Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137332e302f32342d3234203d3e203231383430.roa
File: 39352e3231342e3137332e302f32342d3234203d3e203231383430.roa (raw, json)
Hash identifier: ufGlQ+DrhT42dGKvfqF9MmDLago1FeOS1zGb2GQoeMQ=
Subject key identifier: A5:44:56:88:F1:82:40:98:4A:38:F7:85:37:A0:29:46:67:66:2D:62
Certificate issuer: /CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Certificate serial: 6D5D7FB206E4D3234813F1F81BCEB4E88D60BA4B
Authority key identifier: 92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137332e302f32342d3234203d3e203231383430.roa
Signing time: Mon 23 Mar 2026 14:38:14 +0000
ROA not before: Mon 23 Mar 2026 14:33:14 +0000
ROA not after: Mon 22 Mar 2027 14:38:14 +0000
asID: 21840
IP address blocks: 95.214.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.mft
rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 20:43:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:5d:7f:b2:06:e4:d3:23:48:13:f1:f8:1b:ce:b4:e8:8d:60:ba:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Validity
Not Before: Mar 23 14:33:14 2026 GMT
Not After : Mar 22 14:38:14 2027 GMT
Subject: CN=A5445688F18240984A38F78537A0294667662D62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:9a:8e:45:8b:41:20:74:11:06:26:17:a7:e2:
9f:30:88:32:a9:79:30:85:ef:e0:bf:9b:be:da:8e:
31:68:66:da:9d:f8:65:80:8c:28:f3:db:47:b7:80:
fb:f8:1c:e2:74:53:dd:9e:d9:64:0a:c5:12:30:00:
4e:39:43:ae:05:3f:9e:1c:a6:5a:df:f9:f2:6b:c3:
e2:6b:49:f7:3b:4f:53:4a:d1:bb:38:32:d2:3c:4c:
0f:40:81:23:d3:40:ff:07:3a:27:99:43:38:fb:f9:
61:a6:ab:cc:b6:9c:42:1d:c9:57:35:75:a5:da:2d:
d6:40:d4:a4:c9:13:35:d9:c0:89:80:62:22:31:3c:
02:07:e6:4b:bc:dd:d4:8f:be:22:99:ca:90:fb:cd:
7f:c6:f5:d0:5b:80:0e:91:1a:61:ab:7e:0e:1a:e7:
e8:94:9d:14:03:39:f5:ec:4f:e1:80:47:69:e3:0c:
96:37:26:dc:f1:96:b7:22:0c:1a:76:57:4d:33:70:
30:82:c2:38:54:90:23:6b:98:69:90:6c:10:b2:39:
d2:65:b1:6e:b8:80:38:27:b7:bd:2e:54:48:2b:b7:
1d:f3:2b:3a:68:0f:1f:2f:16:b6:09:54:c6:8b:83:
4b:17:e0:a7:40:65:a9:7b:83:ad:77:af:1f:9d:1d:
23:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:44:56:88:F1:82:40:98:4A:38:F7:85:37:A0:29:46:67:66:2D:62
X509v3 Authority Key Identifier:
keyid:92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137332e302f32342d3234203d3e203231383430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.173.0/24
Signature Algorithm: sha256WithRSAEncryption
82:e2:d0:33:cb:ce:b6:98:b8:e5:8f:07:2f:cd:61:a0:94:c9:
2c:2c:4e:26:5b:61:bb:95:a8:52:36:8e:86:aa:64:82:f2:79:
