Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96573e88-daba-4ac7-a2ed-321c8277d25e/0/39332e39352e3131352e302f32342d3234203d3e20313938353834.roa
File: 39332e39352e3131352e302f32342d3234203d3e20313938353834.roa (raw, json)
Hash identifier: FutqYRyHBMmN+0PD6TfHd0Z48pzfzxz1hCrgLY7AwAA=
Subject key identifier: 8B:AE:3E:78:BB:58:5D:C4:5B:E5:50:9D:01:90:A6:C1:96:6E:6C:9F
Certificate issuer: /CN=b172548fa3c460e26cb519ee524361bca6c7132e
Certificate serial: 0D420FC1AFD63A46B7AF158FC787FFE4D533E024
Authority key identifier: B1:72:54:8F:A3:C4:60:E2:6C:B5:19:EE:52:43:61:BC:A6:C7:13:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sXJUj6PEYOJstRnuUkNhvKbHEy4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96573e88-daba-4ac7-a2ed-321c8277d25e/0/39332e39352e3131352e302f32342d3234203d3e20313938353834.roa
Signing time: Fri 03 Oct 2025 14:55:08 +0000
ROA not before: Fri 03 Oct 2025 14:50:08 +0000
ROA not after: Fri 02 Oct 2026 14:55:08 +0000
asID: 198584
IP address blocks: 93.95.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96573e88-daba-4ac7-a2ed-321c8277d25e/0/B172548FA3C460E26CB519EE524361BCA6C7132E.crl
rsync://rsync.paas.rpki.ripe.net/repository/96573e88-daba-4ac7-a2ed-321c8277d25e/0/B172548FA3C460E26CB519EE524361BCA6C7132E.mft
rsync://rpki.ripe.net/repository/DEFAULT/sXJUj6PEYOJstRnuUkNhvKbHEy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:42:0f:c1:af:d6:3a:46:b7:af:15:8f:c7:87:ff:e4:d5:33:e0:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b172548fa3c460e26cb519ee524361bca6c7132e
Validity
Not Before: Oct 3 14:50:08 2025 GMT
Not After : Oct 2 14:55:08 2026 GMT
Subject: CN=8BAE3E78BB585DC45BE5509D0190A6C1966E6C9F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:80:12:01:30:2e:61:b0:8c:c0:6c:56:18:a8:
8d:13:1a:47:54:ef:24:f5:74:8e:4d:ae:f5:a0:6d:
35:6a:ba:4d:12:39:fa:fb:0e:64:2b:0b:09:ab:33:
d4:26:d5:a7:cd:0a:1a:02:88:77:12:b5:38:71:dd:
ef:78:6e:75:b7:88:96:77:39:ff:a6:16:2b:22:37:
93:8c:62:8d:62:b7:98:4d:1d:21:8d:9f:8c:10:dc:
17:27:f9:e9:db:42:b1:4c:68:30:78:30:6e:3e:d2:
32:03:a0:de:ba:a2:04:ae:da:fa:a0:4d:89:9d:44:
87:dc:1a:76:9a:85:95:cc:bc:d0:8e:f0:57:8a:92:
fb:6c:75:b9:5f:cb:ce:50:05:95:c1:00:86:4d:ed:
c1:40:67:45:57:6a:bd:30:e4:81:10:6e:8c:be:fe:
d8:e6:5f:dc:4c:15:f4:93:e8:d1:ba:a9:34:04:c3:
aa:15:aa:c0:9d:7e:cd:30:5c:8c:a5:db:4d:13:97:
a6:98:5f:8f:d5:eb:93:a5:ff:a3:ea:8a:e9:5c:53:
92:b7:b0:9d:8b:c6:31:7d:d1:6b:06:a1:a2:20:3c:
90:e8:c9:bc:40:4e:56:d0:64:81:60:7e:62:33:7f:
65:22:24:95:cb:91:57:a2:19:57:19:7b:1b:c0:25:
fb:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:AE:3E:78:BB:58:5D:C4:5B:E5:50:9D:01:90:A6:C1:96:6E:6C:9F
X509v3 Authority Key Identifier:
keyid:B1:72:54:8F:A3:C4:60:E2:6C:B5:19:EE:52:43:61:BC:A6:C7:13:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96573e88-daba-4ac7-a2ed-321c8277d25e/0/B172548FA3C460E26CB519EE524361BCA6C7132E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXJUj6PEYOJstRnuUkNhvKbHEy4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96573e88-daba-4ac7-a2ed-321c8277d25e/0/39332e39352e3131352e302f32342d3234203d3e20313938353834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.95.115.0/24
Signature Algorithm: sha256WithRSAEncryption
dc:2b:48:8e:14:f5:e4:db:e4:66:f6:cc:49:00:0d:37:a3:a0:
b5:17:66:4a:e5:50:bd:b7:96:5a:57:07:87:26:c3:08:3f:f1:
bf:ad:c5:4c:7e:db:5c:b6:da:07:56:1b:d5:f1:e3:9b:bc:b0:
b5:db:fb:cb:bf:af:3a:6e:59:06:77:cd:76:0b:38:07:47:e1:
3e:50:bd:1b:29:0b:7b:63:fc:9a:59:51:cb:65:3f:ae:94:a2:
1b:bd:b7:4a:40:28:eb:e3:f4:ae:e7:04:d6:e0:96:1f:b7:cf:
2a:c1:da:f2:e7:e3:5c:c0:73:00:f5:d0:ac:33:f6:3e:56:46:
76:8c:99:9a:10:d0:cc:f6:a9:d9:19:c7:dc:1a:bd:5e:c5:a7:
61:89:6d:2e:a1:da:45:d9:fb:2b:39:cc:37:48:5c:8d:72:fb:
0b:6a:f3:fe:9e:ef:2b:47:96:67:84:96:78:d6:41:ac:43:3b:
de:e2:dd:ba:cf:38:72:b7:8e:b0:99:2c:37:e8:0e:62:41:3b:
31:04:d3:2e:97:b1:94:b3:c4:88:fe:c6:11:7a:68:eb:27:72:
33:27:c5:c5:51:bc:87:30:9a:82:96:bd:c8:5b:72:29:3c:ab:
31:ca:73:71:1e:97:37:77:df:ca:43:40:d4:0b:23:ac:02:34:
eb:f4:be:12
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDUIPwa/WOka3rxWPx4f/5NUz4CQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjE3MjU0OGZhM2M0NjBlMjZjYjUxOWVlNTI0MzYxYmNh
NmM3MTMyZTAeFw0yNTEwMDMxNDUwMDhaFw0yNjEwMDIxNDU1MDhaMDMxMTAvBgNV
BAMTKDhCQUUzRTc4QkI1ODVEQzQ1QkU1NTA5RDAxOTBBNkMxOTY2RTZDOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3gBIBMC5hsIzAbFYYqI0TGkdU
7yT1dI5NrvWgbTVquk0SOfr7DmQrCwmrM9Qm1afNChoCiHcStThx3e94bnW3iJZ3
Of+mFisiN5OMYo1it5hNHSGNn4wQ3Bcn+enbQrFMaDB4MG4+0jIDoN66ogSu2vqg
TYmdRIfcGnaahZXMvNCO8FeKkvtsdblfy85QBZXBAIZN7cFAZ0VXar0w5IEQboy+
/tjmX9xMFfST6NG6qTQEw6oVqsCdfs0wXIyl200Tl6aYX4/V65Ol/6PqiulcU5K3
sJ2LxjF90WsGoaIgPJDoybxATlbQZIFgfmIzf2UiJJXLkVeiGVcZexvAJftlAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUi64+eLtYXcRb5VCdAZCmwZZubJ8wHwYDVR0j
BBgwFoAUsXJUj6PEYOJstRnuUkNhvKbHEy4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTY1NzNlODgtZGFiYS00YWM3LWEyZWQtMzIxYzgyNzdk
MjVlLzAvQjE3MjU0OEZBM0M0NjBFMjZDQjUxOUVFNTI0MzYxQkNBNkM3MTMyRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NYSlVqNlBFWU9Kc3RSbnVVa05odkti
SEV5NC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTY1NzNlODgt
ZGFiYS00YWM3LWEyZWQtMzIxYzgyNzdkMjVlLzAvMzkzMzJlMzkzNTJlMzEzMTM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzOTM4MzUzODM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
XV9zMA0GCSqGSIb3DQEBCwUAA4IBAQDcK0iOFPXk2+Rm9sxJAA03o6C1F2ZK5VC9
t5ZaVweHJsMIP/G/rcVMfttcttoHVhvV8eObvLC12/vLv686blkGd812CzgHR+E+
UL0bKQt7Y/yaWVHLZT+ulKIbvbdKQCjr4/Su5wTW4JYft88qwdry5+NcwHMA9dCs
M/Y+VkZ2jJmaENDM9qnZGcfcGr1exadhiW0uodpF2fsrOcw3SFyNcvsLavP+nu8r
R5ZnhJZ41kGsQzve4t26zzhyt46wmSw36A5iQTsxBNMul7GUs8SI/sYRemjrJ3Iz
J8XFUbyHMJqClr3IW3IpPKsxynNxHpc3d9/KQ0DUCyOsAjTr9L4S
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:55:58 2025 by rpki-client