Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233332e302f32342d3234203d3e203438303730.roa
File: 39342e3132362e3233332e302f32342d3234203d3e203438303730.roa (raw, json)
Hash identifier: RhOarzjbzannXSp5iT4H//E19jFxENFr3k1RH9wI878=
Subject key identifier: E3:E7:D3:72:79:72:EA:FB:14:C5:F9:6F:9E:DA:FB:56:F7:FF:F4:8B
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 04B0B7395EE50EAA04F1108B3EDA94BDECA8F2BA
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233332e302f32342d3234203d3e203438303730.roa
Signing time: Tue 28 Apr 2026 16:07:17 +0000
ROA not before: Tue 28 Apr 2026 16:02:17 +0000
ROA not after: Tue 27 Apr 2027 16:07:17 +0000
asID: 48070
IP address blocks: 94.126.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 04:09:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:b0:b7:39:5e:e5:0e:aa:04:f1:10:8b:3e:da:94:bd:ec:a8:f2:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Apr 28 16:02:17 2026 GMT
Not After : Apr 27 16:07:17 2027 GMT
Subject: CN=E3E7D3727972EAFB14C5F96F9EDAFB56F7FFF48B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7f:cc:a3:34:eb:5d:df:ad:cc:8f:38:e1:b9:
2a:11:26:21:76:3c:18:b5:8c:9d:f3:29:03:d5:36:
c7:a0:98:71:9c:1f:ba:15:91:e4:40:a3:26:7a:9d:
3e:bd:8c:88:a9:83:38:80:ba:98:c5:ef:f3:0a:47:
85:cc:a1:ad:d9:32:a4:fd:38:95:b5:fd:2b:a9:97:
d5:2d:ef:8b:eb:e4:d0:1f:9d:bf:03:e3:d1:ea:6d:
c4:bb:03:8e:af:bc:50:67:1e:12:72:16:5f:dc:c3:
3d:b6:90:30:30:45:9a:fc:38:de:a0:00:97:48:6b:
d0:26:06:eb:cb:7e:29:37:75:a8:37:02:ba:f6:60:
cc:de:4f:1c:b7:47:e4:3d:53:a0:d8:c1:f9:01:ae:
e9:f8:70:88:7e:02:da:82:7a:41:9e:92:f3:1d:0f:
99:44:f3:5a:60:1b:96:61:f0:ae:a1:bf:11:fc:1d:
93:f3:b6:8d:bd:f7:0b:53:e6:75:69:75:1a:89:c7:
34:37:e6:c6:0c:8a:5e:31:5d:40:c8:64:9f:43:b7:
fb:66:2f:b2:91:33:16:67:d6:2f:c8:b4:10:54:43:
99:a8:25:db:18:53:21:d1:75:69:89:76:2d:28:4e:
c4:44:69:68:e6:0f:9e:72:04:82:11:a5:75:d2:7a:
de:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E7:D3:72:79:72:EA:FB:14:C5:F9:6F:9E:DA:FB:56:F7:FF:F4:8B
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233332e302f32342d3234203d3e203438303730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.126.233.0/24
Signature Algorithm: sha256WithRSAEncryption
32:ab:92:0d:07:e7:a9:02:95:f3:68:a8:3c:a2:c4:73:8b:ff:
a7:51:b5:ad:b9:78:83:07:71:74:39:45:72:c2:d4:a2:c5:ce:
fd:b1:8b:67:37:a0:b6:e2:e9:10:76:10:ff:e9:41:f0:3e:06:
c4:8e:e5:50:98:89:b0:5e:f7:f9:2b:b1:e4:ea:1e:31:9e:20:
71:38:95:13:4d:3f:9b:cc:95:0d:ec:f5:7d:2c:62:8e:70:c7:
88:86:1b:e1:1e:90:5e:04:52:d4:8f:a8:78:41:ef:9b:fb:07:
91:ec:b0:82:76:04:94:d7:91:cc:6c:99:00:aa:50:53:1f:d6:
93:c1:11:50:49:fb:bb:7d:55:d6:29:ef:bc:ec:fe:98:9a:d1:
8c:7d:12:ee:70:20:f7:43:0d:11:51:47:7d:d9:c1:96:0b:15:
57:a6:6f:ba:90:0a:d6:f5:5b:75:5d:7c:c4:ac:fe:79:c9:1a:
a1:d8:6f:b9:65:06:b0:1d:9c:51:6c:05:64:c9:a4:2a:82:2a:
72:0d:4f:22:0f:4f:82:07:c6:23:d7:c9:c8:8d:ef:6b:cc:7c:
15:30:84:fb:53:af:7d:22:34:df:39:87:98:26:25:3e:82:ff:
be:73:a7:b9:90:35:1e:bc:84:e7:86:47:53:15:c2:02:8c:ff:
db:7a:1d:6a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBLC3OV7lDqoE8RCLPtqUveyo8rowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNjA0MjgxNjAyMTdaFw0yNzA0MjcxNjA3MTdaMDMxMTAvBgNV
BAMTKEUzRTdEMzcyNzk3MkVBRkIxNEM1Rjk2RjlFREFGQjU2RjdGRkY0OEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtf8yjNOtd363MjzjhuSoRJiF2
PBi1jJ3zKQPVNsegmHGcH7oVkeRAoyZ6nT69jIipgziAupjF7/MKR4XMoa3ZMqT9
OJW1/Supl9Ut74vr5NAfnb8D49HqbcS7A46vvFBnHhJyFl/cwz22kDAwRZr8ON6g
AJdIa9AmBuvLfik3dag3Arr2YMzeTxy3R+Q9U6DYwfkBrun4cIh+AtqCekGekvMd
D5lE81pgG5Zh8K6hvxH8HZPzto299wtT5nVpdRqJxzQ35sYMil4xXUDIZJ9Dt/tm
L7KRMxZn1i/ItBBUQ5moJdsYUyHRdWmJdi0oTsREaWjmD55yBIIRpXXSet5lAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU4+fTcnly6vsUxflvntr7Vvf/9IswHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzkzNDJlMzEzMjM2MmUzMjMz
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM4MzAzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Xn7pMA0GCSqGSIb3DQEBCwUAA4IBAQAyq5INB+epApXzaKg8osRzi/+nUbWtuXiD
B3F0OUVywtSixc79sYtnN6C24ukQdhD/6UHwPgbEjuVQmImwXvf5K7Hk6h4xniBx
OJUTTT+bzJUN7PV9LGKOcMeIhhvhHpBeBFLUj6h4Qe+b+weR7LCCdgSU15HMbJkA
qlBTH9aTwRFQSfu7fVXWKe+87P6YmtGMfRLucCD3Qw0RUUd92cGWCxVXpm+6kArW
9Vt1XXzErP55yRqh2G+5ZQawHZxRbAVkyaQqgipyDU8iD0+CB8Yj18nIje9rzHwV
MIT7U699IjTfOYeYJiU+gv++c6e5kDUevITnhkdTFcICjP/beh1q
-----END CERTIFICATE-----
Generated at Tue May 12 21:31:03 2026 by rpki-client