Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3138302e302f32342d3234203d3e20323033373538.roa
File: 39352e3231342e3138302e302f32342d3234203d3e20323033373538.roa (raw, json)
Hash identifier: IltzG0K+W6/4OY3N4Cei605pBnUrFv4cf5U0zN9qrBQ=
Subject key identifier: B5:69:11:18:34:9B:2D:5F:99:2E:66:07:12:A1:B0:42:E3:FB:41:23
Certificate issuer: /CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Certificate serial: 650A04BD069F2AA72EADCACC0B36032BF3C2AB6B
Authority key identifier: 92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3138302e302f32342d3234203d3e20323033373538.roa
Signing time: Tue 24 Mar 2026 07:46:53 +0000
ROA not before: Tue 24 Mar 2026 07:41:53 +0000
ROA not after: Tue 23 Mar 2027 07:46:53 +0000
asID: 203758
IP address blocks: 95.214.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.mft
rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:0a:04:bd:06:9f:2a:a7:2e:ad:ca:cc:0b:36:03:2b:f3:c2:ab:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Validity
Not Before: Mar 24 07:41:53 2026 GMT
Not After : Mar 23 07:46:53 2027 GMT
Subject: CN=B5691118349B2D5F992E660712A1B042E3FB4123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:18:9b:01:d7:4e:b1:d3:25:d8:88:99:1d:64:
fe:3b:32:48:c0:2a:b5:ee:59:d2:d4:af:72:43:8f:
8f:61:5e:36:ba:ba:9c:56:19:a9:51:ba:c4:9c:61:
1d:6d:6b:a1:12:9f:fb:6e:c1:0a:02:39:cd:f1:29:
8e:70:b5:1c:3e:14:8e:1b:7d:93:d0:46:79:2a:46:
b3:3e:81:74:09:e4:6b:0e:46:a1:16:75:3c:36:80:
9b:a8:ab:ed:c8:0f:c5:50:f0:fc:f4:42:c4:45:fb:
e7:d8:b7:31:b7:15:3a:53:31:59:a0:80:21:3a:ba:
63:e6:dd:53:08:34:9f:13:4c:94:3d:1a:61:73:c2:
c2:12:b1:13:13:81:c1:cd:6d:a4:ec:ea:3f:62:b2:
12:21:a3:3e:42:e8:ac:e6:0d:08:6c:6e:02:86:bd:
a3:b8:75:ae:6a:b8:75:b8:34:b0:84:52:eb:3f:8f:
75:72:bc:73:73:02:39:9e:1d:0c:d6:5c:83:f7:a2:
23:af:20:53:86:27:63:ab:30:b2:d7:94:d7:9a:15:
92:ae:2b:a9:7f:5b:3c:c8:01:4a:e6:e7:7a:c3:43:
74:47:8c:15:a2:ac:f5:cb:14:be:e1:26:ea:7d:25:
14:55:a8:16:8f:1f:58:cf:3a:68:97:04:23:97:3c:
4d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:69:11:18:34:9B:2D:5F:99:2E:66:07:12:A1:B0:42:E3:FB:41:23
X509v3 Authority Key Identifier:
keyid:92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3138302e302f32342d3234203d3e20323033373538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.180.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:8f:16:f2:e3:12:5a:75:3c:b6:8d:eb:5a:75:1e:ed:f0:77:
74:b1:95:0f:1b:b0:b2:09:8e:1a:9a:a9:1d:00:ba:d9:1f:da:
