Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137332e302f32342d3234203d3e20323135333034.roa
File: 39352e3231342e3137332e302f32342d3234203d3e20323135333034.roa (raw, json)
Hash identifier: ykvLLS6Z6kV/o/cgRwX1ZEaK41JubO1IO21DEk7RF6E=
Subject key identifier: F6:30:94:6C:28:CB:79:2D:CE:8F:90:97:5F:CC:1C:A3:BF:50:45:6C
Certificate issuer: /CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Certificate serial: 603CE6DCDB013F7BBFD8AB2CD48A529859BE6F9A
Authority key identifier: 92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137332e302f32342d3234203d3e20323135333034.roa
Signing time: Sat 16 Aug 2025 14:46:01 +0000
ROA not before: Sat 16 Aug 2025 14:41:01 +0000
ROA not after: Sat 15 Aug 2026 14:46:01 +0000
asID: 215304
IP address blocks: 95.214.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.mft
rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 02:03:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:3c:e6:dc:db:01:3f:7b:bf:d8:ab:2c:d4:8a:52:98:59:be:6f:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Validity
Not Before: Aug 16 14:41:01 2025 GMT
Not After : Aug 15 14:46:01 2026 GMT
Subject: CN=F630946C28CB792DCE8F90975FCC1CA3BF50456C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:07:4d:df:8d:8f:0a:0f:38:5a:80:23:1b:6b:
32:cc:97:75:3c:78:55:e1:80:87:9f:a3:8f:35:e4:
8f:db:44:9f:9b:d3:3a:ad:0d:61:c8:cd:0e:c3:4c:
96:2b:d2:1e:fb:2f:e6:d8:4f:0c:1a:c3:b5:04:4a:
9e:72:e8:c7:87:d1:9d:9e:06:53:e3:1c:9a:f4:27:
13:41:33:73:ff:c9:60:c8:1e:dd:22:a0:30:ce:57:
50:4c:d7:b0:8d:ef:bc:67:c3:cc:8d:c0:ae:f5:c4:
35:d4:5f:70:5e:01:44:3f:78:4c:49:06:d2:46:ee:
80:af:14:42:7c:5c:99:07:c5:47:88:d2:25:8e:47:
08:97:ad:04:33:49:e8:43:7e:c0:e0:94:2d:99:c8:
22:37:93:74:14:47:7c:dd:80:8e:a5:ad:2a:dd:60:
0f:b6:58:07:0b:e8:05:2a:aa:60:d7:7e:a1:c0:fe:
b2:30:fd:bf:9f:e1:c1:00:e2:fb:19:8a:ae:f9:df:
bd:43:52:f5:62:3f:67:99:ee:a5:e4:f2:9e:08:fb:
96:4c:06:7e:a2:14:9e:db:57:9e:fb:32:8d:dd:bf:
e6:a9:78:5b:e0:b5:5c:e2:be:7f:a3:29:3d:6a:19:
66:04:a2:ff:c6:b9:fb:de:bb:76:2f:44:82:15:6b:
36:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:30:94:6C:28:CB:79:2D:CE:8F:90:97:5F:CC:1C:A3:BF:50:45:6C
X509v3 Authority Key Identifier:
keyid:92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137332e302f32342d3234203d3e20323135333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.173.0/24
Signature Algorithm: sha256WithRSAEncryption
91:94:9d:df:87:68:b9:ad:a6:5d:66:8d:88:96:69:db:9c:45:
3e:61:db:84:00:71:f1:f8:6c:f6:b5:ad:e7:62:54:7b:0d:09:
