Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233342e302f32342d3234203d3e203438303730.roa
File: 39342e3132362e3233342e302f32342d3234203d3e203438303730.roa (raw, json)
Hash identifier: q7oLAxgs51TKBPSOh3FzVwGR8YT0xHlaz5+7M646uzM=
Subject key identifier: 3A:AC:6E:F0:FD:E6:84:46:C7:86:CC:C1:E7:83:7A:EE:50:E7:C0:DE
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 2F48D184AD2ECB54D079889B85EA7BB04C002935
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233342e302f32342d3234203d3e203438303730.roa
Signing time: Tue 28 Apr 2026 16:07:17 +0000
ROA not before: Tue 28 Apr 2026 16:02:17 +0000
ROA not after: Tue 27 Apr 2027 16:07:17 +0000
asID: 48070
IP address blocks: 94.126.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:48:d1:84:ad:2e:cb:54:d0:79:88:9b:85:ea:7b:b0:4c:00:29:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Apr 28 16:02:17 2026 GMT
Not After : Apr 27 16:07:17 2027 GMT
Subject: CN=3AAC6EF0FDE68446C786CCC1E7837AEE50E7C0DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:17:c6:1e:00:eb:d4:d0:ab:19:36:b1:fc:71:
77:29:95:7e:83:84:2e:3f:ea:ec:76:2a:a2:b3:8c:
e7:9f:4f:b1:02:35:a1:7f:4b:eb:ea:b1:fe:13:49:
66:82:fd:22:b5:d0:82:6b:24:50:aa:34:ff:a7:20:
5f:9a:a2:21:f5:48:83:09:e7:c8:5c:d1:68:8b:70:
3e:7a:9a:8d:c8:2f:30:5c:bc:20:eb:70:19:94:8c:
b8:1b:b3:3a:6b:07:d5:8c:07:8a:b2:72:04:0b:7b:
2f:68:3e:04:69:aa:e9:d4:8d:13:e8:87:8c:b5:4f:
1c:77:59:38:8b:97:aa:a7:9f:7d:a5:3c:a2:59:a9:
2f:e6:2a:df:96:18:89:25:b4:33:cc:e8:4e:37:d4:
35:f9:d8:0e:a2:27:9f:76:03:a1:08:0a:11:84:59:
be:cb:e5:2b:87:d8:d6:fd:53:5b:80:62:c9:c0:ee:
76:72:54:ec:59:dd:13:4f:f0:9b:9e:27:b8:bf:ed:
b7:24:bc:6c:01:7d:d2:68:a0:7f:73:d1:91:60:58:
6e:72:a0:cf:ca:6f:9c:95:cb:91:05:c9:c3:00:07:
ac:77:a1:ad:ce:44:71:51:60:58:9b:e8:8f:5f:ff:
14:ed:81:26:13:78:46:9a:90:16:b3:09:38:1b:10:
6a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:AC:6E:F0:FD:E6:84:46:C7:86:CC:C1:E7:83:7A:EE:50:E7:C0:DE
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233342e302f32342d3234203d3e203438303730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.126.234.0/24
Signature Algorithm: sha256WithRSAEncryption
98:f3:3a:3a:f1:c1:ba:a1:f4:3c:e7:d3:70:f4:2b:a1:cc:83:
7a:5d:7b:cd:54:3f:c0:45:c1:f0:25:59:2c:23:be:5b:ed:f6:
ee:e6:09:d7:6b:e6:6e:c7:2c:8b:c2:b9:19:1d:da:58:b3:f1:
3e:6a:b3:fe:c0:79:b1:9f:12:90:a8:c5:4f:e5:87:82:fc:20:
92:c0:2d:c4:e8:ba:ae:a8:48:2b:35:1e:9f:c7:64:aa:fe:0d:
21:9d:79:8e:06:ec:f8:d5:72:b3:40:eb:27:41:f1:68:6d:21:
0b:e2:b9:f3:66:ab:2f:fc:de:4a:e6:e9:69:06:3b:fc:72:52:
67:15:60:ea:5e:e9:c5:d4:9f:a0:71:b3:53:50:2b:4b:77:7a:
5c:b9:6c:52:25:8e:a5:ce:fc:c6:e7:5b:a4:eb:4f:fc:66:b4:
cb:da:5a:e1:92:c9:e3:40:61:53:ea:6c:91:21:04:fc:7d:56:
1b:ec:43:9e:36:57:64:57:02:c1:c7:37:03:41:7c:31:1f:24:
db:5f:ec:86:1b:eb:7f:7a:5c:a9:e8:4f:94:8a:0e:6b:46:49:
25:52:78:4d:a9:15:4c:d6:c7:4b:5e:eb:2f:c9:44:04:6f:a4:
70:c8:72:9c:5f:05:02:c2:7a:61:63:bf:b4:4e:5c:4a:1f:d3:
42:6c:8e:ea
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUL0jRhK0uy1TQeYibhep7sEwAKTUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNjA0MjgxNjAyMTdaFw0yNzA0MjcxNjA3MTdaMDMxMTAvBgNV
BAMTKDNBQUM2RUYwRkRFNjg0NDZDNzg2Q0NDMUU3ODM3QUVFNTBFN0MwREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4F8YeAOvU0KsZNrH8cXcplX6D
hC4/6ux2KqKzjOefT7ECNaF/S+vqsf4TSWaC/SK10IJrJFCqNP+nIF+aoiH1SIMJ
58hc0WiLcD56mo3ILzBcvCDrcBmUjLgbszprB9WMB4qycgQLey9oPgRpqunUjRPo
h4y1Txx3WTiLl6qnn32lPKJZqS/mKt+WGIkltDPM6E431DX52A6iJ592A6EIChGE
Wb7L5SuH2Nb9U1uAYsnA7nZyVOxZ3RNP8JueJ7i/7bckvGwBfdJooH9z0ZFgWG5y
oM/Kb5yVy5EFycMAB6x3oa3ORHFRYFib6I9f/xTtgSYTeEaakBazCTgbEGqzAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUOqxu8P3mhEbHhszB54N67lDnwN4wHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzkzNDJlMzEzMjM2MmUzMjMz
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM4MzAzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Xn7qMA0GCSqGSIb3DQEBCwUAA4IBAQCY8zo68cG6ofQ859Nw9CuhzIN6XXvNVD/A
RcHwJVksI75b7fbu5gnXa+ZuxyyLwrkZHdpYs/E+arP+wHmxnxKQqMVP5YeC/CCS
wC3E6LquqEgrNR6fx2Sq/g0hnXmOBuz41XKzQOsnQfFobSEL4rnzZqsv/N5K5ulp
Bjv8clJnFWDqXunF1J+gcbNTUCtLd3pcuWxSJY6lzvzG51uk60/8ZrTL2lrhksnj
QGFT6myRIQT8fVYb7EOeNldkVwLBxzcDQXwxHyTbX+yGG+t/elyp6E+Uig5rRkkl
UnhNqRVM1sdLXusvyUQEb6RwyHKcXwUCwnphY7+0TlxKH9NCbI7q
-----END CERTIFICATE-----
Generated at Wed May 13 03:09:09 2026 by rpki-client