Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137342e302f32342d3234203d3e20323134343636.roa
File: 39352e3231342e3137342e302f32342d3234203d3e20323134343636.roa (raw, json)
Hash identifier: 6VJ0BRDW5vzl9vSQFhJrbqoPj47Dkmz6QrWwxneNt7M=
Subject key identifier: B4:8A:AB:52:BC:70:34:10:F8:1F:B8:09:CB:1D:F4:BC:29:9B:04:32
Certificate issuer: /CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Certificate serial: 7049855C8E50316B529E3D1A2859ED645A58C45D
Authority key identifier: 92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137342e302f32342d3234203d3e20323134343636.roa
Signing time: Tue 24 Mar 2026 07:46:53 +0000
ROA not before: Tue 24 Mar 2026 07:41:53 +0000
ROA not after: Tue 23 Mar 2027 07:46:53 +0000
asID: 214466
IP address blocks: 95.214.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.mft
rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:49:85:5c:8e:50:31:6b:52:9e:3d:1a:28:59:ed:64:5a:58:c4:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Validity
Not Before: Mar 24 07:41:53 2026 GMT
Not After : Mar 23 07:46:53 2027 GMT
Subject: CN=B48AAB52BC703410F81FB809CB1DF4BC299B0432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:b1:49:3f:a6:6f:40:bb:f6:12:de:60:3b:84:
8f:f4:f3:95:3e:1e:5a:80:cd:0b:17:74:98:2f:f9:
ac:52:98:c1:36:8a:d2:6e:4a:2c:87:d6:ea:53:8c:
03:2c:1b:f8:08:9e:3b:e2:b6:70:7a:95:dd:1b:b8:
7d:1e:8f:91:c6:57:e3:56:2c:91:8a:9c:13:51:24:
9e:60:46:60:e6:b4:cf:43:e8:48:5c:c1:f4:ca:27:
e9:5f:72:02:ca:6f:9b:0a:69:b0:57:2f:b0:e9:62:
4e:83:7b:61:46:6d:ba:28:cd:63:98:02:0a:c2:b8:
4e:9e:bc:94:fd:3b:b4:41:89:c7:85:8f:26:69:e6:
05:2f:67:0b:5e:6b:ea:e2:44:e3:99:a8:67:df:66:
f0:34:d2:7a:8d:3d:a1:68:d7:32:ab:32:64:e8:b6:
f6:22:f6:c6:8e:81:c0:10:58:61:96:f0:8f:4e:3c:
77:d7:ed:54:9b:6e:de:de:5a:6d:db:22:64:07:fb:
e5:3e:8b:c9:3d:88:5f:ab:9a:fc:8c:ba:8f:81:d8:
6e:86:4d:08:ef:17:da:8e:7b:09:c7:ac:35:bb:ad:
3a:d6:3b:2c:f6:f6:e6:b6:20:6e:10:a5:fc:45:95:
7b:cf:49:98:28:6c:30:20:37:bb:85:5b:1f:e1:69:
1a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:8A:AB:52:BC:70:34:10:F8:1F:B8:09:CB:1D:F4:BC:29:9B:04:32
X509v3 Authority Key Identifier:
keyid:92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137342e302f32342d3234203d3e20323134343636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.174.0/24
Signature Algorithm: sha256WithRSAEncryption
48:68:e9:de:b8:98:6f:a6:3c:f6:61:c6:ee:9f:66:70:39:19:
a3:65:3d:42:07:61:f4:29:dd:bb:ee:b7:7a:aa:66:45:94:de:
71:c7:9c:b9:ee:42:5e:16:57:e7:ff:d6:91:31:df:37:e0:47:
d2:d7:ba:24:de:1e:c9:93:0a:e6:cb:9d:63:d0:34:87:c3:27:
d4:76:54:33:91:19:a8:89:8f:e1:2e:29:ab:fb:0b:03:6b:ca:
d9:ed:75:cf:fe:6c:eb:24:22:fa:9f:fe:b5:e9:a9:06:82:29:
73:55:9e:1b:1c:b3:96:46:67:18:de:0e:52:5c:c4:7e:ea:7d:
31:ab:69:42:b8:19:6f:a9:a5:c9:46:59:11:46:ec:c8:19:53:
39:17:57:cf:db:77:ad:c9:40:0e:f8:f5:73:10:39:39:5e:85:
9d:59:20:74:cb:79:22:f2:6b:df:c0:6e:6e:34:e8:2e:7c:42:
a5:f9:b1:0c:b3:9c:40:fd:40:41:0a:6b:f5:19:d5:7d:f6:df:
a5:45:5e:f5:86:30:97:5a:2c:05:4e:2c:14:60:96:75:29:26:
0c:39:98:fc:c5:db:f6:a5:e8:e5:0a:c0:3e:55:ab:f2:db:39:
71:33:c4:5e:44:e8:d5:f4:b6:37:46:51:dd:ba:90:4d:e9:c2:
59:d6:64:8c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcEmFXI5QMWtSnj0aKFntZFpYxF0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTJmNDlkZTg2ODRmMTI4N2Y0ZjZjYjE4NWQ1Y2Y3ZGU4
MGM5MGI5NDAeFw0yNjAzMjQwNzQxNTNaFw0yNzAzMjMwNzQ2NTNaMDMxMTAvBgNV
BAMTKEI0OEFBQjUyQkM3MDM0MTBGODFGQjgwOUNCMURGNEJDMjk5QjA0MzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjsUk/pm9Au/YS3mA7hI/085U+
HlqAzQsXdJgv+axSmME2itJuSiyH1upTjAMsG/gInjvitnB6ld0buH0ej5HGV+NW
LJGKnBNRJJ5gRmDmtM9D6EhcwfTKJ+lfcgLKb5sKabBXL7DpYk6De2FGbboozWOY
AgrCuE6evJT9O7RBiceFjyZp5gUvZwtea+riROOZqGffZvA00nqNPaFo1zKrMmTo
tvYi9saOgcAQWGGW8I9OPHfX7VSbbt7eWm3bImQH++U+i8k9iF+rmvyMuo+B2G6G
TQjvF9qOewnHrDW7rTrWOyz29ua2IG4QpfxFlXvPSZgobDAgN7uFWx/haRqtAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUtIqrUrxwNBD4H7gJyx30vCmbBDIwHwYDVR0j
BBgwFoAUkvSd6GhPEof09ssYXVz33oDJC5QwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjA5MjMzODktMmJkZS00M2UwLWIwZDUtZmMyNDRhNjMw
M2QwLzAvOTJGNDlERTg2ODRGMTI4N0Y0RjZDQjE4NUQ1Q0Y3REU4MEM5MEI5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2t2U2Q2R2hQRW9mMDlzc1lYVnozM29E
SkM1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjA5MjMzODkt
MmJkZS00M2UwLWIwZDUtZmMyNDRhNjMwM2QwLzAvMzkzNTJlMzIzMTM0MmUzMTM3
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzNDM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABf1q4wDQYJKoZIhvcNAQELBQADggEBAEho6d64mG+mPPZhxu6fZnA5GaNlPUIH
YfQp3bvut3qqZkWU3nHHnLnuQl4WV+f/1pEx3zfgR9LXuiTeHsmTCubLnWPQNIfD
J9R2VDORGaiJj+EuKav7CwNrytntdc/+bOskIvqf/rXpqQaCKXNVnhscs5ZGZxje
DlJcxH7qfTGraUK4GW+ppclGWRFG7MgZUzkXV8/bd63JQA749XMQOTlehZ1ZIHTL
eSLya9/Abm406C58QqX5sQyznED9QEEKa/UZ1X3236VFXvWGMJdaLAVOLBRglnUp
Jgw5mPzF2/al6OUKwD5Vq/LbOXEzxF5E6NX0tjdGUd26kE3pwlnWZIw=
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:26:24 2026 by rpki-client