a0:07:8f:74:0e:20:e1:4d:d3:b7:41:56:17:ae:40:21:b9:b2:
5c:1d:60:80:57:66:57:eb:71:4f:d5:54:47:fc:a9:25:06:2e:
60:5a:73:cb:f9:b2:4a:4c:2f:31:a2:42:d2:3a:a5:53:81:cb:
39:d3:ee:e2:04:c4:55:89:cc:9a:5d:e5:ed:89:33:9e:31:ec:
16:86:26:43:f0:b8:46:11:10:4d:e0:bb:cc:5b:aa:bc:30:37:
d0:a9:b4:b7:96:7b:c5:56:38:db:b4:c8:d0:98:ea:81:db:6e:
9d:06:5e:49:6a:00:d4:92:73:b9:61:f1:95:60:fc:58:63:f8:
42:c9:65:03:24:d0:9c:da:b9:63:81:4f:67:c6:a5:00:22:47:
05:1a:ed:c0:43:14:74:be:6a:77:db:62:97:4c:cc:4a:38:b1:
fc:c3:9e:88:82:d6:b7:d2:eb:77:fb:ed:f2:25:ad:65:61:7b:
cf:20:03:06:47:6a:46:f8:d4:67:a9:07:ed:d3:4b:61:ee:60:
0d:fe:16:55:c1:ae:ce:55:bd:66:1b:0b:a5:ca:3e:ae:26:44:
28:44:95:9d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYDzm3NsBP3u/2Kss1IpSmFm+b5owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTJmNDlkZTg2ODRmMTI4N2Y0ZjZjYjE4NWQ1Y2Y3ZGU4
MGM5MGI5NDAeFw0yNTA4MTYxNDQxMDFaFw0yNjA4MTUxNDQ2MDFaMDMxMTAvBgNV
BAMTKEY2MzA5NDZDMjhDQjc5MkRDRThGOTA5NzVGQ0MxQ0EzQkY1MDQ1NkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLB03fjY8KDzhagCMbazLMl3U8
eFXhgIefo4815I/bRJ+b0zqtDWHIzQ7DTJYr0h77L+bYTwwaw7UESp5y6MeH0Z2e
BlPjHJr0JxNBM3P/yWDIHt0ioDDOV1BM17CN77xnw8yNwK71xDXUX3BeAUQ/eExJ
BtJG7oCvFEJ8XJkHxUeI0iWORwiXrQQzSehDfsDglC2ZyCI3k3QUR3zdgI6lrSrd
YA+2WAcL6AUqqmDXfqHA/rIw/b+f4cEA4vsZiq75371DUvViP2eZ7qXk8p4I+5ZM
Bn6iFJ7bV577Mo3dv+apeFvgtVzivn+jKT1qGWYEov/Gufveu3YvRIIVazYdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU9jCUbCjLeS3Oj5CXX8wco79QRWwwHwYDVR0j
BBgwFoAUkvSd6GhPEof09ssYXVz33oDJC5QwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjA5MjMzODktMmJkZS00M2UwLWIwZDUtZmMyNDRhNjMw
M2QwLzAvOTJGNDlERTg2ODRGMTI4N0Y0RjZDQjE4NUQ1Q0Y3REU4MEM5MEI5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2t2U2Q2R2hQRW9mMDlzc1lYVnozM29E
SkM1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjA5MjMzODkt
MmJkZS00M2UwLWIwZDUtZmMyNDRhNjMwM2QwLzAvMzkzNTJlMzIzMTM0MmUzMTM3
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzUzMzMwMzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABf1q0wDQYJKoZIhvcNAQELBQADggEBAJGUnd+HaLmtpl1mjYiWaducRT5h24QA
cfH4bPa1rediVHsNCaAHj3QOIOFN07dBVheuQCG5slwdYIBXZlfrcU/VVEf8qSUG
LmBac8v5skpMLzGiQtI6pVOByznT7uIExFWJzJpd5e2JM54x7BaGJkPwuEYREE3g
u8xbqrwwN9CptLeWe8VWONu0yNCY6oHbbp0GXklqANSSc7lh8ZVg/Fhj+ELJZQMk
0JzauWOBT2fGpQAiRwUa7cBDFHS+anfbYpdMzEo4sfzDnoiC1rfS63f77fIlrWVh
e88gAwZHakb41GepB+3TS2HuYA3+FlXBrs5VvWYbC6XKPq4mRChElZ0=
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:13:55 2025 by rpki-client