Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233382e302f32342d3234203d3e203438303730.roa
File: 39342e3132362e3233382e302f32342d3234203d3e203438303730.roa (raw, json)
Hash identifier: CARYe+8m35x6yuJ4IaE8NVFGHHdS99rzbE18vdTuqeE=
Subject key identifier: B1:B6:B8:3D:0D:7C:55:86:6C:22:E4:4D:37:4F:0B:BA:CD:E8:2B:E6
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 609AC2F8941EF95843554D1C1614A483B7E561F1
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233382e302f32342d3234203d3e203438303730.roa
Signing time: Tue 28 Apr 2026 16:07:17 +0000
ROA not before: Tue 28 Apr 2026 16:02:17 +0000
ROA not after: Tue 27 Apr 2027 16:07:17 +0000
asID: 48070
IP address blocks: 94.126.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:9a:c2:f8:94:1e:f9:58:43:55:4d:1c:16:14:a4:83:b7:e5:61:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Apr 28 16:02:17 2026 GMT
Not After : Apr 27 16:07:17 2027 GMT
Subject: CN=B1B6B83D0D7C55866C22E44D374F0BBACDE82BE6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:e0:19:77:7e:1f:7c:fd:60:e0:ba:53:d5:a7:
90:c8:da:0a:d3:d3:b8:b9:3f:31:bc:71:6f:0b:1a:
99:7c:c7:54:84:1d:87:0c:c9:db:50:e7:72:52:19:
09:b2:f5:4d:18:df:73:ff:85:93:cf:23:3b:59:09:
1a:51:98:ba:2a:80:08:7c:9e:61:15:74:2b:60:84:
35:96:e1:dd:59:dd:b9:27:83:9b:8f:87:65:2c:b1:
47:31:7b:a8:71:11:3b:73:8e:85:a6:9e:65:91:7c:
d7:b2:ca:03:57:7a:fb:c9:52:68:07:5d:32:da:4f:
d4:5a:eb:4f:6e:9f:de:9d:3c:95:c4:21:0c:c4:48:
2b:52:b6:17:ab:c4:2d:4b:ad:7a:4b:e5:bd:7e:e9:
dc:cd:40:82:9f:6a:30:94:83:29:f3:b8:b8:e2:56:
d3:a5:63:3d:41:99:e2:4b:15:ed:54:c5:57:80:64:
5d:8e:82:c0:2d:35:db:d8:f6:9b:07:91:c8:dd:17:
95:c7:80:55:97:60:91:2f:3a:c4:ea:b4:b2:5b:5c:
b3:72:1c:eb:c8:13:05:65:6a:da:c2:06:56:53:68:
87:0b:cf:85:eb:2c:ba:7f:5b:44:4f:73:f7:fa:d4:
86:ff:d5:6f:f1:a0:f2:73:a4:c0:18:c6:cd:f6:b7:
76:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:B6:B8:3D:0D:7C:55:86:6C:22:E4:4D:37:4F:0B:BA:CD:E8:2B:E6
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233382e302f32342d3234203d3e203438303730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.126.238.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:9f:41:3d:a6:bf:41:3e:a6:e7:2f:7f:9c:90:1b:e4:5a:cd:
ff:02:6f:42:fa:67:9d:76:48:d0:25:00:32:a0:86:64:07:77:
a1:1b:18:c9:54:f7:73:98:d6:dc:ad:df:98:d3:80:6f:be:ad:
0c:55:e9:6b:a1:e2:7f:24:3a:4e:4f:e3:b9:ca:ff:db:48:dc:
7a:23:c1:33:21:04:02:d5:cb:9f:35:ee:fc:52:21:96:d1:4c:
b6:be:15:dd:81:9f:45:c9:9f:38:ae:4d:e2:a2:ce:18:59:47:
55:c9:39:96:0e:c4:97:bc:ab:75:7d:c9:c6:f7:77:9a:a1:e2:
2f:7b:d8:d2:a4:be:b3:f3:60:b8:4e:85:04:36:f3:73:82:67:
27:b9:c3:47:2d:d5:a4:70:19:30:1e:4c:a3:50:4c:1e:8e:60:
1e:fc:81:c9:51:eb:27:60:fb:37:6c:d6:93:61:e7:2e:a3:8b:
93:c9:be:fe:60:a4:a6:a6:02:70:49:3a:9c:a4:f0:73:58:96:
38:ee:97:da:01:17:1e:9f:5d:56:fa:98:d0:72:3f:36:6b:8f:
0d:07:6b:cc:97:9a:bb:e6:13:91:93:9f:67:2a:ba:11:fd:09:
4a:c0:f1:19:39:70:a5:14:ed:7f:5a:0b:b3:23:46:b2:07:2a:
82:d3:44:ce
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYJrC+JQe+VhDVU0cFhSkg7flYfEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNjA0MjgxNjAyMTdaFw0yNzA0MjcxNjA3MTdaMDMxMTAvBgNV
BAMTKEIxQjZCODNEMEQ3QzU1ODY2QzIyRTQ0RDM3NEYwQkJBQ0RFODJCRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo4Bl3fh98/WDgulPVp5DI2grT
07i5PzG8cW8LGpl8x1SEHYcMydtQ53JSGQmy9U0Y33P/hZPPIztZCRpRmLoqgAh8
nmEVdCtghDWW4d1Z3bkng5uPh2UssUcxe6hxETtzjoWmnmWRfNeyygNXevvJUmgH
XTLaT9Ra609un96dPJXEIQzESCtStherxC1LrXpL5b1+6dzNQIKfajCUgynzuLji
VtOlYz1BmeJLFe1UxVeAZF2OgsAtNdvY9psHkcjdF5XHgFWXYJEvOsTqtLJbXLNy
HOvIEwVlatrCBlZTaIcLz4XrLLp/W0RPc/f61Ib/1W/xoPJzpMAYxs32t3aXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUsba4PQ18VYZsIuRNN08Lus3oK+YwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzkzNDJlMzEzMjM2MmUzMjMz
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM4MzAzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Xn7uMA0GCSqGSIb3DQEBCwUAA4IBAQAcn0E9pr9BPqbnL3+ckBvkWs3/Am9C+med
dkjQJQAyoIZkB3ehGxjJVPdzmNbcrd+Y04Bvvq0MVelroeJ/JDpOT+O5yv/bSNx6
I8EzIQQC1cufNe78UiGW0Uy2vhXdgZ9FyZ84rk3ios4YWUdVyTmWDsSXvKt1fcnG
93eaoeIve9jSpL6z82C4ToUENvNzgmcnucNHLdWkcBkwHkyjUEwejmAe/IHJUesn
YPs3bNaTYecuo4uTyb7+YKSmpgJwSTqcpPBzWJY47pfaARcen11W+pjQcj82a48N
B2vMl5q75hORk59nKroR/QlKwPEZOXClFO1/WguzI0ayByqC00TO
-----END CERTIFICATE-----
Generated at Wed May 13 06:06:33 2026 by rpki-client