Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3133302e302f32342d3234203d3e20323031393439.roa
File: 3134372e3132352e3133302e302f32342d3234203d3e20323031393439.roa (raw, json)
Hash identifier: SkqijiQd7poOYFVAc80AHk/+gfMpYHnjlZMRCuTSfAA=
Subject key identifier: 69:E0:4F:89:CE:24:54:20:F1:9F:52:CA:A0:83:BB:DF:44:47:66:B0
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 55EA29F4630D66FDF57B8B50A2BB594C20002C4B
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3133302e302f32342d3234203d3e20323031393439.roa
Signing time: Sat 28 Feb 2026 09:00:43 +0000
ROA not before: Sat 28 Feb 2026 08:55:43 +0000
ROA not after: Sat 27 Feb 2027 09:00:43 +0000
asID: 201949
IP address blocks: 147.125.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:ea:29:f4:63:0d:66:fd:f5:7b:8b:50:a2:bb:59:4c:20:00:2c:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Feb 28 08:55:43 2026 GMT
Not After : Feb 27 09:00:43 2027 GMT
Subject: CN=69E04F89CE245420F19F52CAA083BBDF444766B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:cd:03:c1:33:c4:10:6a:a4:c1:e7:04:59:5a:
e8:a5:24:46:d7:d0:94:21:73:be:59:eb:84:32:a4:
f5:2a:14:c3:45:f6:9a:f2:08:25:31:00:2f:9b:50:
b1:aa:e8:bd:d0:8f:72:0c:07:11:5c:62:03:c2:12:
91:f0:b8:de:a8:f5:e6:a6:67:33:e1:f0:6c:86:e0:
8d:f6:45:df:a7:94:3d:04:84:e5:5e:2e:7d:b9:78:
bf:49:ec:dc:a9:ba:30:35:07:f5:31:49:e3:0f:ba:
0a:6b:28:4a:f8:43:c3:1e:19:b7:ef:d8:83:4a:52:
31:96:20:df:14:3e:96:ea:d2:ff:34:73:52:f5:10:
4e:8f:4e:31:72:a1:54:b6:d4:61:81:b8:e5:82:1e:
af:8b:f3:de:f7:ec:68:6d:fa:f3:0e:ea:d2:0e:cd:
ce:ab:d2:fd:7f:0f:2b:c6:48:59:99:ef:1a:52:92:
cf:b4:e6:72:b2:59:78:89:28:b1:f8:2f:dd:bc:03:
c2:f2:33:d9:65:9c:38:20:46:e3:c0:e4:fd:9b:5c:
31:27:aa:40:5b:42:14:41:30:d9:43:0b:14:4d:1e:
11:75:12:94:50:ad:1f:89:e6:29:b1:15:d8:00:82:
2f:36:c8:e0:6b:54:f2:f7:60:64:cd:bc:be:7f:4f:
ae:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:E0:4F:89:CE:24:54:20:F1:9F:52:CA:A0:83:BB:DF:44:47:66:B0
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3133302e302f32342d3234203d3e20323031393439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.130.0/24
Signature Algorithm: sha256WithRSAEncryption
01:2b:41:90:15:25:66:6a:dd:de:d6:a3:c2:1b:41:da:9c:32:
ca:db:49:7c:0e:b5:80:c2:8d:d7:1d:30:e3:82:57:ad:5d:95:
6a:df:fc:c7:8f:54:0c:9e:d3:15:8b:26:6c:72:3e:09:ce:1d:
3a:1b:6a:60:d9:db:c0:a5:bf:73:e2:ea:cc:47:66:d0:66:a4:
59:51:0b:32:70:03:cb:26:5a:8b:d7:59:ab:a6:e9:14:1b:1d:
3a:ad:d6:76:51:59:d6:3d:92:33:18:d0:0c:73:05:a7:ee:4e:
cd:33:ae:b4:3b:25:2e:28:40:73:23:16:95:85:d6:0d:d9:5f:
4f:62:c5:02:a9:f0:a8:16:b5:51:df:16:05:c2:b3:45:54:c6:
5a:42:40:0a:e5:4a:bf:ea:b0:44:ae:59:20:b9:e7:9d:4f:83:
8a:c0:b3:15:bd:cd:52:c4:c4:f9:23:4a:c2:ca:26:99:e4:fd:
df:69:ed:68:3d:ad:b7:65:0e:53:d6:57:c8:4a:66:70:a4:41:
d4:26:c6:59:8b:45:19:a0:35:b7:c6:75:8e:32:61:1e:6d:09:
ba:b8:62:6b:28:92:26:eb:96:4a:cf:93:fe:bb:4d:64:0d:72:
7b:17:3a:e5:1a:59:e8:2f:fe:7f:11:eb:74:5f:43:20:76:2f:
44:ff:38:29
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUVeop9GMNZv31e4tQortZTCAALEswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjAyMjgwODU1NDNaFw0yNzAyMjcwOTAwNDNaMDMxMTAvBgNV
BAMTKDY5RTA0Rjg5Q0UyNDU0MjBGMTlGNTJDQUEwODNCQkRGNDQ0NzY2QjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRzQPBM8QQaqTB5wRZWuilJEbX
0JQhc75Z64QypPUqFMNF9pryCCUxAC+bULGq6L3Qj3IMBxFcYgPCEpHwuN6o9eam
ZzPh8GyG4I32Rd+nlD0EhOVeLn25eL9J7NypujA1B/UxSeMPugprKEr4Q8MeGbfv
2INKUjGWIN8UPpbq0v80c1L1EE6PTjFyoVS21GGBuOWCHq+L89737Ght+vMO6tIO
zc6r0v1/DyvGSFmZ7xpSks+05nKyWXiJKLH4L928A8LyM9llnDggRuPA5P2bXDEn
qkBbQhRBMNlDCxRNHhF1EpRQrR+J5imxFdgAgi82yOBrVPL3YGTNvL5/T649AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUaeBPic4kVCDxn1LKoIO730RHZrAwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzMzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMTM5MzQzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN9gjANBgkqhkiG9w0BAQsFAAOCAQEAAStBkBUlZmrd3tajwhtB2pwyyttJ
fA61gMKN1x0w44JXrV2Vat/8x49UDJ7TFYsmbHI+Cc4dOhtqYNnbwKW/c+LqzEdm
0GakWVELMnADyyZai9dZq6bpFBsdOq3WdlFZ1j2SMxjQDHMFp+5OzTOutDslLihA
cyMWlYXWDdlfT2LFAqnwqBa1Ud8WBcKzRVTGWkJACuVKv+qwRK5ZILnnnU+DisCz
Fb3NUsTE+SNKwsommeT932ntaD2tt2UOU9ZXyEpmcKRB1CbGWYtFGaA1t8Z1jjJh
Hm0JurhiayiSJuuWSs+T/rtNZA1yexc65RpZ6C/+fxHrdF9DIHYvRP84KQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:16:51 2026 by rpki-client