06:26:0b:f7:77:36:35:59:da:6e:d5:6c:98:24:87:ba:a8:23:
44:39:50:91:50:32:cd:8f:26:58:85:dd:34:d1:c8:8b:86:bf:
0c:09:87:ed:74:02:f5:22:fa:c9:24:c5:f2:d4:b1:ff:26:0c:
b1:c4:c1:93:b9:b7:10:bc:0c:54:27:00:0d:eb:31:66:9e:eb:
cb:5c:c2:61:61:e8:b7:07:52:a4:81:0f:46:76:19:e5:52:a7:
a5:7d:68:4c:67:6f:82:e5:a2:3e:f9:e3:ca:61:89:6a:9d:fe:
f3:17:21:4e:90:67:62:d4:c1:75:e9:76:fc:bf:33:1d:75:e5:
10:79:60:d7:dd:ad:19:f2:96:26:7e:3e:20:8a:e7:58:d0:88:
97:6d:0c:51:17:30:4c:1b:61:d3:79:42:ee:42:fd:ae:7a:c9:
59:1e:49:08:7c:8e:4e:66:fa:72:14:de:b2:86:f2:ee:66:49:
eb:62:4a:96:82:19:a2:92:77:c9:6c:18:9e:b4:f3:17:b8:34:
41:58:5a:e5:b3:36:82:7c:ec:aa:38:bf:9b:11:33:77:e0:d8:
14:a7:1b:b5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZQoEvQafKqcurcrMCzYDK/PCq2swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTJmNDlkZTg2ODRmMTI4N2Y0ZjZjYjE4NWQ1Y2Y3ZGU4
MGM5MGI5NDAeFw0yNjAzMjQwNzQxNTNaFw0yNzAzMjMwNzQ2NTNaMDMxMTAvBgNV
BAMTKEI1NjkxMTE4MzQ5QjJENUY5OTJFNjYwNzEyQTFCMDQyRTNGQjQxMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWGJsB106x0yXYiJkdZP47MkjA
KrXuWdLUr3JDj49hXja6upxWGalRusScYR1ta6ESn/tuwQoCOc3xKY5wtRw+FI4b
fZPQRnkqRrM+gXQJ5GsORqEWdTw2gJuoq+3ID8VQ8Pz0QsRF++fYtzG3FTpTMVmg
gCE6umPm3VMINJ8TTJQ9GmFzwsISsRMTgcHNbaTs6j9ishIhoz5C6KzmDQhsbgKG
vaO4da5quHW4NLCEUus/j3VyvHNzAjmeHQzWXIP3oiOvIFOGJ2OrMLLXlNeaFZKu
K6l/WzzIAUrm53rDQ3RHjBWirPXLFL7hJup9JRRVqBaPH1jPOmiXBCOXPE15AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUtWkRGDSbLV+ZLmYHEqGwQuP7QSMwHwYDVR0j
BBgwFoAUkvSd6GhPEof09ssYXVz33oDJC5QwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjA5MjMzODktMmJkZS00M2UwLWIwZDUtZmMyNDRhNjMw
M2QwLzAvOTJGNDlERTg2ODRGMTI4N0Y0RjZDQjE4NUQ1Q0Y3REU4MEM5MEI5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2t2U2Q2R2hQRW9mMDlzc1lYVnozM29E
SkM1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjA5MjMzODkt
MmJkZS00M2UwLWIwZDUtZmMyNDRhNjMwM2QwLzAvMzkzNTJlMzIzMTM0MmUzMTM4
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzMzNzM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABf1rQwDQYJKoZIhvcNAQELBQADggEBAKePFvLjElp1PLaN61p1Hu3wd3SxlQ8b
sLIJjhqaqR0Autkf2gYmC/d3NjVZ2m7VbJgkh7qoI0Q5UJFQMs2PJliF3TTRyIuG
vwwJh+10AvUi+skkxfLUsf8mDLHEwZO5txC8DFQnAA3rMWae68tcwmFh6LcHUqSB
D0Z2GeVSp6V9aExnb4Lloj7548phiWqd/vMXIU6QZ2LUwXXpdvy/Mx115RB5YNfd
rRnyliZ+PiCK51jQiJdtDFEXMEwbYdN5Qu5C/a56yVkeSQh8jk5m+nIU3rKG8u5m
SetiSpaCGaKSd8lsGJ608xe4NEFYWuWzNoJ87Ko4v5sRM3fg2BSnG7U=
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:34:27 2026 by rpki-client