Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136372e302f32342d3234203d3e203239383032.roa
File: 39352e3136392e3136372e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: StWFAV1ktsHSXaR84IkdQxGhH1pdr8IbInj7fnowEwI=
Subject key identifier: 4A:5E:79:56:89:CD:12:18:3C:61:FD:78:0C:9A:B0:E5:F8:A4:28:FB
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 6F88865F268F720F5C31716CAEFA2EF4797F4408
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136372e302f32342d3234203d3e203239383032.roa
Signing time: Wed 13 Aug 2025 15:54:13 +0000
ROA not before: Wed 13 Aug 2025 15:49:13 +0000
ROA not after: Wed 12 Aug 2026 15:54:13 +0000
asID: 29802
IP address blocks: 95.169.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 04:48:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:88:86:5f:26:8f:72:0f:5c:31:71:6c:ae:fa:2e:f4:79:7f:44:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: Aug 13 15:49:13 2025 GMT
Not After : Aug 12 15:54:13 2026 GMT
Subject: CN=4A5E795689CD12183C61FD780C9AB0E5F8A428FB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8d:7d:89:a9:6d:02:9e:cb:39:b8:0e:78:8d:
1c:78:d7:15:cb:a8:b8:99:db:b5:2e:51:0b:1f:20:
bd:b4:7e:6e:7e:34:8b:9e:d6:b4:58:f2:87:da:e4:
66:dc:dc:74:70:7a:98:b1:31:00:4e:7b:70:c5:2e:
1b:ce:2d:83:ee:1e:07:23:a2:97:8a:1a:16:1c:19:
a8:45:b5:fe:a7:79:e7:2f:8f:b2:48:20:dc:14:c5:
4c:8a:5d:df:08:82:1e:1d:cd:09:74:af:2f:80:0c:
1b:97:d9:52:62:4d:28:43:02:34:82:07:c9:eb:04:
07:36:3c:3f:0e:93:dd:9e:67:b0:c9:43:67:f1:f5:
a6:d6:d1:a5:fe:a4:c9:a3:95:2b:ef:15:04:d3:f3:
9f:58:00:ae:09:6a:19:0a:4d:6d:5b:cd:51:d3:a9:
b1:2e:51:84:ba:b6:19:3a:c0:6e:34:3b:47:12:47:
14:2b:c1:7f:dd:46:0d:e6:9e:d6:5b:06:59:f9:d2:
8a:15:6f:58:dd:bb:29:8e:86:73:33:05:81:46:75:
a4:fd:05:f4:bd:14:61:7a:19:4d:e9:4d:22:4b:f1:
f6:c0:1c:1b:81:f6:cf:ae:cd:68:d6:1b:06:f5:9c:
62:6f:9b:b4:62:76:f8:d5:b1:d8:91:f0:e0:9a:c0:
54:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:5E:79:56:89:CD:12:18:3C:61:FD:78:0C:9A:B0:E5:F8:A4:28:FB
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136372e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.167.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:1a:4c:d0:8f:2b:99:67:1e:b3:f6:47:f6:a7:ed:f6:97:98:
0c:f3:8d:f5:76:58:fe:30:71:69:99:dd:24:75:89:a6:10:8b:
46:1d:2a:e1:a9:15:cb:3a:2a:bb:1f:2f:0e:96:59:66:db:3d:
30:75:16:c3:2a:3b:a0:cd:2b:30:8e:55:83:97:61:29:64:f2:
40:49:0e:e0:18:16:b0:c7:e8:7b:ce:12:5e:64:92:03:20:ce:
18:20:0b:93:47:de:b7:d3:cf:d1:c3:8b:ac:e0:76:65:1b:ee:
8a:3f:28:72:66:fc:6e:d1:04:3c:33:ba:26:12:4e:ef:8f:b5:
dc:f9:ca:56:25:62:bb:8c:67:b2:62:5c:05:e4:87:b8:bb:42:
a2:a9:4c:d7:92:29:07:23:52:15:a6:44:52:de:be:67:6b:3a:
1f:7a:42:72:b8:93:4d:78:eb:97:4f:ee:d5:5d:5b:73:ab:40:
14:41:ba:a2:6d:8b:21:cb:f8:ce:d9:bb:bd:e1:b8:61:d9:ba:
cd:f2:ed:67:68:51:d0:8c:41:a5:33:67:9f:f2:30:d2:47:0c:
aa:f8:06:0b:7a:e1:bf:40:ad:21:4b:8d:f3:09:77:ef:8e:dd:
65:95:44:68:a4:c7:21:0e:eb:66:31:a4:88:d9:e9:e6:ef:9e:
49:93:ed:bd
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUb4iGXyaPcg9cMXFsrvou9Hl/RAgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNTA4MTMxNTQ5MTNaFw0yNjA4MTIxNTU0MTNaMDMxMTAvBgNV
BAMTKDRBNUU3OTU2ODlDRDEyMTgzQzYxRkQ3ODBDOUFCMEU1RjhBNDI4RkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4jX2JqW0Cnss5uA54jRx41xXL
qLiZ27UuUQsfIL20fm5+NIue1rRY8ofa5Gbc3HRwepixMQBOe3DFLhvOLYPuHgcj
opeKGhYcGahFtf6neecvj7JIINwUxUyKXd8Igh4dzQl0ry+ADBuX2VJiTShDAjSC
B8nrBAc2PD8Ok92eZ7DJQ2fx9abW0aX+pMmjlSvvFQTT859YAK4JahkKTW1bzVHT
qbEuUYS6thk6wG40O0cSRxQrwX/dRg3mntZbBln50ooVb1jduymOhnMzBYFGdaT9
BfS9FGF6GU3pTSJL8fbAHBuB9s+uzWjWGwb1nGJvm7RidvjVsdiR8OCawFQzAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUSl55VonNEhg8Yf14DJqw5fikKPswHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM2
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM5MzgzMDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X6mnMA0GCSqGSIb3DQEBCwUAA4IBAQCLGkzQjyuZZx6z9kf2p+32l5gM8431dlj+
MHFpmd0kdYmmEItGHSrhqRXLOiq7Hy8Olllm2z0wdRbDKjugzSswjlWDl2EpZPJA
SQ7gGBawx+h7zhJeZJIDIM4YIAuTR96308/Rw4us4HZlG+6KPyhyZvxu0QQ8M7om
Ek7vj7Xc+cpWJWK7jGeyYlwF5Ie4u0KiqUzXkikHI1IVpkRS3r5nazofekJyuJNN
eOuXT+7VXVtzq0AUQbqibYshy/jO2bu94bhh2brN8u1naFHQjEGlM2ef8jDSRwyq
+AYLeuG/QK0hS43zCXfvjt1llURopMchDutmMaSI2enm755Jk+29
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:08:36 2025 by rpki-client