Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137352e302f32342d3234203d3e20313335333931.roa
File: 39352e3231342e3137352e302f32342d3234203d3e20313335333931.roa (raw, json)
Hash identifier: 7k+RlsbEAvDIHt5Is/doveA233QJ/dZMJOIDSEPgfCs=
Subject key identifier: 33:C5:63:BB:DB:E6:BA:E8:87:3A:AA:E6:34:50:12:E4:BF:93:3E:41
Certificate issuer: /CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Certificate serial: 33BC8D660591E0D4556BB41C52F53C939E7A2AF2
Authority key identifier: 92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137352e302f32342d3234203d3e20313335333931.roa
Signing time: Tue 24 Mar 2026 07:46:53 +0000
ROA not before: Tue 24 Mar 2026 07:41:53 +0000
ROA not after: Tue 23 Mar 2027 07:46:53 +0000
asID: 135391
IP address blocks: 95.214.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.mft
rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:bc:8d:66:05:91:e0:d4:55:6b:b4:1c:52:f5:3c:93:9e:7a:2a:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Validity
Not Before: Mar 24 07:41:53 2026 GMT
Not After : Mar 23 07:46:53 2027 GMT
Subject: CN=33C563BBDBE6BAE8873AAAE6345012E4BF933E41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ab:ca:fa:24:1d:8a:90:91:e3:74:57:6f:3d:
d6:c2:f8:19:8d:1d:af:d8:09:b4:c7:f7:97:a9:6d:
71:57:36:8f:8c:de:08:ab:dc:16:7d:bc:54:b2:f5:
08:75:92:6d:57:86:48:10:45:8e:6e:dd:28:56:8b:
d9:9d:f5:c9:2a:4f:e4:4b:af:0d:64:ce:01:65:7e:
db:bf:fc:63:d2:6f:03:e4:5d:23:0f:44:66:63:38:
2b:70:d8:98:55:e6:0c:76:55:83:15:22:44:3b:7f:
e5:ec:1e:50:7a:6b:5c:cc:a9:54:5f:7b:a9:10:f4:
26:69:ce:6d:79:7c:9a:37:80:fb:88:ec:f1:96:cc:
de:3d:b9:6b:2e:58:36:ea:fd:a9:d9:0f:f3:8c:02:
d4:c2:80:6d:e9:d3:ff:aa:55:fe:16:4c:e8:a9:ab:
40:fd:88:b7:5a:d1:75:32:f9:a2:48:16:03:d2:d8:
bf:e6:94:f9:dd:4f:37:de:49:4e:b2:e8:54:a6:53:
bb:5b:14:81:fa:84:0b:7a:7b:08:24:03:5e:ea:41:
94:5c:02:2f:cf:1e:81:b5:eb:15:09:f2:dd:9f:14:
78:83:1c:f4:ae:b1:a3:16:27:90:55:6b:64:e3:77:
b6:b8:dd:e3:3a:10:97:11:5e:0f:26:a5:92:c9:24:
ff:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:C5:63:BB:DB:E6:BA:E8:87:3A:AA:E6:34:50:12:E4:BF:93:3E:41
X509v3 Authority Key Identifier:
keyid:92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137352e302f32342d3234203d3e20313335333931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.175.0/24
Signature Algorithm: sha256WithRSAEncryption
89:50:7e:24:77:0f:b7:96:13:e4:f9:b5:67:42:08:c9:96:89:
e2:a8:b2:ed:e0:ce:35:95:70:52:5f:f1:66:21:1f:d7:f3:ae:
