5MEI5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2t2U2Q2R2hQRW9mMDlzc1lYVnozM29E
SkM1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjA5MjMzODkt
MmJkZS00M2UwLWIwZDUtZmMyNDRhNjMwM2QwLzAvMzkzNTJlMzIzMTM0MmUzMTM3
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzczNDM3Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABf1qwwDQYJKoZIhvcNAQELBQADggEBAGdNcelEkgaKAKuZzo5MgezfXY+Wkn8J
Py/ZZ7IFW3GYuhnv34z4UfmSATXKjHFUYA7mnJulNdQANnx6A4/jQCw57g98tmTw
Jf4wRAO9ZrvAqjEevkpFbTyse9sWMd8G3maW1YfiTp2XNPsNhifC30Rl6Vm3EiZe
egaPkgJYgfcA4ka2JOTgRWRLmyL2zL2zkkdJXaoi2a64k28kIm9/R0SCxDKFatzM
AfrON2VlQJH8yobP9jSjgKIzShV1mr8nFavgx/9PHbg0eA0LiWhtc60D0HZ9eh3t
OQ4DMnIaAB6Whk1W8Ef9Wy8OAcRR2SKDU8q9g6eE0lUnWva6Y2Na0X4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:35:55 2025 by rpki-client