Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/39322e3131392e31332e302f32342d3234203d3e203631333137.roa
File: 39322e3131392e31332e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: XJucqt/WE94eBb+eCr8FWq6DlRpxvll1uCrSM37EI3c=
Subject key identifier: 7F:E6:B4:0F:BC:17:1D:B6:61:71:01:B5:DA:1D:81:48:BC:6E:B9:2E
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 7E443D277279E1E17CD02349CA192A14E48CCAB8
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/39322e3131392e31332e302f32342d3234203d3e203631333137.roa
Signing time: Thu 30 Apr 2026 16:02:21 +0000
ROA not before: Thu 30 Apr 2026 15:57:21 +0000
ROA not after: Thu 29 Apr 2027 16:02:21 +0000
asID: 61317
IP address blocks: 92.119.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:38:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:44:3d:27:72:79:e1:e1:7c:d0:23:49:ca:19:2a:14:e4:8c:ca:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Apr 30 15:57:21 2026 GMT
Not After : Apr 29 16:02:21 2027 GMT
Subject: CN=7FE6B40FBC171DB6617101B5DA1D8148BC6EB92E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1a:cb:47:04:a1:04:86:67:67:7a:84:73:d0:
a1:61:e8:31:00:28:c8:5f:6f:f5:c5:49:39:6e:99:
d2:f8:fb:1e:8c:ba:e8:a4:79:17:29:36:51:85:dd:
3e:46:d2:13:47:e4:1f:ee:ed:7c:91:1b:62:e3:87:
d6:1a:02:26:3d:a9:bf:52:fb:5a:e6:8c:c1:4b:d5:
1b:71:59:5e:f4:13:aa:05:ee:10:b9:ea:82:59:41:
1d:d9:9e:a1:4e:9e:e4:07:32:6b:36:d4:ae:1d:89:
73:46:8a:4b:8f:ce:38:ff:3f:3a:77:78:40:e4:5d:
b5:f6:a2:ed:67:f6:59:60:c4:3d:36:0c:52:4d:fd:
3c:ab:6a:8f:ef:a0:65:78:03:ef:86:a1:45:f6:45:
dd:2d:6a:6c:5c:d7:bf:8d:b7:c9:89:9d:ed:61:46:
e8:ab:2d:82:aa:ed:d4:fc:e1:42:27:e6:d8:a9:c8:
5e:47:bd:4f:39:ae:c8:df:ea:37:87:f7:9b:2a:ee:
f8:d8:d3:ff:65:66:9c:e0:99:a8:b3:5c:fa:09:2e:
3d:f2:95:72:0b:e3:93:e0:3d:0c:6c:aa:b5:68:c9:
e6:77:1e:00:10:25:f0:ad:75:4f:ea:9b:02:1a:6c:
e6:67:8e:67:05:f0:e5:f2:0c:d1:ef:5d:82:49:e4:
d9:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:E6:B4:0F:BC:17:1D:B6:61:71:01:B5:DA:1D:81:48:BC:6E:B9:2E
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/39322e3131392e31332e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.13.0/24
Signature Algorithm: sha256WithRSAEncryption
38:d1:0b:40:39:22:87:53:98:21:cb:99:87:5e:64:8b:99:39:
c9:37:cd:37:7c:0c:b8:9d:f2:48:c9:a0:eb:13:7e:52:bf:02:
a0:6e:dd:cb:d8:25:3e:ce:84:b7:e9:a0:8a:33:13:33:94:5e:
2f:91:a0:c6:1a:de:60:b3:34:48:75:95:62:a8:4a:ea:11:b7:
69:16:98:2c:74:8c:ff:45:7a:8a:7b:81:f3:28:99:c4:b5:39:
fa:7d:16:35:38:66:ce:b8:62:bb:88:08:a6:a7:61:e4:99:7a:
29:46:8c:6f:50:9e:bf:6a:a6:c7:e0:60:b4:98:0f:d8:7b:1c:
0a:a0:9e:0f:5a:24:6e:90:1d:d9:72:b6:be:73:0c:a2:f0:a5:
16:03:ed:5b:4f:08:25:36:aa:2b:09:c9:67:21:83:b9:f8:9f:
9c:e8:7d:20:ea:a6:69:e8:b8:90:ff:1b:ca:95:32:f1:b4:83:
b3:3b:96:5e:38:9a:e3:4d:53:e6:4d:2c:5a:3c:b0:00:8b:19:
61:ff:fd:77:48:1b:e3:64:14:70:ec:b4:4f:c2:4c:3d:90:e6:
1c:87:4c:ad:60:f6:35:4c:bc:53:01:56:9e:a5:55:39:b9:47:
11:62:99:15:a1:77:c0:de:ee:12:28:16:8e:5c:41:a5:43:5a:
57:f4:88:54
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUfkQ9J3J54eF80CNJyhkqFOSMyrgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjA0MzAxNTU3MjFaFw0yNzA0MjkxNjAyMjFaMDMxMTAvBgNV
BAMTKDdGRTZCNDBGQkMxNzFEQjY2MTcxMDFCNURBMUQ4MTQ4QkM2RUI5MkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBGstHBKEEhmdneoRz0KFh6DEA
KMhfb/XFSTlumdL4+x6MuuikeRcpNlGF3T5G0hNH5B/u7XyRG2Ljh9YaAiY9qb9S
+1rmjMFL1RtxWV70E6oF7hC56oJZQR3ZnqFOnuQHMms21K4diXNGikuPzjj/Pzp3
eEDkXbX2ou1n9llgxD02DFJN/Tyrao/voGV4A++GoUX2Rd0tamxc17+Nt8mJne1h
RuirLYKq7dT84UIn5tipyF5HvU85rsjf6jeH95sq7vjY0/9lZpzgmaizXPoJLj3y
lXIL45PgPQxsqrVoyeZ3HgAQJfCtdU/qmwIabOZnjmcF8OXyDNHvXYJJ5NnvAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUf+a0D7wXHbZhcQG12h2BSLxuuS4wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzkzMjJlMzEzMTM5MmUzMTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMTMzMzEzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFx3
DTANBgkqhkiG9w0BAQsFAAOCAQEAONELQDkih1OYIcuZh15ki5k5yTfNN3wMuJ3y
SMmg6xN+Ur8CoG7dy9glPs6Et+mgijMTM5ReL5GgxhreYLM0SHWVYqhK6hG3aRaY
LHSM/0V6inuB8yiZxLU5+n0WNThmzrhiu4gIpqdh5Jl6KUaMb1Cev2qmx+BgtJgP
2HscCqCeD1okbpAd2XK2vnMMovClFgPtW08IJTaqKwnJZyGDufifnOh9IOqmaei4
kP8bypUy8bSDszuWXjia401T5k0sWjywAIsZYf/9d0gb42QUcOy0T8JMPZDmHIdM
rWD2NUy8UwFWnqVVOblHEWKZFaF3wN7uEigWjlxBpUNaV/SIVA==
-----END CERTIFICATE-----
Generated at Wed May 13 04:47:17 2026 by rpki-client