c1:04:31:1d:b5:1a:14:45:f0:7b:ac:e2:57:48:d2:c0:a4:8b:
8b:dc:53:9f:2a:27:92:24:22:b5:5c:41:43:0c:51:7f:fa:b6:
8a:6b:38:e0:a4:55:7f:9b:a5:d2:63:45:a5:cc:f0:85:e4:3d:
51:a1:9b:64:15:c8:9c:ee:aa:b4:79:2b:85:cb:f3:93:47:ea:
44:58:cd:e9:3b:9e:82:37:f0:a0:01:8a:96:c3:d8:ab:b8:ed:
2a:49:3d:38:2e:bf:4d:1e:e8:73:04:1b:6b:3e:51:b2:2f:20:
33:bb:3a:9c:a2:80:01:d3:93:01:6f:c5:04:e4:72:84:95:98:
a7:82:20:71:c7:cc:02:09:cf:2b:1d:bf:13:b0:ec:71:41:0c:
20:15:85:cd:7c:78:f6:a7:25:c4:a3:65:a5:b7:7b:56:36:28:
61:3d:fa:a7:cb:9d:bf:d4:e3:97:e8:40:0d:65:b8:b8:97:1d:
ed:e1:ee:c5:02:12:f7:aa:ef:db:22:9e:e2:84:27:ec:22:ef:
69:d8:f8:1e:5a:a7:1d:e9:26:e8:26:c6:43:41:ff:2f:01:05:
f6:ff:2f:9d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUM7yNZgWR4NRVa7QcUvU8k556KvIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTJmNDlkZTg2ODRmMTI4N2Y0ZjZjYjE4NWQ1Y2Y3ZGU4
MGM5MGI5NDAeFw0yNjAzMjQwNzQxNTNaFw0yNzAzMjMwNzQ2NTNaMDMxMTAvBgNV
BAMTKDMzQzU2M0JCREJFNkJBRTg4NzNBQUFFNjM0NTAxMkU0QkY5MzNFNDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5q8r6JB2KkJHjdFdvPdbC+BmN
Ha/YCbTH95epbXFXNo+M3gir3BZ9vFSy9Qh1km1XhkgQRY5u3ShWi9md9ckqT+RL
rw1kzgFlftu//GPSbwPkXSMPRGZjOCtw2JhV5gx2VYMVIkQ7f+XsHlB6a1zMqVRf
e6kQ9CZpzm15fJo3gPuI7PGWzN49uWsuWDbq/anZD/OMAtTCgG3p0/+qVf4WTOip
q0D9iLda0XUy+aJIFgPS2L/mlPndTzfeSU6y6FSmU7tbFIH6hAt6ewgkA17qQZRc
Ai/PHoG16xUJ8t2fFHiDHPSusaMWJ5BVa2Tjd7a43eM6EJcRXg8mpZLJJP+5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUM8Vju9vmuuiHOqrmNFAS5L+TPkEwHwYDVR0j
BBgwFoAUkvSd6GhPEof09ssYXVz33oDJC5QwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjA5MjMzODktMmJkZS00M2UwLWIwZDUtZmMyNDRhNjMw
M2QwLzAvOTJGNDlERTg2ODRGMTI4N0Y0RjZDQjE4NUQ1Q0Y3REU4MEM5MEI5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2t2U2Q2R2hQRW9mMDlzc1lYVnozM29E
SkM1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjA5MjMzODkt
MmJkZS00M2UwLWIwZDUtZmMyNDRhNjMwM2QwLzAvMzkzNTJlMzIzMTM0MmUzMTM3
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzUzMzM5MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABf1q8wDQYJKoZIhvcNAQELBQADggEBAIlQfiR3D7eWE+T5tWdCCMmWieKosu3g
zjWVcFJf8WYhH9fzrsEEMR21GhRF8Hus4ldI0sCki4vcU58qJ5IkIrVcQUMMUX/6
toprOOCkVX+bpdJjRaXM8IXkPVGhm2QVyJzuqrR5K4XL85NH6kRYzek7noI38KAB
ipbD2Ku47SpJPTguv00e6HMEG2s+UbIvIDO7OpyigAHTkwFvxQTkcoSVmKeCIHHH
zAIJzysdvxOw7HFBDCAVhc18ePanJcSjZaW3e1Y2KGE9+qfLnb/U45foQA1luLiX
He3h7sUCEveq79sinuKEJ+wi72nY+B5apx3pJugmxkNB/y8BBfb/L50=
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:44:47 2026 by rpki-client