08:10:de:85:10:ca:ba:0e:d6:68:76:3a:bc:5b:01:e3:2e:f5:
c0:aa:24:44:d3:35:66:f5:b1:aa:8d:d0:a6:37:7c:45:91:62:
29:22:c1:cb:be:9a:16:73:b7:bc:9d:a2:c4:06:ae:4a:0f:b0:
58:3f:1a:ad:10:f7:5d:75:7a:79:ac:c7:75:0a:c9:46:0c:df:
ac:58:c9:8b:db:07:51:81:67:a5:93:64:9c:79:54:3b:8b:78:
4b:ed:3e:6b:38:7a:49:98:af:77:28:ca:b4:b0:6d:38:c9:9f:
94:3f:72:f8:b8:33:a0:f5:47:f4:df:0f:7e:cf:e7:4c:f5:1a:
ab:a1:e4:d4:51:ad:aa:b4:ce:57:e7:5c:29:59:97:cf:97:3d:
91:5f:3b:5f:51:4f:8d:87:a1:fe:37:a4:6a:45:c4:7c:e3:2d:
82:52:a1:d5:a9:88:19:9e:47:82:52:a5:f0:ce:29:62:30:8d:
e4:03:b2:18:a0:e8:30:25:51:34:22:d5:58:b1:f3:2c:f2:0c:
82:1a:43:7e:21:db:c5:c3:a8:25:67:68:93:6d:f9:87:9d:bb:
1c:c4:d5:35
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbV1/sgbk0yNIE/H4G8606I1gukswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTJmNDlkZTg2ODRmMTI4N2Y0ZjZjYjE4NWQ1Y2Y3ZGU4
MGM5MGI5NDAeFw0yNjAzMjMxNDMzMTRaFw0yNzAzMjIxNDM4MTRaMDMxMTAvBgNV
BAMTKEE1NDQ1Njg4RjE4MjQwOTg0QTM4Rjc4NTM3QTAyOTQ2Njc2NjJENjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDomo5Fi0EgdBEGJhen4p8wiDKp
eTCF7+C/m77ajjFoZtqd+GWAjCjz20e3gPv4HOJ0U92e2WQKxRIwAE45Q64FP54c
plrf+fJrw+JrSfc7T1NK0bs4MtI8TA9AgSPTQP8HOieZQzj7+WGmq8y2nEIdyVc1
daXaLdZA1KTJEzXZwImAYiIxPAIH5ku83dSPviKZypD7zX/G9dBbgA6RGmGrfg4a
5+iUnRQDOfXsT+GAR2njDJY3JtzxlrciDBp2V00zcDCCwjhUkCNrmGmQbBCyOdJl
sW64gDgnt70uVEgrtx3zKzpoDx8vFrYJVMaLg0sX4KdAZal7g613rx+dHSPxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUpURWiPGCQJhKOPeFN6ApRmdmLWIwHwYDVR0j
BBgwFoAUkvSd6GhPEof09ssYXVz33oDJC5QwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjA5MjMzODktMmJkZS00M2UwLWIwZDUtZmMyNDRhNjMw
M2QwLzAvOTJGNDlERTg2ODRGMTI4N0Y0RjZDQjE4NUQ1Q0Y3REU4MEM5MEI5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2t2U2Q2R2hQRW9mMDlzc1lYVnozM29E
SkM1US5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjA5MjMzODkt
MmJkZS00M2UwLWIwZDUtZmMyNDRhNjMwM2QwLzAvMzkzNTJlMzIzMTM0MmUzMTM3
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzgzNDMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X9atMA0GCSqGSIb3DQEBCwUAA4IBAQCC4tAzy862mLjljwcvzWGglMksLE4mW2G7
lahSNo6GqmSC8nkIEN6FEMq6DtZodjq8WwHjLvXAqiRE0zVm9bGqjdCmN3xFkWIp
IsHLvpoWc7e8naLEBq5KD7BYPxqtEPdddXp5rMd1CslGDN+sWMmL2wdRgWelk2Sc
eVQ7i3hL7T5rOHpJmK93KMq0sG04yZ+UP3L4uDOg9Uf03w9+z+dM9RqroeTUUa2q
tM5X51wpWZfPlz2RXztfUU+Nh6H+N6RqRcR84y2CUqHVqYgZnkeCUqXwziliMI3k
A7IYoOgwJVE0ItVYsfMs8gyCGkN+IdvFw6glZ2iTbfmHnbscxNU1
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:25:04 2026 by rpki-client