Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3138312e302f32342d3234203d3e20323135313532.roa
File: 3134372e3132352e3138312e302f32342d3234203d3e20323135313532.roa (raw, json)
Hash identifier: /xlDYAtB0QMY/Fp4Jo3ESdeeoKGiJKe4Yzk1NCn40VM=
Subject key identifier: 94:78:7B:6B:3A:AB:60:58:94:AC:A8:C7:5A:F8:5C:92:96:CA:15:84
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 028B75B592D2A74EC8CEE1217C721563195FC807
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3138312e302f32342d3234203d3e20323135313532.roa
Signing time: Sun 07 Jun 2026 13:11:10 +0000
ROA not before: Sun 07 Jun 2026 13:06:10 +0000
ROA not after: Sun 06 Jun 2027 13:11:10 +0000
asID: 215152
IP address blocks: 147.125.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 04:38:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:8b:75:b5:92:d2:a7:4e:c8:ce:e1:21:7c:72:15:63:19:5f:c8:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Jun 7 13:06:10 2026 GMT
Not After : Jun 6 13:11:10 2027 GMT
Subject: CN=94787B6B3AAB605894ACA8C75AF85C9296CA1584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d7:ff:8b:2d:56:e7:75:fc:ba:fe:a0:e8:4f:
a0:31:de:c7:cb:aa:41:19:6d:b5:a6:c9:6d:74:82:
49:12:f7:82:07:77:8f:75:b1:9c:dc:ae:ae:49:e0:
70:93:1a:f2:f5:24:1d:de:a4:dc:88:f4:87:c1:05:
99:61:25:e9:d7:6c:c5:81:a8:83:98:05:85:f2:a4:
37:56:43:61:9c:81:b1:87:18:58:7d:1d:60:99:ab:
6d:e7:db:dd:02:26:06:af:03:9e:d1:de:c4:92:c4:
10:1e:94:4b:6c:8e:38:9e:5a:ea:d5:3c:6c:2e:82:
92:9b:80:07:5f:fa:74:2a:fe:c4:14:93:eb:df:77:
bb:87:59:fe:c2:5a:b3:02:74:db:fe:a7:6e:08:da:
fa:a2:16:d7:bd:2c:af:c6:42:0f:13:55:63:e8:32:
ea:76:76:55:b2:f8:d6:a4:10:29:85:c2:51:33:d6:
d2:9b:1d:8e:26:ff:fe:23:b0:c8:d1:a8:21:8c:99:
2f:b6:e4:6a:4d:fd:37:2d:a0:67:8c:95:2c:77:75:
18:1d:9b:ca:07:8c:75:3a:46:5f:20:eb:a9:2e:cc:
5f:68:91:0d:7b:14:ba:02:95:05:32:21:0b:2b:76:
0b:53:92:84:7f:23:57:fa:0a:91:53:96:6a:8a:d0:
b9:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:78:7B:6B:3A:AB:60:58:94:AC:A8:C7:5A:F8:5C:92:96:CA:15:84
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/3134372e3132352e3138312e302f32342d3234203d3e20323135313532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.181.0/24
Signature Algorithm: sha256WithRSAEncryption
31:42:c4:3e:12:bd:4d:9f:c7:89:76:06:d9:d3:8e:8d:e7:b2:
09:22:d0:eb:fd:61:21:41:d5:35:97:6c:f8:db:38:e9:62:2b:
b6:57:09:f9:3b:41:20:71:9f:eb:d2:43:20:fe:22:a8:25:36:
c7:11:3d:86:3b:ca:34:d8:c2:68:8f:a1:84:5c:ba:8f:7d:bc:
6e:4e:89:06:5b:f0:8a:93:9e:b4:73:a8:9a:5d:d8:87:8b:5c:
55:3b:eb:ba:60:bd:29:7e:b3:97:8b:a6:17:2f:fd:1c:7b:9a:
4d:06:9a:bc:cd:f2:58:3f:76:d1:8c:7f:72:24:36:d3:a6:92:
a7:aa:07:06:51:96:41:ab:a0:45:75:98:ad:73:01:51:b0:a7:
32:8a:af:60:19:6f:de:75:5f:2a:ef:e9:1f:0c:51:4a:95:29:
54:fd:d7:39:54:e2:74:f7:ae:7e:b5:b8:97:4d:89:58:0c:4f:
47:f6:60:50:4d:96:2d:90:14:81:be:2e:d3:42:43:00:78:66:
15:6c:1a:f2:cc:7c:fe:4f:2b:9e:0a:06:06:39:57:e8:80:2c:
df:30:83:f0:bb:3c:ce:8a:17:29:d8:5c:21:3a:6e:38:e2:31:
30:7b:1a:dd:4d:78:ec:37:2e:50:18:00:9a:fa:8e:eb:07:f2:
c6:f0:2e:48
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUAot1tZLSp07IzuEhfHIVYxlfyAcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjA2MDcxMzA2MTBaFw0yNzA2MDYxMzExMTBaMDMxMTAvBgNV
BAMTKDk0Nzg3QjZCM0FBQjYwNTg5NEFDQThDNzVBRjg1QzkyOTZDQTE1ODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx1/+LLVbndfy6/qDoT6Ax3sfL
qkEZbbWmyW10gkkS94IHd491sZzcrq5J4HCTGvL1JB3epNyI9IfBBZlhJenXbMWB
qIOYBYXypDdWQ2GcgbGHGFh9HWCZq23n290CJgavA57R3sSSxBAelEtsjjieWurV
PGwugpKbgAdf+nQq/sQUk+vfd7uHWf7CWrMCdNv+p24I2vqiFte9LK/GQg8TVWPo
Mup2dlWy+NakECmFwlEz1tKbHY4m//4jsMjRqCGMmS+25GpN/TctoGeMlSx3dRgd
m8oHjHU6Rl8g66kuzF9okQ17FLoClQUyIQsrdgtTkoR/I1f6CpFTlmqK0LlNAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUlHh7azqrYFiUrKjHWvhckpbKFYQwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEt
YzM4NS00YjY1LTk4NjYtNGY2MzgzMTcyNjcyLzAvMzEzNDM3MmUzMTMyMzUyZTMx
MzgzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTMxMzUzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJN9tTANBgkqhkiG9w0BAQsFAAOCAQEAMULEPhK9TZ/HiXYG2dOOjeeyCSLQ
6/1hIUHVNZds+Ns46WIrtlcJ+TtBIHGf69JDIP4iqCU2xxE9hjvKNNjCaI+hhFy6
j328bk6JBlvwipOetHOoml3Yh4tcVTvrumC9KX6zl4umFy/9HHuaTQaavM3yWD92
0Yx/ciQ206aSp6oHBlGWQaugRXWYrXMBUbCnMoqvYBlv3nVfKu/pHwxRSpUpVP3X
OVTidPeufrW4l02JWAxPR/ZgUE2WLZAUgb4u00JDAHhmFWwa8sx8/k8rngoGBjlX
6IAs3zCD8Ls8zooXKdhcITpuOOIxMHsa3U147DcuUBgAmvqO6wfyxvAuSA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 22:06:20 2026 by rpki-client