Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3136372e302f32342d3234203d3e20323033303438.roa
File: 3134372e3132352e3136372e302f32342d3234203d3e20323033303438.roa (raw, json)
Hash identifier: oKnbCE6kb5FvXwvpxUkDHWQvtsIqLckhiRee7eANY8I=
Subject key identifier: 10:96:CD:CA:BB:95:B3:37:DE:0A:20:AC:5F:45:47:D6:79:51:07:CC
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 07FF00E1C2A47206C7B8D0AA1A7DACFF5C9BC738
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3136372e302f32342d3234203d3e20323033303438.roa
Signing time: Sat 06 Jun 2026 02:15:03 +0000
ROA not before: Sat 06 Jun 2026 02:10:03 +0000
ROA not after: Sat 05 Jun 2027 02:15:03 +0000
asID: 203048
IP address blocks: 147.125.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 04:38:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:ff:00:e1:c2:a4:72:06:c7:b8:d0:aa:1a:7d:ac:ff:5c:9b:c7:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Jun 6 02:10:03 2026 GMT
Not After : Jun 5 02:15:03 2027 GMT
Subject: CN=1096CDCABB95B337DE0A20AC5F4547D6795107CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:67:dd:ef:6d:ec:30:fd:94:bd:d2:63:78:e4:
cb:82:5c:c5:11:a4:56:28:c0:4d:5b:ca:13:c3:1e:
a7:ff:a1:32:d0:85:d3:16:04:aa:e6:86:ce:9e:fb:
df:30:b7:2d:ab:ad:e3:44:cc:2b:1f:f3:15:1d:8a:
85:a3:89:48:13:e3:4c:3b:16:2d:cf:59:ef:d5:d9:
9b:f5:e8:2d:f8:65:50:69:42:a9:55:f4:b7:ac:a4:
07:2b:c6:ff:f8:37:19:b5:04:e7:b9:d4:73:80:b8:
4a:c4:38:31:34:bc:5d:50:c0:f1:1e:3a:76:c6:7c:
a3:36:cf:49:41:f4:e3:82:f8:e2:01:5c:09:c7:b9:
54:7f:b2:3c:50:26:e3:f3:2b:73:dc:76:8a:b4:b0:
d4:6c:c9:a1:87:5d:fe:d2:62:c3:2c:2c:9f:2e:b8:
f6:7b:86:fa:68:2e:07:e5:c6:53:5f:56:0c:67:21:
24:cc:41:f9:30:8d:20:21:bf:fc:b5:8f:2f:95:28:
81:af:5a:c6:4c:22:d3:ab:79:27:c0:24:0b:1d:92:
4a:70:8e:9b:27:22:f7:fe:ae:1e:24:d5:08:20:7c:
69:7b:11:da:95:ee:35:8c:61:b7:21:44:d3:44:80:
30:fb:1b:42:c0:e9:b0:7b:88:68:f0:ad:6f:64:91:
cf:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:96:CD:CA:BB:95:B3:37:DE:0A:20:AC:5F:45:47:D6:79:51:07:CC
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3136372e302f32342d3234203d3e20323033303438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.167.0/24
Signature Algorithm: sha256WithRSAEncryption
85:25:21:2a:50:15:39:ce:80:a0:fd:51:56:4a:e3:d9:d2:06:
6c:07:7e:d0:95:aa:88:6b:a7:0d:13:f9:8a:c2:e5:59:e1:1e:
60:f5:a9:e2:44:52:ac:87:03:66:e4:c4:bf:42:d3:f2:ba:74:
b9:cf:ec:e0:21:af:1f:78:1a:3e:90:c3:99:7c:91:6d:47:65:
21:d0:18:10:c7:50:9b:b4:a0:ba:6e:22:6e:8e:f2:6a:88:15:
28:86:d4:6d:d1:2e:46:9c:79:68:cf:50:a9:00:3b:0b:2f:b8:
54:eb:fe:5f:7a:2b:bc:b2:94:8e:fa:3e:4a:fd:51:ee:0f:a8:
cd:a3:ad:09:fc:b1:77:01:51:d9:56:80:02:11:5d:6c:04:d1:
07:7b:7a:45:8a:a3:ef:98:b9:bf:30:2b:6b:ad:2f:e5:1c:6c:
5a:fe:5e:47:a4:a7:0c:d2:10:4f:08:d4:bb:29:a5:23:73:84:
af:9b:10:74:bc:ad:7d:54:75:55:6f:91:79:19:43:21:ae:31:
82:02:17:a2:09:dc:29:c3:00:9f:af:b9:54:90:8b:53:71:be:
60:7c:84:f4:45:8e:96:0e:08:af:f8:6d:a2:d2:9a:dc:ac:cb:
4b:b5:9c:ae:31:b9:54:65:e6:26:4e:d0:fd:04:8b:1d:eb:5d:
fe:4a:29:f5
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUB/8A4cKkcgbHuNCqGn2s/1ybxzgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA2MDYwMjEwMDNaFw0yNzA2MDUwMjE1MDNaMDMxMTAvBgNV
BAMTKDEwOTZDRENBQkI5NUIzMzdERTBBMjBBQzVGNDU0N0Q2Nzk1MTA3Q0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTZ93vbeww/ZS90mN45MuCXMUR
pFYowE1byhPDHqf/oTLQhdMWBKrmhs6e+98wty2rreNEzCsf8xUdioWjiUgT40w7
Fi3PWe/V2Zv16C34ZVBpQqlV9LespAcrxv/4Nxm1BOe51HOAuErEODE0vF1QwPEe
OnbGfKM2z0lB9OOC+OIBXAnHuVR/sjxQJuPzK3Pcdoq0sNRsyaGHXf7SYsMsLJ8u
uPZ7hvpoLgflxlNfVgxnISTMQfkwjSAhv/y1jy+VKIGvWsZMItOreSfAJAsdkkpw
jpsnIvf+rh4k1QggfGl7EdqV7jWMYbchRNNEgDD7G0LA6bB7iGjwrW9kkc+VAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUEJbNyruVszfeCiCsX0VH1nlRB8wwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzYzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMzMwMzQzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN9pzANBgkqhkiG9w0BAQsFAAOCAQEAhSUhKlAVOc6AoP1RVkrj2dIGbAd+
0JWqiGunDRP5isLlWeEeYPWp4kRSrIcDZuTEv0LT8rp0uc/s4CGvH3gaPpDDmXyR
bUdlIdAYEMdQm7Sgum4ibo7yaogVKIbUbdEuRpx5aM9QqQA7Cy+4VOv+X3orvLKU
jvo+Sv1R7g+ozaOtCfyxdwFR2VaAAhFdbATRB3t6RYqj75i5vzAra60v5RxsWv5e
R6SnDNIQTwjUuymlI3OEr5sQdLytfVR1VW+ReRlDIa4xggIXogncKcMAn6+5VJCL
U3G+YHyE9EWOlg4Ir/htotKa3KzLS7WcrjG5VGXmJk7Q/QSLHetd/kop9Q==
-----END CERTIFICATE-----
Generated at Sat Jun 13 20:55:43 2026 by rpki-client