Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3133312e302f32342d3234203d3e203633313939.roa
File: 3134372e3132352e3133312e302f32342d3234203d3e203633313939.roa (raw, json)
Hash identifier: I+FE/wZFFYLwt6BJk0khls7h5g4uOSuGCOC1jA9dKOM=
Subject key identifier: CC:6E:F5:54:71:94:E6:18:D6:EC:ED:61:76:02:BA:83:88:02:C2:64
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 29653696B87D6DC837EFA63B15DC72A447A51602
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3133312e302f32342d3234203d3e203633313939.roa
Signing time: Fri 13 Feb 2026 07:58:06 +0000
ROA not before: Fri 13 Feb 2026 07:53:06 +0000
ROA not after: Fri 12 Feb 2027 07:58:06 +0000
asID: 63199
IP address blocks: 147.125.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:65:36:96:b8:7d:6d:c8:37:ef:a6:3b:15:dc:72:a4:47:a5:16:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Feb 13 07:53:06 2026 GMT
Not After : Feb 12 07:58:06 2027 GMT
Subject: CN=CC6EF5547194E618D6ECED617602BA838802C264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:62:bf:95:b1:a6:a2:41:f1:9f:ab:d1:58:4d:
f9:ea:99:2f:82:15:72:e3:b2:5d:c0:af:de:d1:16:
99:b7:19:3c:ed:1b:24:98:06:08:29:fc:af:19:31:
68:aa:f3:de:c1:c9:a2:76:60:6d:f4:fb:0c:03:bc:
06:20:a4:67:30:d6:0f:f1:c8:4f:e3:c4:87:6e:e0:
9b:a6:8b:b6:f4:53:88:a4:da:96:56:52:13:6c:f6:
f6:e8:70:19:6f:5a:2a:1e:c7:5f:c9:cd:d0:bd:a2:
34:4e:fc:9a:f9:dd:5f:f4:33:bb:20:ab:41:30:c5:
a3:0e:29:47:b4:55:7c:74:40:1f:8d:95:53:0d:31:
ac:fb:b5:e4:d6:16:c1:88:7d:fd:b0:cc:e6:8e:14:
9d:96:d5:2e:d0:a1:62:2e:8f:32:10:42:13:ca:1c:
c4:b0:8a:a7:11:80:19:ad:38:4a:3e:a7:90:bc:aa:
9c:47:5d:89:58:73:78:5d:e7:f8:5d:52:b7:04:a1:
dc:71:5b:a4:5c:ea:5e:ab:bd:c5:d3:5f:48:8f:f3:
76:6f:9a:5e:fb:58:c6:df:69:27:d0:a5:91:9e:a8:
89:ff:24:93:6c:96:ed:02:51:af:56:87:42:33:f8:
23:cc:3b:36:60:4c:b2:33:02:bd:f6:c8:e6:69:ed:
f8:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:6E:F5:54:71:94:E6:18:D6:EC:ED:61:76:02:BA:83:88:02:C2:64
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3133312e302f32342d3234203d3e203633313939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.131.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:30:e2:8d:f4:0d:08:74:49:09:47:f4:8f:fe:17:74:e5:6d:
2c:f8:d6:46:cf:05:e3:0a:56:66:c0:83:25:14:0f:89:d8:e1:
10:a3:14:1b:f8:51:8b:4a:55:c5:d1:09:b5:59:28:79:80:32:
00:0b:ca:b7:35:85:be:b9:50:bd:63:70:51:f2:cf:4d:9c:ab:
dd:10:7d:8a:ad:e7:a7:f4:b3:00:70:db:61:e0:42:ac:b5:60:
9c:5e:f6:d4:45:78:9f:8a:87:be:77:0e:fc:63:e4:5d:83:e3:
85:d4:a3:db:5b:46:ad:2d:47:81:fc:a8:b8:ae:36:97:ed:91:
82:9b:24:ff:31:0f:cc:58:5c:e6:a7:f7:f8:2e:27:10:04:50:
7e:c1:5b:f2:e0:10:e3:c2:bb:2e:46:97:05:32:85:33:1b:e2:
6c:ec:74:a3:90:11:5d:e8:c7:14:b9:d4:c5:ba:bc:d5:23:a3:
e2:71:8b:11:f8:45:b1:85:a4:0f:97:92:09:00:e5:d3:d2:dc:
4d:db:31:71:46:d8:2e:28:b5:65:e6:3c:eb:c3:0b:e3:5d:75:
9a:f7:58:ae:40:1e:20:7d:a8:a3:db:82:64:7f:d3:43:0d:e7:
bc:be:d7:a5:60:dd:b2:65:03:7a:f7:a7:1c:a0:4c:90:e3:9c:
aa:f3:e2:00
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKWU2lrh9bcg376Y7FdxypEelFgIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjAyMTMwNzUzMDZaFw0yNzAyMTIwNzU4MDZaMDMxMTAvBgNV
BAMTKENDNkVGNTU0NzE5NEU2MThENkVDRUQ2MTc2MDJCQTgzODgwMkMyNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsYr+VsaaiQfGfq9FYTfnqmS+C
FXLjsl3Ar97RFpm3GTztGySYBggp/K8ZMWiq897ByaJ2YG30+wwDvAYgpGcw1g/x
yE/jxIdu4Jumi7b0U4ik2pZWUhNs9vbocBlvWioex1/JzdC9ojRO/Jr53V/0M7sg
q0EwxaMOKUe0VXx0QB+NlVMNMaz7teTWFsGIff2wzOaOFJ2W1S7QoWIujzIQQhPK
HMSwiqcRgBmtOEo+p5C8qpxHXYlYc3hd5/hdUrcEodxxW6Rc6l6rvcXTX0iP83Zv
ml77WMbfaSfQpZGeqIn/JJNslu0CUa9Wh0Iz+CPMOzZgTLIzAr32yOZp7fhJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUzG71VHGU5hjW7O1hdgK6g4gCwmQwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzMzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzMzMTM5Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACTfYMwDQYJKoZIhvcNAQELBQADggEBAE8w4o30DQh0SQlH9I/+F3TlbSz41kbP
BeMKVmbAgyUUD4nY4RCjFBv4UYtKVcXRCbVZKHmAMgALyrc1hb65UL1jcFHyz02c
q90QfYqt56f0swBw22HgQqy1YJxe9tRFeJ+Kh753Dvxj5F2D44XUo9tbRq0tR4H8
qLiuNpftkYKbJP8xD8xYXOan9/guJxAEUH7BW/LgEOPCuy5GlwUyhTMb4mzsdKOQ
EV3oxxS51MW6vNUjo+JxixH4RbGFpA+XkgkA5dPS3E3bMXFG2C4otWXmPOvDC+Nd
dZr3WK5AHiB9qKPbgmR/00MN57y+16Vg3bJlA3r3pxygTJDjnKrz4gA=
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:46:08 2026 by rpki-client