Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233392e302f32342d3234203d3e203438303730.roa
File: 39342e3132362e3233392e302f32342d3234203d3e203438303730.roa (raw, json)
Hash identifier: vDAXuGHyeNY2jD5RhCiD3jAqscVMZeED2yLzuLCQIEU=
Subject key identifier: 06:11:92:F1:20:69:88:82:67:6A:CC:82:04:94:85:38:68:85:09:A0
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 604BE230D40E773C433CE91F23BEE29056CA96C1
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233392e302f32342d3234203d3e203438303730.roa
Signing time: Tue 28 Apr 2026 16:07:18 +0000
ROA not before: Tue 28 Apr 2026 16:02:18 +0000
ROA not after: Tue 27 Apr 2027 16:07:18 +0000
asID: 48070
IP address blocks: 94.126.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:4b:e2:30:d4:0e:77:3c:43:3c:e9:1f:23:be:e2:90:56:ca:96:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Apr 28 16:02:18 2026 GMT
Not After : Apr 27 16:07:18 2027 GMT
Subject: CN=061192F120698882676ACC8204948538688509A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e8:a2:20:c2:e8:09:4b:68:61:ec:f1:7c:99:
cc:fa:9b:72:d6:5e:2f:e7:65:a8:e8:41:98:fe:ff:
38:ba:d1:34:bc:a5:b8:36:e1:6f:e9:6d:d4:84:11:
75:4b:95:25:c1:a1:bc:15:35:58:44:15:2f:41:6a:
af:4b:d8:66:56:0a:89:3e:45:9b:1a:0e:d5:24:65:
47:88:b6:0a:cc:bf:82:63:6b:19:ec:a4:4c:ab:b9:
ff:88:4c:10:72:72:dc:94:8c:f3:66:e5:59:ed:da:
78:c8:03:5b:08:3c:1d:7d:4e:fa:8d:d1:c8:1d:51:
16:be:0a:a9:97:84:7b:09:c3:9c:fd:0d:1b:32:15:
9f:b5:ae:65:82:a6:e4:af:c6:ad:7b:61:11:45:94:
4e:7c:e8:29:8a:92:3a:96:d4:af:cb:37:83:af:32:
79:4f:76:54:c0:f5:5b:4c:2f:e7:95:ea:4a:eb:81:
9f:58:b2:8b:e4:05:0e:fa:4b:25:30:80:42:f9:b2:
46:7f:d0:d0:32:78:ce:c0:fb:74:02:0d:fa:86:15:
91:e1:16:20:6e:e2:ff:87:1e:45:f8:f1:b9:d1:6e:
c2:71:c8:6d:ca:41:77:d8:66:c0:dd:24:b2:e1:15:
4f:e6:a4:0f:b3:2f:01:51:d7:04:4f:dc:0b:da:72:
57:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:11:92:F1:20:69:88:82:67:6A:CC:82:04:94:85:38:68:85:09:A0
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233392e302f32342d3234203d3e203438303730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.126.239.0/24
Signature Algorithm: sha256WithRSAEncryption
02:b0:24:03:aa:15:9a:a6:d9:f1:10:3e:58:13:55:7e:4c:25:
ac:ae:8e:c7:f4:ac:46:57:11:93:2f:65:b2:65:fa:de:46:b5:
db:7c:cc:93:af:cc:80:3f:8b:80:ff:98:36:3c:3f:94:49:c2:
7b:d4:88:1e:b6:45:9f:9f:31:de:8f:e4:b5:9a:47:64:46:e1:
19:b7:8c:4b:cd:73:06:f3:bf:97:c1:61:9b:9c:7b:6f:31:ca:
2c:89:98:8a:d8:5e:0e:7a:2e:4f:f4:2e:94:0a:80:b8:a8:e2:
da:0e:26:db:af:08:5b:5d:49:fb:87:e1:48:d1:df:2b:2c:fa:
b3:95:4f:c0:2e:f2:44:ee:25:ae:3a:25:5b:c3:21:25:ff:86:
aa:24:a6:5f:8c:ca:93:08:42:41:d9:da:d5:fd:04:d3:7c:cb:
f8:52:0e:22:51:3d:1d:03:59:59:e5:3b:b8:bf:7c:dd:4a:20:
4c:23:61:ac:52:6a:ff:8f:20:25:8f:56:6a:85:a7:b7:a0:61:
67:6c:44:20:55:6e:5e:49:67:47:cd:3d:10:ac:79:5e:ab:48:
11:7a:2e:f3:27:ec:12:42:a4:75:b8:e7:0f:e8:6b:71:fe:3b:
38:20:34:40:11:92:51:27:73:00:e6:a3:8f:62:04:ec:e5:bd:
64:57:d6:59
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYEviMNQOdzxDPOkfI77ikFbKlsEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNjA0MjgxNjAyMThaFw0yNzA0MjcxNjA3MThaMDMxMTAvBgNV
BAMTKDA2MTE5MkYxMjA2OTg4ODI2NzZBQ0M4MjA0OTQ4NTM4Njg4NTA5QTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC86KIgwugJS2hh7PF8mcz6m3LW
Xi/nZajoQZj+/zi60TS8pbg24W/pbdSEEXVLlSXBobwVNVhEFS9Baq9L2GZWCok+
RZsaDtUkZUeItgrMv4JjaxnspEyruf+ITBByctyUjPNm5Vnt2njIA1sIPB19TvqN
0cgdURa+CqmXhHsJw5z9DRsyFZ+1rmWCpuSvxq17YRFFlE586CmKkjqW1K/LN4Ov
MnlPdlTA9VtML+eV6krrgZ9YsovkBQ76SyUwgEL5skZ/0NAyeM7A+3QCDfqGFZHh
FiBu4v+HHkX48bnRbsJxyG3KQXfYZsDdJLLhFU/mpA+zLwFR1wRP3Avacld9AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUBhGS8SBpiIJnasyCBJSFOGiFCaAwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzkzNDJlMzEzMjM2MmUzMjMz
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM4MzAzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Xn7vMA0GCSqGSIb3DQEBCwUAA4IBAQACsCQDqhWaptnxED5YE1V+TCWsro7H9KxG
VxGTL2WyZfreRrXbfMyTr8yAP4uA/5g2PD+UScJ71IgetkWfnzHej+S1mkdkRuEZ
t4xLzXMG87+XwWGbnHtvMcosiZiK2F4Oei5P9C6UCoC4qOLaDibbrwhbXUn7h+FI
0d8rLPqzlU/ALvJE7iWuOiVbwyEl/4aqJKZfjMqTCEJB2drV/QTTfMv4Ug4iUT0d
A1lZ5Tu4v3zdSiBMI2GsUmr/jyAlj1Zqhae3oGFnbEQgVW5eSWdHzT0QrHleq0gR
ei7zJ+wSQqR1uOcP6Gtx/js4IDRAEZJRJ3MA5qOPYgTs5b1kV9ZZ
-----END CERTIFICATE-----
Generated at Wed May 13 04:55:44 2026 by rpki-client