Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/39322e3131392e31332e302f32342d3234203d3e20383334.roa
File: 39322e3131392e31332e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: vktNkIbjhDRuE4KHYlfA1A7DLE1oDx7DF93lB2464Bo=
Subject key identifier: CA:48:98:83:13:58:61:5D:57:A6:C3:84:28:FA:AF:FB:9C:BB:51:E4
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 71E4C36030751BB8D6E5F7FD5408476EB7A6BE7B
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/39322e3131392e31332e302f32342d3234203d3e20383334.roa
Signing time: Thu 19 Mar 2026 16:05:26 +0000
ROA not before: Thu 19 Mar 2026 16:00:26 +0000
ROA not after: Thu 18 Mar 2027 16:05:26 +0000
asID: 834
IP address blocks: 92.119.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 17:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:e4:c3:60:30:75:1b:b8:d6:e5:f7:fd:54:08:47:6e:b7:a6:be:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 19 16:00:26 2026 GMT
Not After : Mar 18 16:05:26 2027 GMT
Subject: CN=CA4898831358615D57A6C38428FAAFFB9CBB51E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d6:a8:72:a4:da:6c:53:49:3d:ae:bf:44:78:
27:af:e1:73:ad:28:a7:de:3d:45:c0:07:2d:b6:9f:
60:1d:ac:77:e9:8a:f5:64:aa:4f:55:7f:bb:1a:ff:
a5:46:36:d6:f6:47:ba:e6:d2:df:3d:58:14:5f:87:
99:e4:76:29:ef:4a:29:f4:44:16:51:31:59:08:6e:
a4:2b:c6:ea:f5:94:58:fe:85:0b:b2:b5:7d:1e:16:
e4:69:e2:d1:b9:ce:b2:33:74:99:8c:e4:d6:5a:e8:
fa:26:93:e7:d4:6e:ef:aa:80:38:5e:bd:c7:8b:a6:
e7:a0:af:1f:e0:36:96:b7:39:39:e1:45:78:c9:a9:
73:ae:8c:0d:91:64:e9:b0:d5:0d:b1:f7:fe:c4:4a:
c5:d1:4d:56:c0:1e:65:e3:bc:00:ef:f7:3c:5a:36:
7e:c6:8b:2f:b6:8d:43:52:89:be:84:44:3d:56:a0:
40:58:34:d1:1c:f4:67:80:0e:56:69:93:eb:1b:82:
5f:84:bd:5c:ab:49:15:11:4c:41:f5:e0:b7:58:87:
23:a2:c4:5b:08:69:72:4b:72:a8:ae:9f:92:e2:7e:
c5:9c:01:89:b7:55:0e:cc:e3:b3:c3:62:24:e9:4a:
7c:81:70:43:46:d1:4f:ed:0b:25:8a:3b:09:25:5d:
e7:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:48:98:83:13:58:61:5D:57:A6:C3:84:28:FA:AF:FB:9C:BB:51:E4
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/39322e3131392e31332e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.13.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:cd:23:0c:b2:8b:2c:8b:84:35:92:ef:c2:bb:f2:72:ca:53:
9a:f5:d1:f2:ee:96:78:83:75:09:5a:d7:a6:69:31:fc:d7:27:
b1:86:d0:5e:52:ba:4d:27:57:b6:2c:40:0c:8a:01:01:16:c2:
b3:32:f6:59:3c:3d:82:c7:ef:a8:f0:04:76:41:ac:71:76:2c:
e4:71:80:1f:ac:8f:4d:34:ab:40:15:8b:ca:91:45:3a:d7:f7:
69:7d:b4:dc:e9:95:0f:43:db:67:81:1c:dd:7b:95:51:a1:1f:
de:91:20:b8:2d:b8:cc:00:95:5b:06:df:28:db:7b:fc:34:2f:
6e:91:c9:02:29:ca:30:41:33:b5:09:7e:9c:7c:af:a7:e2:c8:
8c:c9:a9:de:69:99:19:48:44:69:3d:83:2b:b2:4b:53:e6:80:
8c:c2:93:6d:54:1a:bd:34:f6:36:12:7a:73:04:8a:51:a0:a9:
78:2d:75:a9:5b:59:0b:b9:99:3f:70:1b:bc:bb:57:7a:76:45:
27:44:f4:dc:ff:67:29:98:0f:a9:31:85:18:6d:5a:5b:1f:12:
79:c1:8b:f3:95:0a:37:d4:44:a3:22:bb:b2:99:0f:29:89:6d:
a3:18:b7:77:8f:04:80:56:1a:9e:c1:77:51:b2:a2:3b:55:1e:
a6:fe:db:15
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUceTDYDB1G7jW5ff9VAhHbremvnswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjAzMTkxNjAwMjZaFw0yNzAzMTgxNjA1MjZaMDMxMTAvBgNV
BAMTKENBNDg5ODgzMTM1ODYxNUQ1N0E2QzM4NDI4RkFBRkZCOUNCQjUxRTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC41qhypNpsU0k9rr9EeCev4XOt
KKfePUXABy22n2AdrHfpivVkqk9Vf7sa/6VGNtb2R7rm0t89WBRfh5nkdinvSin0
RBZRMVkIbqQrxur1lFj+hQuytX0eFuRp4tG5zrIzdJmM5NZa6Pomk+fUbu+qgDhe
vceLpuegrx/gNpa3OTnhRXjJqXOujA2RZOmw1Q2x9/7ESsXRTVbAHmXjvADv9zxa
Nn7Giy+2jUNSib6ERD1WoEBYNNEc9GeADlZpk+sbgl+EvVyrSRURTEH14LdYhyOi
xFsIaXJLcqiun5LifsWcAYm3VQ7M47PDYiTpSnyBcENG0U/tCyWKOwklXecNAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUykiYgxNYYV1XpsOEKPqv+5y7UeQwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzkzMjJlMzEzMTM5MmUzMTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHcNMA0G
CSqGSIb3DQEBCwUAA4IBAQBczSMMsossi4Q1ku/Cu/JyylOa9dHy7pZ4g3UJWtem
aTH81yexhtBeUrpNJ1e2LEAMigEBFsKzMvZZPD2Cx++o8AR2QaxxdizkcYAfrI9N
NKtAFYvKkUU61/dpfbTc6ZUPQ9tngRzde5VRoR/ekSC4LbjMAJVbBt8o23v8NC9u
kckCKcowQTO1CX6cfK+n4siMyaneaZkZSERpPYMrsktT5oCMwpNtVBq9NPY2Enpz
BIpRoKl4LXWpW1kLuZk/cBu8u1d6dkUnRPTc/2cpmA+pMYUYbVpbHxJ5wYvzlQo3
1ESjIruymQ8piW2jGLd3jwSAVhqewXdRsqI7VR6m/tsV
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:12:37 2026 by rpki-client