Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3137302e302f32342d3234203d3e20323033303438.roa
File: 3134372e3132352e3137302e302f32342d3234203d3e20323033303438.roa (raw, json)
Hash identifier: WljA4/4BLeQDxzbza5jkvCkFrcRYjvT+bunBjmZ8IEY=
Subject key identifier: E1:5E:28:02:F1:FE:98:95:5F:8D:95:5F:69:B3:DC:C1:3B:27:C3:07
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 5B4BB9ED0AA43693B5C1782493C72B00C3994275
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3137302e302f32342d3234203d3e20323033303438.roa
Signing time: Mon 08 Jun 2026 13:57:53 +0000
ROA not before: Mon 08 Jun 2026 13:52:53 +0000
ROA not after: Mon 07 Jun 2027 13:57:53 +0000
asID: 203048
IP address blocks: 147.125.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 04:38:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:4b:b9:ed:0a:a4:36:93:b5:c1:78:24:93:c7:2b:00:c3:99:42:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Jun 8 13:52:53 2026 GMT
Not After : Jun 7 13:57:53 2027 GMT
Subject: CN=E15E2802F1FE98955F8D955F69B3DCC13B27C307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:08:b2:65:b4:53:2f:70:42:a8:3f:e4:5d:2b:
c1:0b:c2:9c:4b:05:c8:3f:4b:fc:8c:24:f4:d5:db:
7c:9c:df:c9:ac:fa:6e:11:97:d8:48:4d:8e:37:92:
0e:3f:96:7c:66:99:f4:9e:e4:38:7c:db:15:21:f8:
d3:4f:b8:5e:ee:44:94:68:74:69:13:d3:f8:d1:19:
b5:7e:ee:4b:6e:0f:ff:db:77:35:3f:50:2b:5a:19:
6b:5a:02:cd:2c:03:72:27:5f:ee:01:d9:40:4d:5f:
06:1b:b4:c8:e9:2e:81:e5:96:ad:2d:ba:5d:74:dc:
bc:97:5f:45:2c:4c:3b:b2:73:ff:f7:d8:e7:b4:50:
b5:63:c0:5a:ef:4e:b1:17:06:c3:f0:82:8e:73:7f:
9e:5a:c0:e2:b7:52:b1:5d:78:a6:3a:5f:16:ce:2f:
23:99:f2:2b:23:2a:7a:3e:cb:f3:98:30:97:e9:7d:
db:3b:ce:76:ca:98:1d:ee:61:1c:c9:45:09:14:03:
79:e2:fe:7d:28:3f:ae:9f:8f:a2:ab:fc:c5:73:c7:
6e:43:d7:68:43:7e:66:5e:a7:0a:e7:42:d2:ff:a3:
af:fc:9c:93:91:bf:3b:5b:cc:fc:5a:4b:a7:cd:fb:
1c:3d:25:59:5e:84:bb:6f:d4:08:a0:73:e1:47:ab:
ed:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:5E:28:02:F1:FE:98:95:5F:8D:95:5F:69:B3:DC:C1:3B:27:C3:07
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3137302e302f32342d3234203d3e20323033303438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.170.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:9d:fe:96:d2:55:11:04:84:79:4e:3d:c8:3d:0c:12:d2:ff:
d7:1f:09:29:dd:5c:3e:fe:ce:7b:46:7b:2c:ea:e1:b3:5a:c4:
df:89:60:c3:69:c7:14:00:fe:2b:64:02:00:56:9a:dc:31:ac:
60:5b:e8:10:46:ae:aa:97:1c:5d:cf:a7:05:d0:d3:0d:47:63:
15:be:dd:3f:34:83:cf:6e:05:5c:c0:f0:aa:36:a5:1f:7d:51:
9d:ac:de:4a:1d:65:c3:d2:d5:f8:bc:2b:6e:30:a8:55:e4:df:
eb:1d:fc:a5:9e:4c:a7:7e:55:23:21:fc:35:99:57:37:83:a6:
5c:ef:89:36:42:a1:4d:2f:ad:c6:de:b9:c0:d0:3e:97:a4:57:
f8:bd:d9:f5:93:9e:5b:99:84:f3:20:0d:00:74:e1:ad:c6:29:
a1:2a:94:81:a7:ba:dc:d8:48:f9:f0:c5:5d:d8:1d:e8:05:10:
51:15:8a:3c:a8:ab:a0:92:74:60:d4:67:a8:12:d7:c9:ca:a7:
e2:58:89:d8:25:85:a4:69:c2:f1:54:7c:35:c2:22:d7:25:21:
ed:d7:3a:e8:95:83:ff:67:2c:38:a1:c8:e2:9e:95:f4:03:12:
6d:57:31:d8:1e:2e:18:c0:dd:c2:0c:ca:f6:ac:e8:d0:9a:a6:
3a:d4:08:3b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUW0u57QqkNpO1wXgkk8crAMOZQnUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA2MDgxMzUyNTNaFw0yNzA2MDcxMzU3NTNaMDMxMTAvBgNV
BAMTKEUxNUUyODAyRjFGRTk4OTU1RjhEOTU1RjY5QjNEQ0MxM0IyN0MzMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnCLJltFMvcEKoP+RdK8ELwpxL
Bcg/S/yMJPTV23yc38ms+m4Rl9hITY43kg4/lnxmmfSe5Dh82xUh+NNPuF7uRJRo
dGkT0/jRGbV+7ktuD//bdzU/UCtaGWtaAs0sA3InX+4B2UBNXwYbtMjpLoHllq0t
ul103LyXX0UsTDuyc//32Oe0ULVjwFrvTrEXBsPwgo5zf55awOK3UrFdeKY6XxbO
LyOZ8isjKno+y/OYMJfpfds7znbKmB3uYRzJRQkUA3ni/n0oP66fj6Kr/MVzx25D
12hDfmZepwrnQtL/o6/8nJORvztbzPxaS6fN+xw9JVlehLtv1Aigc+FHq+1FAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU4V4oAvH+mJVfjZVfabPcwTsnwwcwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzczMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMzMwMzQzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN9qjANBgkqhkiG9w0BAQsFAAOCAQEAXp3+ltJVEQSEeU49yD0MEtL/1x8J
Kd1cPv7Oe0Z7LOrhs1rE34lgw2nHFAD+K2QCAFaa3DGsYFvoEEauqpccXc+nBdDT
DUdjFb7dPzSDz24FXMDwqjalH31RnazeSh1lw9LV+LwrbjCoVeTf6x38pZ5Mp35V
IyH8NZlXN4OmXO+JNkKhTS+txt65wNA+l6RX+L3Z9ZOeW5mE8yANAHThrcYpoSqU
gae63NhI+fDFXdgd6AUQURWKPKiroJJ0YNRnqBLXycqn4liJ2CWFpGnC8VR8NcIi
1yUh7dc66JWD/2csOKHI4p6V9AMSbVcx2B4uGMDdwgzK9qzo0JqmOtQIOw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 21:34:08 2026 by rpki-client