Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136382e302f32342d3234203d3e20313432313436.roa
File: 39352e3136392e3136382e302f32342d3234203d3e20313432313436.roa (raw, json)
Hash identifier: X8gBNG0CANPabuUX1SAhdfr40eAzyS9DOY/a1K3Vj0A=
Subject key identifier: E5:AF:2B:F2:8A:B0:50:F0:5D:2B:5B:28:B9:3A:FA:C8:40:CF:00:43
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 18808ED158975E314EA4C10086092F84697C7517
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136382e302f32342d3234203d3e20313432313436.roa
Signing time: Mon 11 May 2026 03:47:11 +0000
ROA not before: Mon 11 May 2026 03:42:11 +0000
ROA not after: Mon 10 May 2027 03:47:11 +0000
asID: 142146
IP address blocks: 95.169.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 19:17:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:80:8e:d1:58:97:5e:31:4e:a4:c1:00:86:09:2f:84:69:7c:75:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: May 11 03:42:11 2026 GMT
Not After : May 10 03:47:11 2027 GMT
Subject: CN=E5AF2BF28AB050F05D2B5B28B93AFAC840CF0043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:87:b3:a3:fd:51:72:3c:81:da:a3:ba:51:3c:
a1:59:44:a6:25:50:e7:b7:f8:86:dd:15:b2:e6:f7:
7e:13:86:7f:e6:be:89:fd:c7:8e:a4:2c:de:91:37:
a2:2e:63:ff:11:0a:29:f5:33:f4:94:1d:b3:89:c2:
d5:0a:70:06:bd:59:38:ae:30:e5:c7:36:a3:56:35:
e0:19:b0:2a:0b:dc:d4:b2:0d:27:20:00:86:6d:ac:
74:9f:70:66:60:4f:20:6a:c3:ec:46:51:32:79:f3:
0a:21:28:39:3d:dd:4d:6f:60:bc:68:64:fe:12:55:
a2:7f:db:25:65:5d:4f:78:b7:aa:03:dc:a7:f2:64:
31:1f:f7:f7:ec:c9:20:23:8e:35:ea:5c:4d:ed:a3:
a0:d8:b9:48:08:ac:36:7a:8c:ff:6d:68:c6:fa:79:
23:38:b1:c0:32:00:59:d0:15:3c:07:13:52:83:a0:
cd:6c:0d:67:bc:8f:6f:3b:e0:61:a3:75:0c:0f:3e:
95:0e:df:1a:93:a9:3e:24:0b:fa:5b:ca:b6:d9:95:
27:aa:74:6a:b3:11:9d:47:a3:93:45:c2:b5:60:c7:
80:3b:bf:c1:b1:c1:ac:db:87:95:4d:9a:59:9a:38:
8e:4c:0d:a1:6d:e2:50:69:48:d8:49:a2:fd:49:85:
3a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:AF:2B:F2:8A:B0:50:F0:5D:2B:5B:28:B9:3A:FA:C8:40:CF:00:43
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136382e302f32342d3234203d3e20313432313436.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.168.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:ce:4b:37:cc:51:e2:4d:c9:ad:79:ea:49:71:5b:7e:69:ac:
db:df:54:9e:31:15:3d:05:1a:d8:93:e0:8e:31:58:24:4f:c4:
78:d4:fe:55:ba:72:10:68:ef:52:97:6d:11:18:53:3c:17:53:
07:16:63:ca:db:c1:5e:09:92:1f:91:09:85:42:51:7b:a4:8d:
0b:d2:61:7a:a6:ff:cb:da:b5:50:4e:5f:85:1e:90:e0:d6:71:
11:02:fa:c6:c3:1e:61:09:51:df:97:3e:f2:d3:f7:6a:f4:52:
c8:93:bc:80:dc:a9:fa:50:55:cc:f3:46:3b:60:f4:e4:a6:71:
8f:d4:5e:d6:16:43:f5:06:e2:a7:77:08:e1:66:5e:18:0b:90:
58:cc:54:a8:16:9f:65:cd:5c:ff:33:28:51:49:83:82:76:4d:
3a:81:dd:eb:58:a9:7a:ff:01:c0:99:5f:93:39:4a:03:37:59:
ce:21:6a:ce:0b:5a:aa:c8:d3:96:e7:e2:3f:6d:44:d0:25:cf:
f7:de:f0:f1:12:02:02:82:f9:6f:52:e4:43:34:bc:84:f8:b3:
37:61:05:83:d1:e4:d8:8c:da:14:1e:4d:c3:64:f7:57:56:9c:
56:93:e8:32:51:32:b2:b2:cb:9e:a5:06:aa:86:39:a2:d5:67:
5e:4c:ef:a7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGICO0ViXXjFOpMEAhgkvhGl8dRcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNjA1MTEwMzQyMTFaFw0yNzA1MTAwMzQ3MTFaMDMxMTAvBgNV
BAMTKEU1QUYyQkYyOEFCMDUwRjA1RDJCNUIyOEI5M0FGQUM4NDBDRjAwNDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvh7Oj/VFyPIHao7pRPKFZRKYl
UOe3+IbdFbLm934Thn/mvon9x46kLN6RN6IuY/8RCin1M/SUHbOJwtUKcAa9WTiu
MOXHNqNWNeAZsCoL3NSyDScgAIZtrHSfcGZgTyBqw+xGUTJ58wohKDk93U1vYLxo
ZP4SVaJ/2yVlXU94t6oD3KfyZDEf9/fsySAjjjXqXE3to6DYuUgIrDZ6jP9taMb6
eSM4scAyAFnQFTwHE1KDoM1sDWe8j2874GGjdQwPPpUO3xqTqT4kC/pbyrbZlSeq
dGqzEZ1Ho5NFwrVgx4A7v8Gxwazbh5VNmlmaOI5MDaFt4lBpSNhJov1JhTqtAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU5a8r8oqwUPBdK1souTr6yEDPAEMwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM2
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzIzMTM0MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABfqagwDQYJKoZIhvcNAQELBQADggEBAEvOSzfMUeJNya156klxW35prNvfVJ4x
FT0FGtiT4I4xWCRPxHjU/lW6chBo71KXbREYUzwXUwcWY8rbwV4Jkh+RCYVCUXuk
jQvSYXqm/8vatVBOX4UekODWcREC+sbDHmEJUd+XPvLT92r0UsiTvIDcqfpQVczz
Rjtg9OSmcY/UXtYWQ/UG4qd3COFmXhgLkFjMVKgWn2XNXP8zKFFJg4J2TTqB3etY
qXr/AcCZX5M5SgM3Wc4has4LWqrI05bn4j9tRNAlz/fe8PESAgKC+W9S5EM0vIT4
szdhBYPR5NiM2hQeTcNk91dWnFaT6DJRMrKyy56lBqqGOaLVZ15M76c=
-----END CERTIFICATE-----
Generated at Wed May 13 13:35:47 2026 by rpki-client